Iranian hackers probably linked sponsored by the Iranian government has targeted organizations in the United States, the Middle East, and Asia, marking an exponential rise in Iranian cyber-spying.
According to a report released by a private cybersecurity firm, FireEye, the Iranian hacking group is targeting companies involved in the petrochemical industry, military, and commercial aviation in a different part of the world.
The firm has dubbed the group as APT33 — APT stands for "advanced persistent threat," and says that the group uses spearphishing emails techniques to target victims.
The security firm believes that APT33 has been active since at least 2013, but they are tracking them since last May only. The main activities of the group are largely focused on spying, but they have also found links in a mysterious piece of data-destroying malware.
"This could be an opportunity for us to recognize an actor while they’re still focused on classic espionage before their mission becomes more aggressive," said John Hultquist, director of intelligence analysis for FireEye.
"We've seen them deploy destructive tools they haven’t used. We're looking at a team whose mission could change to disruption and destruction overnight," he adds.
The report also suggests that the group's workday is same as the Iran's time zone, and Iran's Saturday to Wednesday work week.
"APT33's focus on aviation may indicate the group's desire to gain insight into regional military aviation capabilities to enhance Iran's aviation capabilities or to support Iran's military and strategic decision-making," the report says.
"Their targeting of multiple holding companies and organizations in the energy sectors align with Iranian national priorities for growth, especially as it relates to increasing petrochemical production. We expect APT33 activity will continue to cover a broad scope of targeted entities and may spread into other regions and sectors as Iranian interests dictate."
According to a report released by a private cybersecurity firm, FireEye, the Iranian hacking group is targeting companies involved in the petrochemical industry, military, and commercial aviation in a different part of the world.
The firm has dubbed the group as APT33 — APT stands for "advanced persistent threat," and says that the group uses spearphishing emails techniques to target victims.
The security firm believes that APT33 has been active since at least 2013, but they are tracking them since last May only. The main activities of the group are largely focused on spying, but they have also found links in a mysterious piece of data-destroying malware.
"This could be an opportunity for us to recognize an actor while they’re still focused on classic espionage before their mission becomes more aggressive," said John Hultquist, director of intelligence analysis for FireEye.
"We've seen them deploy destructive tools they haven’t used. We're looking at a team whose mission could change to disruption and destruction overnight," he adds.
The report also suggests that the group's workday is same as the Iran's time zone, and Iran's Saturday to Wednesday work week.
"APT33's focus on aviation may indicate the group's desire to gain insight into regional military aviation capabilities to enhance Iran's aviation capabilities or to support Iran's military and strategic decision-making," the report says.
"Their targeting of multiple holding companies and organizations in the energy sectors align with Iranian national priorities for growth, especially as it relates to increasing petrochemical production. We expect APT33 activity will continue to cover a broad scope of targeted entities and may spread into other regions and sectors as Iranian interests dictate."
from E Hacking News - Latest Hacker News and IT Security News http://ift.tt/2xx5s5p
via IFTTT
Tags:
News