Russian Hackers Posed as ISIS to Hack French TV Channel

slide3_001.png

Last April, the French television broadcaster TV5 Monde was hacked. The attack took its TV channels off the air as well as posted rogue content on its website and social feeds.

The perpetrators, purportedly, were part of an ISIS-linked hacking group called CyberCaliphate. Now, French authorities believe a group of Russian-sponsored hackers known as APT28 are behind the TV5Monde’s attack and framed the CyberCaliphate. Cybersecurity experts with knowledge of APT28 agree with this hunch.

APT28 has been around for quite some time and has been known to perform cyberespionage for the Russian government. The cybersecurity firm FireEye released a report about APT28’s operations in October of 2014, describing its source as coming from a "government sponsor based in Moscow.”"

That report was published over 6 months ago and FireEye has continued studying APT28’s operations. Laura Galante, FireEye’s director of threat intelligence, says it sees evidence of APT28 being behind the TV5 Monde hack. According to Galante, the infrastructure used to attack the broadcasting company was similar to APT28’s. Further, the website where CyberCaliphate took credit for the attack was register "in the same domain box where we’ve seen APT28 register other infrastructure," Galante said. 

All the same, the French target appears a bit out of nature for the Russian hacking group. According to FireEye’s first report, APT28 generally targets "insider information related to governments, militaries, and security organizations that would likely benefit the Russian government."

More, the hacking group’s operations are generally in the name of espionage and not simply to wreak public havoc.  
Galante agreed that this attack would be a "divergence" from APT 28’s usual tactics. At the same time, she told Business Insider that FireEye has seen "media or influencers being targeted" by these groups.

Business Insider:       Paul Wayne

« US Government Employee Hack & the Future of Warfare
Europol: Dozens Arrested in Cybercrime Sweep »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

InformationWeek

InformationWeek

InformationWeek is the world's most trusted online community for business technology professionals like you.

Hodgson Russ

Hodgson Russ

Hodgson Russ is a US business law firm. Practice areas include Privacy, Data Breach & Cybersecurity.

Cybernetica

Cybernetica

Cybernetica is an ICT company with activities in e-government, marine comms, data analysis and research in information security technologies.

Intrusion

Intrusion

Intrusion provides IT professionals with the most robust tool set available for performing in-depth research and analysis of network traffic.

NSO Group

NSO Group

NSO Group develops technology that enables government intelligence and law enforcement agencies to prevent and investigate terrorism and crime.

Accredia

Accredia

Accredia is the national accreditation body for Italy. The directory of members provides details of organisations offering certification services for ISO 27001.

OXO Cybersecurity Lab

OXO Cybersecurity Lab

OXO Cybersecurity Lab is the first dedicated cybersecurity incubator in the Central & Eastern Europe region.

oneclick

oneclick

oneclick is a central access and distribution platform in the cloud, enabling the management of the entire technology stack for application provisioning.

Quantifind

Quantifind

Quantifind enables financial crimes/fraud analysts and investigators to make better decisions, faster, with intelligent automation.

SyncDog

SyncDog

SyncDog is a leader in enterprise security and the preeminent vendor for containerized mobile application security across cloud & on-premise computing environments.

Cybertronium

Cybertronium

Cybertronium is a leader in managing cyber risk. We bring you the latest from the complex, ever-evolving online threat environment with the insights to inspire and the expertise to act.

Moore ClearComm

Moore ClearComm

Moore ClearComm is part of Moore Kingston Smith a leading UK firm of accountants and business advisers. Our services include Data Privacy, Cyber Security, Business Continuity and Information Security.

Eventus Security

Eventus Security

Eventus, are a team of highly skilled professionals who are committed to deliver excellence in next generation cyber security services and customized solutions for your enterprise.

Merlin Ventures

Merlin Ventures

Merlin Ventures is a strategic investor focused on driving growth and value for cybersecurity software companies with market-leading potential.

Genix Cyber

Genix Cyber

Genix Cyber provides world-class cybersecurity services that protect systems, cloud applications, infrastructure, critical data, and networks from evolving cyber threats.

ClearSale (CLSA3)

ClearSale (CLSA3)

Clearsale’s innovative fraud solutions combine advanced technology with a passionate team of seasoned experts that understand every client’s unique needs.