Connect with us

Hi, what are you looking for?

Jewish Business News

Politics

Iran Hackers Behind Cyber Attacks on Israel — ClearSky Report Says

Saudi Arabia hit even worse.


Iran's President Hassan Rouhani smiles while replying to a question during a news conference on the sidelines of the 69th United Nations General Assembly at United Nations Headquarters in New York

Israel has been attacked by Iranian cyber terrorists, according to report from the firm ClearSky. A group identified as Ajax Security is reportedly behind the attacks which were carried out on a number of different Middle Eastern countries.

The report is titled, “Thamar Reservoir: An Iranian cyber-attack campaign against targets in the Middle East.”

In fact, Israel was not even the worst hit by the group. It only came in second by total number of hacks made against it, with only 14% of the total directed at Israeli institutions. This was far behind the number one country on the list, Saudi Arabia, which was the victim of 44% of Ajax’s hacks, ClearSky reports.

This makes sense since Iran and the Saudis are currently fighting a proxy war in Yemen, supporting opposite sides in the current civil war there. Other countries victimized included Yemen, Pakistan, The United Arab Emirates, Egypt and Morocco.

Countries in other parts of the world such as Venezuela, England and Canada were also hit. Perhaps because it is also an oil producing nation, Venezuela came in 4th overall with 11% of all of the attacks made by Ajax having been directed against the South American nation.

According to ClearSky, 40 different Israeli targets were hit. These included employees at security companies, high-ranking Israel Defense Forces reservists, and also academics involved research on the Middle East and Iran at universities around the country. The attacks date back to 2011.

clearsky

How they worked:

The attacks succeeded by using various infiltration techniques. These included: Breaching trusted websites to set up fake pages; Using multi-stage malware; Sending multiple spear phishing emails based on reconnaissance and information gathering; Phone calls to the target; Messages on social networks.

“While very successful in their attacks – the attackers are clearly not technically sophisticated. They are not new to hacking, but do make various mistakes – such as grammatical errors, exposure of attack infrastructure, easy to bypass anti analysis techniques, lack of code obfuscation, and more, ” stated ClearSky.

The firm stated that it could tell that the Iranians were behind the cyber terrorism because of the methods used. “Various characteristics of the attacks and their targets bring us to the conclusion that the threat actors are Iranian, ” stated the report.

The characteristics shared with previously documented activities were:
Attacks conducted using the Gholee malware, which we discovered.
Attacks reported by Trend Micro in Operation Woolen-Goldfish.
Attacks conducted by the Ajax Security Team as documented by FireEye.
Attacks seen during Newscaster as documented by iSight.

Read the full report here.

Newsletter



Advertisement

You May Also Like

World News

In the 15th Nov 2015 edition of Israel’s good news, the highlights include:   ·         A new Israeli treatment brings hope to relapsed leukemia...

Entertainment

The Movie The Professional is what made Natalie Portman a Lolita.

Travel

After two decades without a rating system in Israel, at the end of 2012 an international tender for hotel rating was published.  Invited to place bids...

VC, Investments

You may not become a millionaire, but there is a lot to learn from George Soros.

Advertisement