Hackers referred to as the New World Hackers began what was described as the ‘worst-ever’ cyberattack on Iran’s banking system where they attacked more than 20 Iranian banks and made away with large amounts of sensitive information. Earlier, Iran International reported that an Iranian organisation tried to get $3m back by paying to the hackers to stop sharing the data leaked as has reported by Politico.
The cyber attack targeted 20 of the 29 active credit institutions of Iran which include the Bank of Industry and Mines, Mehr Interest-Free Bank, Post Bank of Iran and numerous other banks that have international branches making the future of the financial sector of the Islamic Republic insecure. Preliminary estimations indicated that this could be one of the biggest cyberattacks on the Iranian state apparatus to this date, but Iranian authorities did not comment on the matter.
The group which has been involved in hacking in the past, including recent ones such as Snapp Food and Tapsi is said to have perpetrated the act. The group is said to have infiltrated the Iran’s banking system via Tosan which carries out data services for the Iran’s financial institutions with the aim of stealing sensitive information from both the private banks and the Central Bank of Iran.
This cyberattack exposes new risks in Iran’s banking sectors, which are not properly guarded despite the rise of cyber threats and the absence of stiff laws, and penalties for companies that poorly protect users’ information. Given the fact that millions of users have been attacked with such incidents, including breaches of their personal data from such services as food delivery or ride-hailing, there is an imperative need for the reform of Iran’s regulatory frameworks to protect the users’ data and to deter the future cyber threats.
In light of these damages the attacks also present fundamental challenges for the Iranian government as it continues to work towards defending itself against cyber threats; let alone securing the nation’s financial sector from these malicious attacks that compromise important information.