A cyberespionage campaign with links to Iran for
at least three years has been targeting U.S. military and congressional
personnel, journalists and diplomats, as well as U.S. and Israeli
defense contractors and members of the U.S./Israel lobby, according to a
report released Thursday by
iSight Partners.
Using more than a dozen phony identities on online social networks,
the spy ring managed to rope into its web of deceit more than 2,000
high-value targets, harvesting credentials or planting malware capable
of stealing data from infected systems, the firm found."Two years ago, Iran said it wanted to develop cyberespionage capability," Stephen Ward, senior marketing director for iSight Partners, told TechNewsWorld. "They meant it -- and we're seeing that."
Ironically, the Iranian bogus persona campaign began around the time it was reported that the U.S. Central Command had awarded a contract to a California company to develop software for creating fake online personalities to spread pro-American propaganda on the Internet.
In an elaborate scheme, the Iranian cyberspies established a fake news outlet, the Newscaster Network, on major social networks -- Facebook, Google+, Twitter and LinkedIn -- and populated it with fake personas.
The personas probed high-value targets on the social media, making requests to connect. After joining a person's circle of contacts, they sent the target a link to a fake portal to the social network. When the target entered their credentials at the phony portal, the spies then could harvest them.
The credentials enabled them to enter the target's network.
"They can move from machine to machine, collecting intelligence and information on what assets are on the network and how they can be accessed, and escalate their privileges to access more sensitive information," Andrey Dulkin, senior director of cyber innovation at CyberArk, told TechNewsWorld.
No comments:
Post a Comment