Skip to main content

Russian hackers piggy-backed on an Iranian cyber-espionage



Russian hackers piggy-backed on an Iranian cyber-espionage operation to attack government and industry organizations in dozens of countries while masquerading as attackers from the Islamic Republic, British and US officials said on Monday. The Russian group, known as "Turla" and accused by Estonian and Czech authorities of operating on behalf of Russia's FSB security service, has used Iranian tools and computer infrastructure to successfully hack in to organisations in at least 20 different countries over the last 18 months, British security officials said.

The hacking campaign, the extent of which has not been previously revealed, was most active in the Middle East but also targeted organisations in Britain, they said.

Paul Chichester, a senior official at Britain's GCHQ intelligence agency, said the operation shows state-backed hackers are working in a "very crowded space" and developing new attacks and methods to better cover their tracks.

In a statement accompanying a joint advisory with the US National Security Agency (NSA), GCHQ's National Cyber Security Centre said it wanted to raise industry awareness about the activity and make attacks more difficult for its adversaries.


"We want to send a clear message that even when cyber actors seek to mask their identity, our capabilities will ultimately identify them," said Chichester, who serves as the NCSC's director of operations.

Officials in Russia and Iran did not immediately respond to requests for comment sent on Sunday. Moscow and Tehran have both repeatedly denied Western allegations over hacking.

Global hacking campaigns

Western officials rank Russia and Iran as two of the most dangerous threats in cyberspace, alongside China and North Korea, with both governments accused of conducting hacking operations against countries around the world.

Intelligence officials said there was no evidence of collusion between Turla and its Iranian victim, a hacking group known as "APT34" which cyber-security researchers at firms including FireEye FEYE.O say works for the Iranian government.

Rather, the Russian hackers infiltrated the Iranian group's infrastructure in order to "masquerade as an adversary which victims would expect to target them," said GCHQ's Chichester.

Turla's actions show the dangers of wrongly attributing cyber-attacks, British officials said, but added that they were not aware of any public incidents that had been incorrectly blamed on Iran as a result of the Russian operation.

The United States and its Western allies have also used foreign cyber-attacks to facilitate their own spying operations, a practice referred to as "fourth party collection," according to documents released by former US intelligence contractor Edward Snowden and reporting by German magazine Der Spiegel.

GCHQ declined to comment on Western operations.


By gaining access to the Iranian infrastructure, Turla was able to use APT34's "command and control" systems to deploy its own malicious code, GCHQ and the NSA said in a public advisory.

The Russian group was also able to access the networks of existing APT34 victims and even access the code needed to build its own "Iranian" hacking tools.

© Thomson Reuters 2019
Labels:

Comments

Post a Comment

Popular posts from this blog

Unusual websites

1. BugMeNot - instantly get disposable login details for any popular website that forces you to register. 2. DailyLit - read your favorite books by email (on your PC, mobile, etc.). 3. FranceRadio - neat MP3 Search Engine that lets you Find, Play and Download favorite MP3s for FREE. 4. Google SMS - provides mobile users with a quick access (via SMS) to a wide range of practical information and tools (i.e. business listings (pizzerias, shops, etc.), weather, movie listings, driving directions, currency converter and lots more. 5. Podlinez - listen to your favorite podcasts from any phone. Just enter the RSS feed URL for the desired podcast and get a free-toll number to access it from a phone. 6. RetailMeNot - locate fresh discount coupons for thousands of web merchants and services right from your browser toolbar. Video demo . 7. SoLow - on a daily basis SoLow auctions 4 different items (iPhones, HD Screens, etc.). Anyone with a mobile/PC can participate in the auctions by ...
Post a Comment
Read more

7 website to Update your life other than Facebook

There are many other websites other than FB,G+,Twitter to update your social life.I will list some of them here. 1. eHow eHow teaches you wide array of skills on different topics step-by-step. The content is created by its team of writers, called experts, who create how-to guides on topics from personal hygiene to food recipes. You can learn anything from making a Raspberry Pi Alarm clock to making a scarecrow for your garde 2. http://www.wikihow.com/ WikiHow is another how-to site teaching us how to do things in an organized manner, but it has been modeled as a Wiki. At eHow, the staff themselves are paid to create the guides, but at Wikihow, eveyone can edit, modify, and delete content. So, it’s not just about learning — you can also teach others the valuable skills 3. http://www.howstuffworks.com/ HowStuffWorks is another wonderful website to broaden your horizons, providing you with very unique and interesting information on a wide range of topics. It contains ...
Post a Comment
Read more

BitTorrent-Powered Ad-Free YouTube Alternative

YouTube accounts for more than a billion visitors every month, but it is not a secret that it has its weaknesses, especially when it comes to monetizing controversial content . Such weaknesses can be avoided by the recently launched BitTorrent-powered alternative. https://www.bitchute.com/ BitChute has launched, offering to hand freedom back to its users. The new service has a familiar layout for a video streaming platform: it features similar video controls, view counts, tools to vote on content, and a comment section. It is known that video content hosting platforms consume the obscene amounts of bandwidth, and therefore big hosting bills usually accompany their success.  However, BitChute does not utilize central servers – instead, it uses WebTorren t, a system which allows people to share content directly from their browser, without any additional configuration or installation. In other words, the users of the platform become hosts of the videos they’re watching, thus bringing ...
Post a Comment
Read more