Gilead Sciences, a U.S. biopharmaceutical company, has been hit by an attempted cyberattack suspected to be tied to Iran, Reuters has reported, though Iran denies any involvement.
In an article published Friday, Reuters cited publicly available web archives, two experts, two unnamed cybersecurity researchers and two other anonymous individuals familiar with the matter in reporting that Gilead was targeted by a cyberattack attempt linked to Iran in recent weeks. In one instance, a senior Gilead executive involved in legal and corporate affairs was sent a fake login page in April as part of an apparent scheme to steal online credentials.
The exact nature or results of the reported malware was not identified in the article, but Priscilla Moriuchi, director of strategic threat development at U.S. cybersecurity firm Recorded Future and a former U.S. National Security Agency analyst, told Reuters its infrastructure matched that previously attributed to “Charming Kitten,” a suspected Iranian hacking group.
A Gilead spokesperson told Newsweek that the company does “not comment on information security matters.” The Department of Defense referred Newsweek to the Department of Homeland Security, which did not immediately respond to a request for comment.
Iranian mission to the United Nations spokesperson Alireza Miryousefi denied Tehran played a role in the reported incident, or that the country conducted any form of malicious online activity.
“The Iranian government does not engage in cyber warfare,” Miryousefi told Newsweek, arguing that Iran itself was “a victim of U.S. and Israeli cyberattacks” and referencing the Stuxnet virus that ravaged Iran’s nuclear weapons program a decade ago as a “dangerous example of this.”
“Cyber activities Iran engages in are purely defensive and to protect against further attacks on Iranian infrastructure,” Miryousefi added. “Besides, the U.S., not Iran, has been one of the main member-state opponents of a universal ban of using cyber warfare in the U.N. and beyond.”
The U.S. was among the countries to oppose the final draft of a proposed U.N. Group of Governmental Experts report in 2017 regarding cybersecurity claiming it contained ambiguities on how international law could be applied to countries’ right to self-defense and lawful retaliatory measures.
But Washington has long charged Tehran with conducting such online operations around the world. Fox News reporter Trey Yingst reported Wednesday that Iran-tied cyberattacks used U.S. servers to target water facilities in Israel last week, citing unnamed sources.
A cybersecurity expert who requested anonymity told Newsweek that tracing culpability to a particular state actor could be tricky because such IP addresses “get reused all the time.” The expert added that occasionally “people say that it was Iran because Iran used that IP range or that server in past years and a lot of times they’re just assuming that it’s currently Iran.”
“A lot of times IPs and servers may be associated with specific actors, but eventually the original hackers/tenants will move on, allowing the space to be reused and adding to the confusion in attribution to any specific group,” the expert explained.
The expert also noted, however, that “Iran has the capability to target critical infrastructure including industrial control systems” as seen in previous instances attributed by U.S. intelligence to Iran-associated hackers such as an attack on rural New York’s Bowman Avenue Dam in 2013.
In addition to efforts to attain a general cyber ceasefire, the U.N. has also more recently attempted to institute a universal cessation of hostilities to allow the international community to focus on battling the novel coronavirus pandemic afflicting nearly every nation on Earth. COVID-19 was first observed in China but early on hit hard in Iran. Now the U.S. is by far the most widely-infected country in the world.
The U.S. has also hosted some of the world’s most promising research on treating a disease that has infected more than 3 million people and killed over a quarter of a million across the globe. Last week, the Food and Drug Administration granted Gilead’s remdesivir emergency authorization use for those suffering from acute COVID-19.
Trump told ABC News on Tuesday that the drug would have “a big impact” on efforts to treat the infectious illness.
In Iran, however, access to potentially life-saving drugs has been hindered by strict U.S. sanctions that, while leaving some exceptions for humanitarian assistance, have been met with over-compliance by potential suppliers fearful of retribution from the Trump administration. The State Department has promised to provide assistance to the Islamic Republic but has said such aid should be contingent on Iran releasing political prisoners and Tehran has rejected certain offers in lieu of sanctions relief.
These restrictions have been the primary point of contention between the decades-long rivals since the Trump administration walked away from a 2015 nuclear deal two years ago, arguing the accord did not go far enough in blocking Iran’s access to funding foreign militias, advancing its missile program and attaining a nuclear weapon. China, France, Germany, Russia and the United Kingdom continue to abide by the agreement though Iran has begun to reduce its own commitments as Europe failed to normalize trade ties.
U.S.-Iran diplomatic frictions have spilled over into tense, sometimes violent encounters in Iraq and the Persian Gulf region, where both countries are active. The U.S. killing of Iranian Revolutionary Guard Quds Force commander Major General Qassem Soleimani at Baghdad International Airport in January set off a new wave of unrest that continues to grip the region even in spite of the parallel threat of the coronavirus giving actors like the Islamic State militant group (ISIS) an opportunity to regroup.
As Secretary of State Mike Pompeo prepared to head to Israel next week, the State Department said Friday that “regional security issues” would be on the agenda. Asked by reporters if the issue of Iran and cyber warfare would be raised, Assistant Secretary Bureau of Near Eastern Affairs David Schenker declined to get into specifics, but said “we speak often to our friends in Israel about these risks.”
