Iranian Hackers Attack Corporate IT Networks

Uploaded on 2020-03-06 in INTELLIGENCE-Hot Spots-Iran, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, TECHNOLOGY--Hackers

Iranian groups are busy hacking companies around the world. Now, by exploiting newly disclosed bugs in VPNs, they’ve been inserting sophisticated, hard-to-find backdoors and security researchers have been warning since last August that attackers have been hacking unpatched VPN servers to gain remote access to corporate networks.

The experts at  ClearSky says that at least three advanced persistent threat groups, all with apparent ties to the Iranian government, have been hitting unpatched Fortinet, Pulse Secure and Palo Alto Networks VPN servers and Citrix remote gateways.

Computer experts working on behalf of the Islamic Republic have successfully hacked into hundreds of Israeli computers in a massive cyber-attack which was carried out last year. Citing an internal report commissioned by cyber security company ClearSky, Israeli daily Yedioth Ahronoth revealed recently that Iran successfully conducted a wide-scale data mining operation that collected intelligence information from numerous governments, including Israel.
 
The data breach also compromised "numerous companies and organizations from the IT, Telecommunication, Oil and Gas, Aviation, Government, and Security sectors around the world."

The CEO of Clearsky Boaz Dolev told reportes that despite the cyber-attack, it was unlikely Tehran was able to acquire any information concerning advanced nuclear technology. "They can't even get close to such information," he said

The ongoing campaign, which ClearSky researchers call "Fox Kitten," has been targeting numerous sectors, including IT, telecommunications, oil and gas, aviation and security, as well as several government agencies. Researchers say they have seen attackers hitting targets in the US, Israel, Australia, Saudi Arabia, Lebanon, Kuwait, United Arab Emirates and several European countries.

According to ClearSky, the cyber-attack was aimed at accomplishing four goals:

  • Develop and maintain access routes to the targeted organisations.
  • Steal valuable information from the targeted organisations.
  • Maintain a long-lasting foothold at the targeted organisations. 
  • Breach additional companies through supply-chain attacks.

"We estimate the campaign revealed in this report to be among Iran’s most continuous and comprehensive campaigns revealed until now," ClearSky say in the report.

ClearSky:     i24News:      Security Boulevard:      BankInfoSecurity:

You Might Also Read: 

Charming Kittens: Phishing Emails From Iran:

 

 

« Chinese Hackers Go After Gambling Websites
The Cyber Skills Gap Increases »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

FireEye

FireEye

FireEye delivers unmatched detection, protection and response technology through an extensible and flexible cloud-based XDR platform.

CERT-IS

CERT-IS

CERT-IS is the national Computer Emergency Response Team for Iceland.

D3 Security

D3 Security

D3's Smart SOAR platform is at the forefront of the security automation revolution, helping clients around the world to rapidly identify, analyze, and resolve advanced threats.

Mission Secure (MSi)

Mission Secure (MSi)

MSi is a specialized provider of next generation cyber defense solutions protecting control systems and critical physical assets in energy, transportation and defense.

Ericom Software

Ericom Software

Ericom is a global leader in securing and connecting the digital workspace, offering solutions that secure browsing, and optimize desktop and application delivery to any device, anywhere.

DCX Technology

DCX Technology

Recognized as a leader in security services, DXC Technology help clients prevent potential attack pathways, reduce cyber risk and improve threat detection and incident response.

Cube 5

Cube 5

The Cube 5 incubator, located at the Horst Görtz Institute for IT Security (HGI), supports IT security startups and people interested in starting a business in IT security.

Onfido

Onfido

Onfido is building the new identity standard for the internet. We digitally prove people’s real identities using a photo ID and facial biometrics.

Cyber Skyline

Cyber Skyline

Cyber Skyline is a revolutionary cloud platform to practice, develop, and measure your team's technical cybersecurity skills.

Sikich

Sikich

Sikich LLP is a leading professional services firm specializing in accounting, advisory, technology and managed services.

Halborn

Halborn

Elite blockchain cybersecurity. Award-winning ethical blockchain hackers to secure your stack end-to-end. Far beyond smart contracts.

Difenda

Difenda

Difenda Shield is a fully integrated and modular cybersecurity suite that gives your organization the agility it needs to implement a world-class cybersecurity system.

Global Market Innovators (GMI)

Global Market Innovators (GMI)

Global Market Innovators (GMI) delivers secure technology solutions to organizations in need.

c0c0n

c0c0n

c0c0n is the longest running conferences in the area of Information Security and Hacking, in India.

Increase Your Skills (IYS)

Increase Your Skills (IYS)

Armed and ready: raise awareness of cyberattacks in your company with the Full-Service Awareness Platform from IYS – fast and effective. We help you develop a robust, sustainable security strategy.

Eclypses

Eclypses

Eclypses has a disrupting cyber technology, offering organizations an advanced data security solution called MicroToken Exchange (MTE).