The top US intelligence official confirmed for the first time that Iran was behind a cyber attack against Las Vegas Sands Corp. last year, reports Bloomberg News.
Identifying Iran as the perpetrator came more than a year after the 10th February, 2014, attack against the world’s largest gambling company, which crippled many of the computer systems that help run the $14 billion operation. Billionaire Sheldon Adelson, Sands’ chairman and chief executive officer and top shareholder, is a leading US supporter of Israel and of Republican political candidates.
James Clapper, the director of national intelligence, told the Senate Armed Services Committee Thursday that the attack by Iran, followed by the hacking of Sony Corp. by North Korea in November, marked the first destructive cyber-assaults on the US by nation-states. Iran’s role in the attack that crippled operations at several of Sands’ US casinos was reported in December by Bloomberg Businessweek.
“While both of these nations have lesser technical capabilities in comparison to Russia and China, these destructive attacks demonstrate that Iran and North Korea are motivated and unpredictable cyber-actors,” Mr Clapper said.
He also said the cyber threat from Russia is “more severe than we have previously assessed,” without elaborating.
Computer attacks such as those by Iran and North Korea are more likely to threaten the US in the future than a single massive assault crippling the country’s infrastructure, he aded.
“Rather than a ‘cyber-Armageddon’ scenario that debilitates the entire US infrastructure, we envision something different,” Mr Clapper said in a report on global threats submitted to the Senate committee. “We foresee an ongoing series of low-to-moderate level cyber-attacks from a variety of sources over time, which will impose cumulative costs on US economic competitiveness and national security.”
Clapper’s report marks a departure from past US warnings about the type of Internet attacks that the country will face. Former Defense Secretary Leon Panetta warned in 2012 of a “cyber Pearl Harbor” that could paralyze the country.
Attacks may include not only hacking but “supply-chain operations to insert compromised hardware or software,” Mr Clapper said. At the same time, detection has improved so that attackers can no longer assume that their identities will stay concealed, he said.
