Late last week, The Iranian Cyber Army (ICA), a hacking group, announced it would join dozens of others and become a Cyber Arms Dealer. They intend to sell/rent botnets for spamming and distributed denial of service (DDoS) attacks. ICA boasts of successful attacks against social networking web site like Twitter and others. This is far from the first time malicious code or DDoS capabilities that are being sold online and it surely will not be the last. Back in the spring of 2010 an advertisement was stumbled across that offered DDoS services. The advertisement stated that those offering the service would DDoS a web site for a 24 hour period for as little as the equivalent of $600 USD. It should be noted that the ICA and other officials seem to have gone out of their way to make it know the announcement is in no way related to the recent Stuxnet incident. Cyber Intelligence analysts are skeptical of that claim.
Intelligence sources acknowledge their suspicion that the ICA is connected to and influenced by the Iranian government. In the past few months these suspicions have increased after the political messages by the ICA and official statements made by a government administrator of Iran’s aviation industry defending the ICA and its actions were made publicly. Based on known activities, the ICA has a threat rating of 3.75 on a scale of 1 being low and 5 being high.
This announcement clearly indicates the further maturing of the cyber weapons marketplace which concerns security professionals in business, government and the military. What many find troubling is that with the increase in cyber arms dealers, competition among those dealers is increasing driving down prices and demanding innovative cyber weapons designs.