Monday 2 June 2014

Iranians Caught Cyber Snooping on High-Value US Targets

Through an elaborate social engineering ruse that involved setting up a fake news organization, Iranian spies were able to convince thousands of valuable U.S. and Israeli targets to connect with them on social media. "The Iranians use a relatively low level of technological sophistication, but what they lacked in sophistication, they made up in creativity," said iSight's Stephen Ward.

Iranians Caught Cyber Snooping on High-Value US Targets







A cyberespionage campaign with links to Iran for at least three years has been targeting U.S. military and congressional personnel, journalists and diplomats, as well as U.S. and Israeli defense contractors and members of the U.S./Israel lobby, according to a report released Thursday by iSight Partners.
Using more than a dozen phony identities on online social networks, the spy ring managed to rope into its web of deceit more than 2,000 high-value targets, harvesting credentials or planting malware capable of stealing data from infected systems, the firm found.

"Two years ago, Iran said it wanted to develop cyberespionage capability," Stephen Ward, senior marketing director for iSight Partners, told TechNewsWorld. "They meant it -- and we're seeing that."
Ironically, the Iranian bogus persona campaign began around the time it was reported that the U.S. Central Command had awarded a contract to a California company to develop software for creating fake online personalities to spread pro-American propaganda on the Internet.
In an elaborate scheme, the Iranian cyberspies established a fake news outlet, the Newscaster Network, on major social networks -- Facebook, Google+, Twitter and LinkedIn -- and populated it with fake personas.

The personas probed high-value targets on the social media, making requests to connect. After joining a person's circle of contacts, they sent the target a link to a fake portal to the social network. When the target entered their credentials at the phony portal, the spies then could harvest them.
The credentials enabled them to enter the target's network.
"They can move from machine to machine, collecting intelligence and information on what assets are on the network and how they can be accessed, and escalate their privileges to access more sensitive information," Andrey Dulkin, senior director of cyber innovation at CyberArk, told TechNewsWorld.


No comments:

Post a Comment