Iran shows signs of improved hacking capabilities
Espionage effort targets country’s rivals in Mideast
Iranian hackers are waging a sophisticated espionage campaign targeting the country’s rivals across the Middle East and attacking key defense and intelligence agencies, according to a leading Israeli-American cybersecurity company, a sign of how Iran’s quickly improving cyberattacks have become a new, important prong in a shadow war.
Over the past year, hackers struck at countries including Israel, Saudi Arabia, and Jordan in a campaign linked to Iran’s Ministry of Intelligence and Security, according to a new report by the company, Check Point.
The Iranian hackers appeared to gain access to emails from an array of targets, including government staff members, militaries, telecommunications companies, and financial organizations, the report said.
The malware used to infiltrate the computers also appeared to map out the networks the hackers had broken into, providing Iran with a blueprint of foreign cyberinfrastructure that could prove helpful for planning and executing future attacks.
“The primary purpose of this operation is espionage,” security specialists at Check Point wrote in the report, adding that the approach was “notably more sophisticated compared to previous activities” that Check Point had linked to Iran.
Iran’s mission to the United Nations did not respond to an inquiry Monday about the hack. But Iran’s minister of defense, Brigadier General Mohammad Reza Ashtiani, said last week in a speech to his country’s defense officials that, given the current complex security situation in the Middle East, Iran had to redefine its national defenses beyond its geographic borders.
He said that meant utilizing new warfare strategies to defend Iran, including the use of space, cyberspace, and other ways.
Although the report did not specify what, if any, data Iran had taken, Check Point said the hacking campaign successfully broke into computers associated with the Saudi Arabian ministry of defense, and agencies, banks, and telecom firms in several other Middle Eastern countries including Jordan, Kuwait, and Oman. The report also did not specify which Israeli systems had been hacked.
A senior Israeli official dealing with cyber issues has confirmed that in recent months an attack by a group known as LionTail has been underway against government agencies and various institutions in Israel. The official said that the attacks are identified and handled by Shin Bet, Israel’s internal security agency, and the Israeli National Cyber Directorate.
The Saudi government’s Center for International Communication, which handles media inquiries, did not immediately respond to a request for comment on Monday. Jordan’s information minister did not immediately respond to a similar request.