The operator expects 'even greater participation' for its second draw scheduled for December 28
uae2 hours ago
An Iranian hacking group has increased their cyber espionage operations against Middle Eastern organisations in retaliation against the recent sanctions that were reimposed on the Iranian government, a new investigation by an intelligence-led security firm has revealed.
FireEye, which has majority of its Middle Eastern clients in Saudi Arabia and the UAE, noticed cyberattacks being launched between July 2 to July 29 and were targeting companies in the energy sector. Recently, the US President Donald Trump also withdrew from the nuclear deal that was signed in 2015.
The hacking group, called APT33, were sending phishing emails masked as messages from a Middle Eastern oil and gas company.
"In July we observed a significant increase in activity from this Iran affiliated APT group. The APT33 operation primarily focused on the energy sector, which has been affected by recent sanctions that were placed on Iran," said Alister Shepherd, the Middle East and Africa director for Mandiant at FireEye.
"The motivation behind the operation is uncertain, but it's possible that the attackers were using spear phishing to facilitate the theft of intellectual property or to subsequently cause disruption in retaliation to the sanctions. It's imperative for companies to ensure they are capable of quickly detecting and responding to these intrusion attempts."
Shepherd said that the phishing emails had increased by 10 folds in this time period. The hackers were using Farsi in the coding and were operating on Iranian time.
The firm is certain that the aim behind the cyberattacks was to "search for strategic intelligence capable of benefiting a government or military sponsor".
"The reality is that when we are looking at the timing, this isn't timing embedded in a piece of software that's been altered, this is us in many instances actively watching the attacker. The days these hackers are working are from Saturday to Wednesday, which fits in with the Iranian week. The reality is that when it happens consistently over time, it's a strong indicator. We also see Farsi language being used," Shepherd said.
Since 2013, the group has targeted military and commercial organisations in the aviation and energy sectors with a main goal of intellectual property theft. APT has previously targeted multiple industries based in the US, Saudi Arabia, Japan and South Korea.
"Malware leveraged by APT in previous operations demonstrate destructive capabilities in addition to credential-theft and data exfiltration," the firm said.
The firm expects the cyber attacks to continue because of the current geopolitical climate.
The operator expects 'even greater participation' for its second draw scheduled for December 28
uae2 hours ago
Many residents are reclaiming their time – and their wellbeing – by squeezing in a workout before they go home
uae2 hours ago
If tests reveal shared genetic risks, some critical questions will arise: Would you marry the one you love? What are the alternatives?
uae2 hours ago
City, who were held to a 1-1 draw by Everton, have just one victory to show for their last 13 matches across all competitions
football10 hours ago
Earlier, in 2007, Dr Singh praised the labour laws of the Emirates and described the country as hospitable and safe for all residents
asia11 hours ago
The two-time PM died at Delhi's All India Institute of Medical Sciences (AIIMS) on Thursday. He was 92
world11 hours ago
It was Fulham's first win at Stamford Bridge since 1979 and put a dent in second-placed Chelsea's title hopes
football11 hours ago
The academician had served as Prime Minister of the nation for 10 years
asia11 hours ago