The Central Bank of Iran (CBI) and several other banks in the country fell victim to a significant cyberattack on August 14, 2024. This incident has sent shockwaves through the already tense geopolitical climate in the Middle East. While the full extent of the damage and the culprit behind the attack remain unclear, initial reports suggest this could be one of the largest cyberattacks ever launched against Iranian state infrastructure.
Central Bank of Iran Cyberattack in Detail
According to The Jerusalem Post, all the computer systems of the banks in Iran were paralyzed following the cyberattack. Iranian citizens were the first to experience the impact of the attack. Reports surfaced of widespread ATM failures across the country, with users encountering error messages when attempting to withdraw cash. This disruption in essential banking services immediately raised concerns about the attack’s scope and potential consequences.
Many users posted a note stuck onto the ATM machines in Iran which read, “Dear customers, it is impossible to withdraw money from this ATM. This is because all of Iran’s national budget and resources have been allocated to the wars and the corrupt religious leaders of the Islamic Republic regime. “We are very sorry.”
Saudi-affiliated Iran International news outlet reported that hackers stole information belonging to account holders in Iran’s largest bank.
Heightened Geopolitical Tensions Reason Behind Cyberattack?
Earlier on Wednesday, Iran’s supreme leader, Ayatollah Ali Khamenei, reacted to the cyberattack and said, “The exaggeration of our enemies’ capabilities is intended to spread fear among our people by the US, Britain, and the Zionists. The enemies’ hand is not as strong as it is publicized. We must rely on ourselves. The enemy’s goal is to spread psychological warfare to push us into political and economic retreat and achieve its objectives.”
“This cyberattack comes at a time of heightened international scrutiny of Iran’s actions in the region as Iran vows to retaliate for the assassination of Hamas leader Ismail Haniyeh earlier this month. The leaders of the UK, France, and Germany issued a joint statement warning Iran that it “will bear responsibility” for any attacks against Israel, which could further escalate regional tensions and jeopardize efforts towards a cease-fire and hostage-release deal.” reported the Israeli website Israel Hayom.
Information regarding the specific techniques used in the attack and the attackers’ motivations remains unknown. This lack of transparency makes it difficult to assess the full extent of the damage and the potential long-term effects.
Not the First Time
The success of this week’s cyberattack raises questions about Iran’s cybersecurity posture. Iran has been a target of numerous cyberattacks in recent years, including the one on the Central Bank of Iran that was targeted by hackers. In the beginning of 2023, Reuters reported that Iran’s telecommunications infrastructure company had foiled a cyberattack on CBI.
Anonymous and other global hacking groups had threatened to launch cyberattacks on Iranian institutions and officials in support of anti-government protests and to bypass internet censorship there.
Amir Mohammadzadeh Lajevardi, head of the Infrastructure Communications Company, said the central bank was targeted by a distributed denial-of-service (DDoS) attack In January 2023. The attacks attempt to cripple servers by overwhelming them with internet traffic. These incidents suggest a potential need for Iran to invest in robust cybersecurity measures to protect its critical infrastructure.
As the investigation into this attack continues, one thing seems certain: the landscape of cyberwarfare is constantly evolving, and nations around the globe must be prepared to defend themselves against sophisticated attacks targeting critical infrastructure. Governments and financial institutions must prioritize cybersecurity investments to protect critical infrastructure from cyberattacks.