Cybersecurity Comes to the Fore in Iran
EghtesadOnline: With the exponential growth of online services and application of modern technologies to all aspects of life, governments around the globe are facing new threats in the form of malware and cyber attacks. In order to outline the Iranian government’s activities in the field of cybersecurity, a conference was held at the ICT Ministry earlier this week.
Iran’s Computer Emergency Response Team Coordination Center (Iran CERTCC) provided an overview of the organization’s efforts to protect the country from cyber attacks.
During the meeting held at the ICT Ministry on Tuesday, Head of the Iran CERTCC Mohammad Taslimi detailed hackers’ attacks on government websites and the public in the first five months of the current Iranian year which started in March, reported ICT Ministry’s website.
Taslimi said during the period 600 websites were hijacked which were recovered in time. The organization has also protected 3,000 government web pages and countered 53 malware attacks, Financial Tribune reported.
When it comes to smartphones, the center has spotted 69 malicious mobile applications, blacklisted them and reported the identities of the culprits behind their spread.
Furthermore, Taslimi said they have detected a major security vulnerability in 30,000 MikroTik routers widely used in Iran and adopted precautionary measures.
He added that in the face of looming cybersecurity threats, “Iran CERTCC collaborates with all countries around the globe.”
The center has had over 200 cases of correspondences with different cybersecurity centers in various countries.
Tasks and Responsibilities
One of the most challenging tests faced by the Iran CERTCC occurred back in April when a nationwide attack targeted the country’s Internet Service Providers, operators of databases and network infrastructure.
Head of the CERTCC noted that they had warned domestic companies ahead of the attack and told them to install a patch that could have prevented the hack. In a short span of time after the attack, systems were rebooted and operational.
Another part of the center’s job description is the assessment of the security of government websites, which is a constant task for the institution.
Among the remaining responsibilities of the Iran CERTCC are expanding cloud services which cover 3,000 government websites, and protecting them from Distributed Denial of Service (DDOS) attacks and preventing hacks.
A denial-of-service attack is a cyber attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet.
Furthermore, the Iran CERTCC has established 35 specialized centers to prevent and counter cyber attacks in all provinces around the country.
One of the greatest achievements of the center is the foundation of Motoshub, which is a smart system that designs online social networks. Motoshub is supposed to help local businesses’ growth by creating domestic social networks.
They have also held seminars on child and family protection on the Internet, and have overall raised awareness on security aspects of the cyberspace.
Rapid Response Teams
Head of Tehran Province’s Communications and Information Technology office was also present at the conference and stressed the need for the establishment of rapid response teams to tackle cyber attacks and security breaches on the Internet with the aim of protecting major offices in the province as well as the executive branch of government.
During the same meeting, Morteza Rezaei said in order to form such rapid response teams, companies and state bodies need to hold training courses for employees.
Pointing to the ICT Ministry’s responsibility to provide security on the Internet, Rezaei called on the ministry to enhance its collaborations with related authorities.
Rezaei broke the news that they are to establish a system designed to connect experts at the Iran CERTCC with network security specialists in different state bodies.
According to the official, the system can be of help when there needs to be coordination among government bodies to repel cyber attacks.