Russian Hackers Posed as ISIS to Hack French TV Channel

slide3_001.png

Last April, the French television broadcaster TV5 Monde was hacked. The attack took its TV channels off the air as well as posted rogue content on its website and social feeds.

The perpetrators, purportedly, were part of an ISIS-linked hacking group called CyberCaliphate. Now, French authorities believe a group of Russian-sponsored hackers known as APT28 are behind the TV5Monde’s attack and framed the CyberCaliphate. Cybersecurity experts with knowledge of APT28 agree with this hunch.

APT28 has been around for quite some time and has been known to perform cyberespionage for the Russian government. The cybersecurity firm FireEye released a report about APT28’s operations in October of 2014, describing its source as coming from a "government sponsor based in Moscow.”"

That report was published over 6 months ago and FireEye has continued studying APT28’s operations. Laura Galante, FireEye’s director of threat intelligence, says it sees evidence of APT28 being behind the TV5 Monde hack. According to Galante, the infrastructure used to attack the broadcasting company was similar to APT28’s. Further, the website where CyberCaliphate took credit for the attack was register "in the same domain box where we’ve seen APT28 register other infrastructure," Galante said. 

All the same, the French target appears a bit out of nature for the Russian hacking group. According to FireEye’s first report, APT28 generally targets "insider information related to governments, militaries, and security organizations that would likely benefit the Russian government."

More, the hacking group’s operations are generally in the name of espionage and not simply to wreak public havoc.  
Galante agreed that this attack would be a "divergence" from APT 28’s usual tactics. At the same time, she told Business Insider that FireEye has seen "media or influencers being targeted" by these groups.

Business Insider:       Paul Wayne

« US Government Employee Hack & the Future of Warfare
Europol: Dozens Arrested in Cybercrime Sweep »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

QuintessenceLabs

QuintessenceLabs

QuintessenceLabs offers a suite of Data Security technology, products and solutions to secure digital information in-transit, at-rest or in-use.

BitSight Technologies

BitSight Technologies

BitSight transforms how companies manage information security risk with objective, verifiable and actionable Security Ratings.

Onspring

Onspring

Onspring is the cloud-based platform of choice for governance, risk and compliance (GRC) teams and business operations experts across multiple industries.

Clearswift

Clearswift

Clearswift is trusted by businesses, governments and defense organizations globally for its Adaptive Cyber Security and Data Loss Prevention solutions.

Trapezoid

Trapezoid

Trapezoid is a cybersecurity company developing Firmware Integrity Management solutions designed to detect unauthorized changes to firmware & BIOS across the entire data center infrastructure.

Telelogos

Telelogos

Telelogos is a European provider of Enterprise Mobility Management software, Digital Signage software and Data Transfer and Synchronization software.

Egnyte

Egnyte

Egnyte delivers secure content collaboration, compliant data protection and simple infrastructure modernization; all through a single SaaS solution.

Assertion

Assertion

Assertion secures your collaboration (UC/CC) systems from cyber risks. Enforcing the right set of controls and monitoring them continually brings down risk to acceptable levels.

TROOPERS

TROOPERS

TROOPERS InfoSec event consists of two days of high-end training, followed by a two-day, three-track conference, culminating in Roundtables on the final day.

Bradley-Morris

Bradley-Morris

Bradley-Morris is a leading recruiting firm specializing in transitioning military and veteran talent into civilian careers including Cybersecurity.

Cryptyk

Cryptyk

CRYPTYK CLOUD is the first complete enterprise-class cloud security solution that includes cloud storage and broad protection against all external and internal threats.

Mosaic Insurance

Mosaic Insurance

Mosaic is a next-generation global specialty insurer distinguished by an exceptional team, agile technology, and a structure that combines Lloyd’s of London strength with a global distribution network

DTS Systeme

DTS Systeme

DTS Systeme is an IT service provider with a focus on the core areas of datacenter, technologies and IT security.

Atlantic Data Security

Atlantic Data Security

Atlantic Data Security is skilled in the analysis, recommendation, deployment, and management of all critical components of the security infrastructure.

BrainStorm

BrainStorm

BrainStorm Threat Defense takes a new human-focused approach to security awareness that traditional training lacks. It’s a cutting-edge platform to make your users more security savvy.

Automotive Information Sharing & Analysis Center (Auto-ISAC)

Automotive Information Sharing & Analysis Center (Auto-ISAC)

Auto-ISAC provides a forum for companies to analyze and identify threats sooner and share solutions that enhance vehicle cybersecurity.