Russian Hackers Posed as ISIS to Hack French TV Channel

slide3_001.png

Last April, the French television broadcaster TV5 Monde was hacked. The attack took its TV channels off the air as well as posted rogue content on its website and social feeds.

The perpetrators, purportedly, were part of an ISIS-linked hacking group called CyberCaliphate. Now, French authorities believe a group of Russian-sponsored hackers known as APT28 are behind the TV5Monde’s attack and framed the CyberCaliphate. Cybersecurity experts with knowledge of APT28 agree with this hunch.

APT28 has been around for quite some time and has been known to perform cyberespionage for the Russian government. The cybersecurity firm FireEye released a report about APT28’s operations in October of 2014, describing its source as coming from a "government sponsor based in Moscow.”"

That report was published over 6 months ago and FireEye has continued studying APT28’s operations. Laura Galante, FireEye’s director of threat intelligence, says it sees evidence of APT28 being behind the TV5 Monde hack. According to Galante, the infrastructure used to attack the broadcasting company was similar to APT28’s. Further, the website where CyberCaliphate took credit for the attack was register "in the same domain box where we’ve seen APT28 register other infrastructure," Galante said. 

All the same, the French target appears a bit out of nature for the Russian hacking group. According to FireEye’s first report, APT28 generally targets "insider information related to governments, militaries, and security organizations that would likely benefit the Russian government."

More, the hacking group’s operations are generally in the name of espionage and not simply to wreak public havoc.  
Galante agreed that this attack would be a "divergence" from APT 28’s usual tactics. At the same time, she told Business Insider that FireEye has seen "media or influencers being targeted" by these groups.

Business Insider:       Paul Wayne

« US Government Employee Hack & the Future of Warfare
Europol: Dozens Arrested in Cybercrime Sweep »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Skybox Security

Skybox Security

Skybox combines firewall and network device data with vulnerability and threat intelligence, putting security decisions in your unique network context.

Continuum

Continuum

Continuum is the IT management platform company that allows Managed IT Services Providers to maintain and back up on-premise and cloud-based servers, desktops, mobile devices and other endpoints

Seric Systems

Seric Systems

Seric is a technology business specialising in security, infrastructure and data management.

In Fidem

In Fidem

In Fidem specializes in information security management, with a bold approach that views cybersecurity as a springboard to organizational transformation rather than a barrier to innovation.

MDSec

MDSec

MDSec is a consultancy with a passion for information security. Our consultants specialise in application, mobile and hardware security and targeted red team attacks.

Aeries Technology

Aeries Technology

Aeries is a technology services organization offering capabilities in Technology Services, Digital Transformation, and Business Process Management.

Davinsi Labs

Davinsi Labs

Davinsi Labs helps companies achieve Digital Service Excellence with specialized Security Intelligence and Service Intelligence solutions.

Memcyco

Memcyco

Memcyco is a provider of cutting-edge digital trust technologies to empower brands in combating online brand impersonation fraud, and preventing fraud damages to businesses and their clients.

Daisy Corporate Services

Daisy Corporate Services

Daisy is one of the largest providers of communications and IT solutions across the UK, with a portfolio spanning unified communications, cloud, cyber security and resilience.

CyberSecAsia

CyberSecAsia

CyberSecAsia series conference is the one and only decision-makers gathering for CISO and info security experts in Asia.

FoxPointe Solutions

FoxPointe Solutions

FoxPointe Solutions is a full-service cyber risk management and compliance firm.

Xantaro

Xantaro

Xantaro specializes in technologies, software and services for Carriers, ISPs, Hosting and Cloud Providers as well as for Operators of Data Centres and Campus Networks.

Helix Tech Consulting

Helix Tech Consulting

Helix Tech have expertise in a wide range of technology areas, including IT strategy, infrastructure design, cybersecurity, disaster recovery, cloud, data centers, IT cost optimization, and more.

Kaavalan

Kaavalan

Kaavalan was founded with a mission and a vision to protect you against cyber threats in the connected world.

Ory Corp

Ory Corp

Ory's IAM/CIAM solutions are designed to empower businesses with the tools they need to protect their users, services and things, and maintain compliance.

Crytica Security

Crytica Security

Crytica Security is revolutionizing cybersecurity with its patented Rapid Detection & Alert (RDA) system providing real-time malware detection in seconds.