Iranian Mobile Operator Creates Cyber Emergency Response Team

The main mobile operator Mobile Telecommunication Company of Iran (MCI) has established a computer emergency response team, named MCI CERT that will help educate the people about cybersecurity and assist them in case of emergencies.

A section has been added to MCI’s website (mci.ir) specific to the team. In its status, the team says MCI CERT is a security incident management and handling team, responsible for receiving, coordinating, and handling ICT related security incidents.

MCI has about 47 million active users. According to the company, the activities of the team will not be limited to MCI subscribers and MCI CERT is open to collaboration with other operators and ICT related firms.

Furthermore, MCI says that one of its goals in establishing the team is to create a trusted database and emergency center that people can turn to when facing a cyber attack. It also plans to provide up-to-date reports on trending online threats guiding users how to evade them.

In case of detecting a cyber attack, people can report them via email to cert@mci.ir or contact phone number 021-81713333.

The team also publishes blog posts on cyber attacks that people are most likely to face. Three of the threats reviewed by MCI CERT are impostor apps, Wangiri fraud and malwares.

>Impostor Apps

MCI CERT warns smartphone users against downloading fake apps that can potentially give hackers unfettered access to personal information through cellphones.

Fake versions of popular apps like Avast, WhatsApp, Waze, and Facebook have been released by hackers.

MCI’s team recommends the people to only download mobile applications from trusted sources like well-known app markets or developers’ website.

>Wangiri Fraud

Cautioning users against a phone fraud that originated in Japan named Wangiri (literally, one ring and cut), the team says the people should avoid returning calls made by unknown international numbers. The scam involves a computer dialing a large number of mobile phone numbers at random.

The numbers appear as missed calls on the recipients’ handsets. Believing a legitimate call was cut off, or simply curious, users are enticed to call back.

Once they return the missed call they will be re-routed to premium rate number overseas and will be subsequently billed exorbitant sums for the privilege of listening to pre-recorded messages.

>Malwares

In addition to publishing an extended list of malware in categories, MCI CERT has published several blog posts discussing individual malicious softwares, how they impact people and how they can be countered.

The team has published a list of malwares which affect smartphones, namely  Dresscode, Android/Samsapo, Shedun, Acnetdoor, Lena, Selfmite, FakeDoc, JollyServ, Ksapp, Kidlogger, SMSilence/SMSCatcher, TigerBot, Smack, Saiva, Loicdos, Locker/SLocker Ransomware, and GPspy, Finspy.

A short introduction about each malicious program is also available on the website. Just like most expert teams MCI CERT strongly recommends installing antivirus programs on handsets and keeping them updated.