WASHINGTON—U.S. officials said Iran hacked unclassified Navy computers in recent weeks in an escalation of Iranian cyberintrusions targeting the U.S. military.
The allegations, coming as the Obama administration ramps up talks with Iran over its nuclear program, show the depth and complexity of long-standing tensions between Washington and Tehran.
The U.S. officials said the attacks were carried out by hackers working for Iran's government or by a group acting with the approval of Iranian leaders.
The most recent incident came in the week starting Sept. 15, before a security upgrade, the officials said. Iranian officials didn't respond to requests to comment.
The allegations would mark one of the most serious infiltrations of U.S. government computer systems by Iran. Previously, Iranian-backed infiltration and surveillance efforts have targeted U.S. banks and computer networks running energy companies, current and former U.S. officials have said.
In the Navy's case, the Iranian intruders penetrated an unclassified computer network that is used for email and the service's internal intranet, the officials said.
The U.S. officials said they didn't believe Iranian agents stole information of significant value, but the incident sparked concerns within the Pentagon because it showed a more potent Iranian hacking capability than previously believed and suggested the Iranians have the ability to access military data.
Defense Secretary Chuck Hagel and Chairman of the Joint Chiefs of Staff Gen. Martin Dempsey were briefed on the intrusions and on the department's attempts to upgrade its network, U.S. officials said. Congress has also been also briefed on the intrusions, other U.S. officials said.
The Pentagon wouldn't confirm the alleged Iranian hacks. A department spokesman said its networks are attacked daily.
"We take these attempts seriously and work to learn lessons from every one of them," the spokesman said.
There has been a growing recognition among U.S. military and intelligence officials that Iranian cyber-capabilities, once discounted as minimal, now pose a significant threat.
The stepped up Iranian cyber-activities are of particular concern to U.S. officials given the Iranian regime's increasingly aggressive behavior in recent years in other arenas.
"Their ability to also play in this [cyber] sandbox compounds that concern," a U.S. official said.
President Barack Obama and Iranian President Hasan Rouhani spoke on Friday, as U.S. and Iranian officials try to restart negotiations over Iran's nuclear program.
But behind the potential for a thaw in relations is an aggressive Iranian military that in recent years has aspired to counter U.S. and Israeli adversaries, relying on extremist groups and sophisticated offensive techniques at sea and in international espionage.
Iran's elite Islamic Revolutionary Guard Corps, with an overseas component known as the Qods Force, was implicated by U.S. officials in a 2011 plot to kill Saudi Arabia's ambassador in Washington.
Iran has denied those allegations and called them politically motivated.
Iran counters by complaining about the computer virus known as Stuxnet—developed by the U.S. and Israel, according to former American officials—which sabotaged elements of Iran's nuclear program and was uncovered in 2010. Iran also complains about constant U.S. threats to use military force.
The latest reports of infiltration took U.S. defense officials by surprise and showed the Iranians had gained greater capability than many in the U.S. government believed, officials said.
"Iran is very active," said James Lewis, a former State Department official and cybersecurity specialist at the Center for Strategic and International Studies. "They're better than we thought."
As recently as last year, U.S. intelligence officials said that they considered Iran's capabilities unimpressive. That view has changed over the past year.
One reason that Iran's hacking capabilities have improved so quickly is a growing partnership with Russian cybercriminals, according to current and former officials briefed on the matter.
"They're getting help from the Russians," Mr. Lewis said. He added that Russian spy services tightly control cyber activities in Russia and that cybercriminals "don't do things" without government permission.
At the Russian Embassy in Washington, press secretary Yevgeniy Khorishko denied a government role, saying, "such statements are absolutely untrue."
Iranian interest in the Navy is driven, Mr. Lewis said, by the presence of American warships in the Persian Gulf and along Iran's coastline.
"They feel empowered by this new military capability," Mr. Lewis said. "They now have the ability to strike a target that was once out of range."
U.S. officials said there was no information on the location or operational plans of Navy ships in the Persian Gulf on the unclassified system.
The most recent intrusion prompted the Navy to take down the unclassified system for significant security upgrades.
The system penetrated, the Navy Marine Corps Internet, makes up the majority of the Navy's unclassified computer system and contains the email accounts for officials as senior as the secretary of the Navy, the chief of naval operations and commandant of the Marine Corps.
Officials said the email accounts of the top officials weren't compromised.
Other officials said the hackers gained access to a portion of the system that would have allowed them to change the configuration of the network.
The Obama administration has been weighing whether to take offensive measures against Iran for its attacks on and infiltrations of U.S. systems. People familiar with the discussions say officials had appeared to be leaning in favor of action, but also are weighing whether to see what materializes from the start of U.S.-Iran talks.
White House spokeswoman Laura Lucas said she was "not in a position" to confirm the internal discussion. "It continues to be our policy that we shall undertake the least action necessary to mitigate cyberthreats," she said.
The security upgrades to NMCI took place over two days last week, causing intermittent disruptions.
The series of Iranian intrusions revealed a weakness in the Navy network and a shortcoming in the service's defenses compared with other unclassified military networks, according to U.S. officials.
Once the intruders got into the Navy computer system, they were able to exploit security weaknesses to penetrate more deeply into the unclassified network, the officials said.
Some officials briefed on the infiltration said intruders relied on a relatively unsophisticated method to gain entry. The officials said the military's network security—even on unclassified systems—is best calibrated for defending against more sophisticated attacks.
Aaron Alexis, the accused gunman in the Washington Navy Yard shootings on Sept. 16, was working on a contract to upgrade equipment on the NMCI network.
But officials said there was no connection between the timing of the Iranian attack on the NMCI network and the Navy Yard shooting. While the most recent hack occurred after the rampage shootings, the Iranian intrusions began well before the killings at the Navy Yard.
DON'T FORGOT JOIN WITH US
No comments:
Post a Comment