We have long-since warned companies they are on the front lines of a war with nation states such as Iran, Russia, China and North Korea. Countries have tremendous resources and are able to more easily find weaknesses in unprotected systems.
The U.S. has warned businesses about attacks from Iran in the past and as recently as yesterday. In fact, the country has indicted numerous Iranians for hacking financial institutions as well as a dam in Rye, New York.
This attack was the first documented case of a hack by a foreign concern which could have taken a life.
Thankfully, due to the time of year when the hack took place, no one was injured or worse.
After the recent unprovoked missile attack by Iran on a U.S. Navy drone, President Trump decided not to attack in a physical manner with the associated loss of life but instead launched a cyberattack on Teheran targeted at the groups which launched the missile and recent tanker attacks.
Last August, Trump last year signed a classified order known as National Security Presidential Memorandum 13, which officials say authorized Cyber Command to take action abroad without specific presidential approval. The new approach was empowered by language Congress inserted last year in a defense bill, which provided new authorities for offensive military cyber operations.
The general in charge of the push, Paul Nakasone, has spoken about the new policy in cryptic terms such as “persistent engagement,” and “defending forward,” without explaining what that means. Multiple current and former American officials briefed on the matter say military hackers are breaking into foreign networks, striking at enemy hackers and planting cyber bombs that would disable infrastructure in the event of a conflict.