Iran group hacks avi­a­tion, petrochemi­cal in­dus­tries

Truro Daily News - - WORLD -

DUBAI, United Arab Emi­rates — A group of hack­ers sus­pected of work­ing in Iran for its govern­ment is tar­get­ing the avi­a­tion and petrochemi­cal in­dus­tries in Saudi Ara­bia, the U.S. and South Korea, a cy­ber­se­cu­rity firm warned Wed­nes­day.

The re­port by FireEye also said the sus­pected Ira­nian hack­ers left be­hind a new type of mal­ware that could have been used to de­stroy the com­put­ers it in­fected, an echo of two other Iran-at­trib­uted cy­ber­at­tacks tar­get­ing Saudi Ara­bia in 2012 and 2016 that de­stroyed sys­tems.

Iran’s of­fice at the United Na­tions did not im­me­di­ately re­spond to a re­quest for com­ment Wed­nes­day and its state me­dia did not re­port on the claims. How­ever, sus­pected Ira­nian hack­ers long have op­er­ated with­out car­ing if peo­ple found it was them or if there would be con­se­quences, mak­ing them in­cred­i­bly dan­ger­ous, said Stu­art Davis, a di­rec­tor at one of FireEye’s sub­sidiaries.

“To­day, with­out any reper­cus­sions, a neigh­bour­ing coun­try can com­pro­mise and wipe out 20 in­sti­tu­tions,” Davis said. FireEye, which of­ten works with gov­ern­ments and large cor­po­ra­tions, refers to the group as APT33, an acro­nym for “ad­vanced per­sis­tent threat.” APT33 used phish­ing email at­tacks with fake job op­por­tu­ni­ties to gain ac­cess to the com­pa­nies af­fected, fak­ing do­main names to make it look like the mes­sages came from Boe­ing Co. or de­fence con­trac­tors.

Newspapers in English

Newspapers from Canada

© PressReader. All rights reserved.