Tag: StateBacked | Page 2

Iran: State-Backed Hacking of Activists, Journalists, Politicians

December 5, 2022/in Computer Security

(Beirut) – Hackers backed by the Iranian government have targeted two Human Rights Watch staff members and at least 18 other high-profile activists, journalists, researchers, academics, diplomats, and politicians working on Middle East issues in an ongoing social engineering and credential phishing campaign, Human Rights Watch said today.

An investigation by Human Rights Watch attributed the phishing attack to an entity affiliated with the Iranian government known as APT42 and sometimes referred to as Charming Kitten. The technical analysis conducted jointly by Human Rights Watch and Amnesty International’s Security Lab identified 18 additional victims who have been targeted as part of the same campaign. The email and other sensitive data of at least three of them had been compromised: a correspondent for a major US newspaper, a women’s rights defender based in the Gulf region, and Nicholas Noe, an advocacy consultant for Refugees International based in Lebanon.

“Iran’s state-backed hackers are aggressively using sophisticated social engineering and credential harvesting tactics to access sensitive information and contacts held by Middle East-focused researchers and civil society groups,” said Abir Ghattas, information security director at Human Rights Watch. “This significantly increases the risks that journalists and human rights defenders face in Iran and elsewhere in the region.”

For the three people whose accounts were known to be compromised, the attackers gained access to their emails, cloud storage drives, calendars, and contacts and also performed a Google Takeout, using a service that exports data from the core and additional services of a Google account.

Various security companies have reported on phishing campaigns by APT42 targeting Middle East-focused researchers, civil society groups, and dissidents. Most of them identify APT42 based on targeting patterns and technical evidence. Organizations such as Google and the cybersecurity companies Recorded Future, Proofpoint, and Mandiant have linked APT 42 to Iranian authorities. Identifying and naming a threat actor helps researchers to identify, track, and link hostile cyber…

Source…

State-backed forces and organized crime are the biggest threats to cyber security: Zhou Hongyi

September 26, 2021/in Internet Security

2021 World Internet Conference Wuzhen Summit Photo: CFP

The continuous activities from state-backed forces and organized crime have become the biggest threat to cyber security, warned Zhou Hongyi, Chairman and CEO of Qihoo 360 Technology Co, during the 2021 World Internet Conference Wuzhen Summit on Sunday, calling for new digital methods to tackle cyber threats.

In his address at the summit held in Wuzhan, East China’s Zhejiang Province, Zhou said that individual hackers had become a thing of the past as now online attacks are usually made by organized criminal organizations and state-backed forces, which have become the biggest threats to cyber security.

Not only the targets, methods or damages of cyberattacks are breaking the norms but new forms of strikes to supply chains, installation of ransomware, and locking of industrial control equipment continue to challenge imagination. Cyber threats will surpass traditional security threats and become the biggest hazard in the digital age, Zhou said.

Data has become a new target of cyberattacks as everything is programmable and interconnected in the digital age. In the future, if data within one company is hacked, it will directly result in the shutdown of the company. It can be predicted that government management, operations of companies and basic of necessities of people will be built on data and internet, which will raise global vulnerabilities to unprecedented levels, Zhou noted.

In the past years, the Qihoo 360 Technology has detected 46 APT organizations from overseas which have launched roughly 3,600 attacks on more than 20,000 targets, including China’s scientific research and development organs, government institutes and universities. Only in the first half of 2021, 360 attacks were detected from 12 overseas APTs against China, according to Zhou.

Last year, Qihoo 360 discovered a series of attacks against China’s scientific research institutions, aerospace and petroleum industries, and large internet companies by a hacking organization affiliated with the CIA for over a decade.

“The discovery led 360 to become the only internet company sanctioned by the US,” Zhou told reporters in Wuzhen.

Over the years, some…

Source…

A new state-backed hacker group is hijacking government domains at a phenomenal pace – TechCrunch

May 4, 2019/in Internet Security

A new state-backed hacker group is hijacking government domains at a phenomenal pace TechCrunch

A few months ago, researchers at Cisco’s Talos cybersecurity unit sounded the alarm after discovering a previously undiscovered hacker group targeting a core …

“HTTPS hijacking” – read more