Left Menu
Development News Edition

UPDATE 1-Hacking the hackers: Russian group hijacked Iranian spying operation, officials say


UPDATE 1-Hacking the hackers: Russian group hijacked Iranian spying operation, officials say
Image Credit: StoryBlocks

Russian hackers piggy-backed on an Iranian cyber-espionage operation to attack government and industry organisations in dozens of countries while masquerading as attackers from the Islamic Republic, British and U.S. officials said on Monday. The Russian group, known as "Turla" and accused by Estonian and Czech authorities of operating on behalf of Russia's FSB security service, has used Iranian tools and computer infrastructure to successfully hack in to organisations in at least 20 different countries over the last 18 months, British security officials said.

The hacking campaign, the extent of which has not been previously revealed, was most active in the Middle East but also targeted organisations in Britain, they said. Paul Chichester, a senior official at Britain's GCHQ intelligence agency, said the operation shows state-backed hackers are working in a "very crowded space" and developing new attacks and methods to better cover their tracks.

In a statement accompanying a joint advisory with the U.S. National Security Agency (NSA), GCHQ's National Cyber Security Centre said it wanted to raise industry awareness about the activity and make attacks more difficult for its adversaries. "We want to send a clear message that even when cyber actors seek to mask their identity, our capabilities will ultimately identify them," said Chichester, who serves as the NCSC's director of operations.

Officials in Russia and Iran did not immediately respond to requests for comment sent on Sunday. Moscow and Tehran have both repeatedly denied Western allegations over hacking.

GLOBAL HACKING CAMPAIGNS

Western officials rank Russia and Iran as two of the most dangerous threats in cyberspace, alongside China and North Korea, with both governments accused of conducting hacking operations against countries around the world. Intelligence officials said there was no evidence of collusion between Turla and its Iranian victim, a hacking group known as "APT34" which cybersecurity researchers at firms including FireEye https://www.fireeye.com/current-threats/apt-groups.html say works for the Iranian government.

Rather, the Russian hackers infiltrated the Iranian group's infrastructure in order to "masquerade as an adversary which victims would expect to target them," said GCHQ's Chichester. Turla's actions show the dangers of wrongly attributing cyberattacks, British officials said. They added they were unaware of any public incidents incorrectly blamed on Iran as a result of the Russian operation, though.

"Our main intent right here is to point out that there's a lot of false flagging going on out there and we want to make sure our national security systems that we're trying to defend are aware," said Doug Cress, a division chief within the NSA's newly formed Cybersecurity Directorate. The United States and its Western allies have also used foreign cyberattacks to facilitate their own spying operations, a practice referred to as "fourth party collection," according to documents released by former U.S. intelligence contractor Edward Snowden and reporting https://www.spiegel.de/international/world/new-snowden-docs-indicate-scope-of-nsa-preparations-for-cyber-battle-a-1013409-2.html by German magazine Der Spiegel.

GCHQ declined to comment on Western operations. "Collection efforts which leverage other infrastructure and the capability of peers, such as this, offer a low-cost, high-reward way to conduct operations while potentially confusing attribution," explained FireEye director of intelligence analysis John Hultquist.

By gaining access to the Iranian infrastructure, Turla was able to use APT34's "command and control" systems to deploy its own malicious code, GCHQ and the NSA said in a public advisory. "I would say they are extremely talented and effective. They're someone we keep a close eye on because we're worried about them damaging our national security systems," Cress said about Turla.

The Russian group was also able to access the networks of existing APT34 victims and even access the code needed to build its own "Iranian" hacking tools.

Also Read: Malaysia fines 80 people, groups for alleged 1MDB payments

(This story has not been edited by Devdiscourse staff and is auto-generated from a syndicated feed.)


TRENDING

OPINION/BLOG/INTERVIEW

Hyderabad Encounter: Time to review modern judiciary and restore people’s confidence

Its probably for the first time in the history of independent India, the parliamentarians, chief ministers and ministers in the Union and State governments are openly supporting an encounter. This indicates the people from top to bottom hav...

What happens to your outstanding loans if the bank falls?

... ...

Time for a change! Innovations to stop the growing plastic pollution

As the planet is drowning in plastic pollution, many new innovative approaches and solutions have emerged to effectively deal with the menace....

How to avoid fake universities and fishing bait like Farmington

As education sharks are roaming around to prey, we present a guide on how to mitigate hunters and reach to a genuine universityinstitute. In this era of commercialization of education, the fake universities and economic frauds in educationa...

Videos

Latest News

Rush at Sabarimala continues, income touches over Rs 69 crore

Rush at Sabarimala continues, income touches over Rs 69 crore Sabarimala, Dec 8 PTI With the Lord Ayyappa temple in Sabarimala witnessing a heavy flow of devotees, the income of the shrine has touched over Rs 69 crore in the first 20 days ...

Trapped gold miners found dead in South Africa

Johannesburg, Dec 8 AFP Four gold miners trapped underground after a tremor caused a rockfall in northeast South Africa have been found dead, their union said Sunday. A fifth miner was rescued with serious injuries on Friday after the accid...

43 killed as massive blaze sweeps through four-storey building in north Delhi

In one of the worst fire accidents in the city, 43 people were killed after a massive blaze ripped through a four-storey building housing illegal manufacturing units in north Delhis Anaj Mandi area on Sunday morning, police and fire officia...

Here are six spas in Philadelphia which will help you relax and unwind!

Vacatiniong in Philadelphia and looking for some good quality spas to help yourself relax and unwind Here are six good quality hotels that are offering spa and will help you find the best suitable place. A visit to The Logan, just off the B...

Give Feedback