Freelance hackers growing menace
Mercenary groups selling stolen data to governments
MONTPELIER, Vt.— Onan October morning in 2012, the system administrator of a tiny Vermont defense contractor arrived at work to find the business’ computers had been hacked and a sophisticated software program stolen. Prosecutors later concluded the thieves were a group of Iranians who sold the software to organizations within the Iranian government.
The hack, revealed in an indictment unsealed last week, shows that mercenary hackers who sell stolen data to unfriendly governments are a growing threat to defense contractors, experts say.
“They are essentially nonsanctioned espionage groups,” said BrianWallace, the lead security data scientist for the Irvine, Calif.-based company computer security company Cylance Inc. “The government doesn’t create them, they don’t own them. They operate and get almost (all) of their income fromthe government.”
The company, Arrow Tech Associates, makes software used to monitor projectiles in flight.
Arrow Tech President Charles Hillman said the firm was able to track the hackers’ every keystroke, which helped the FBI trace the intrusion to three Iranians. “We were very impressed with what they got done in just a few hours,” he added.
Iranian officials in Washington referred an emailed question on the issue from The Associated Press to “the pertinent department.” There was no further reply.
Theeight-count indictment released lastweek alleged that from at least 2007 throughMay 2013 threemenbroke into computers in“Vermontand elsewhere.” It said the group also stole software from an unidentified Western aerospace company in July 2012.
Such hacks are a growing threat for defense contractors, said Phil Sussman, the president of NorwichUniversity Applied Research Institutes, which works on cybersecurity issues at the private Vermont military college.
“In the last five or six years anyways, it has been common knowledge that these kinds of services are readily available on the darkweb and could be purchased,” Sussman said.
Wallace said such arrangements are not exclusive to Iran.
“We can see a lot of similar activities coming out of Russia where you had independent hacking groups that don’t work directly for the Russian government, but they do have very strong ties to the Russian government,” he said.