This Ongoing War: A Blog: 03-Dec-14: Crippling a country's essential infrastructure: a day in the life of Iran's hacking terrorists

Wednesday, December 03, 2014

03-Dec-14: Crippling a country's essential infrastructure: a day in the life of Iran's hacking terrorists

Hackers were here: "Help me understand"

It's not as if the conventional forms of terrorism get enough attention in the right places. But however inadequate the level of attention by leaders and populations, the threat of massive destruction via computer-borne attack is barely understood, let alone appreciated and feared by ordinary citizens. This report in the New York Times ought to be making the largest of waves. But it's highly unlikely to have had that effect.

Report Says Cyberattacks Originated Inside Iran
By NICOLE PERLROTH | New York Times | December 2, 2014

Iranian hackers were identified in a report released Tuesday as the source of coordinated attacks against more than 50 targets in 16 countries, many of them corporate and government entities that manage critical energy, transportation and medical services.
Over the course of two years, according to Cylance, a security firm based in Irvine, Calif., Iranian hackers managed to steal confidential data from a long list of targets and, in some cases, infiltrated victims’ computer networks to such an extent that they could take over, manipulate or easily destroy data on those machines. Cylance called the attacks “Operation Cleaver” because the word cleaver frequently appeared in the attackers’ malicious code.
The New York Times was able to independently corroborate the firm’s findings with another security firm, Crowdstrike, which said it had been tracking the same group of Iranian hackers for the past nine months under a different alias, “Cutting Kitten”; kitten is the firm’s naming convention for attack groups based in Iran, a nod to the Persian cat.
The hackers used a set of tools that can spy on and potentially shut down critical control systems and computer networks, aiming them at targets in the United States, Canada, Israel, India, Qatar, Kuwait, Mexico, Pakistan, Saudi Arabia, Turkey, the United Arab Emirates, Germany, France, England, China and South Korea.
Cylance would identify only one of Cleaver’s victims — a Navy-Marine Corps network in San Diego that connects sailors, Marines and civilians across the United States — in its 86-page report. But it said other victims in the United States included a major airline, a medical university, an energy company that specializes in natural gas production, an automobile manufacturer, a major military installation and a large military contractor.
Cylance researchers said the hackers showed a penchant for oil and gas companies, compromising “no less than nine of these companies around the world.” They also zeroed in on universities in the United States, India, Israel and South Korea, and managed to steal pictures, passports and specific identifying information for students and faculty.
But the “most bone-chilling evidence” Cylance said it collected was of attacks on transportation networks, including airlines and airports in South Korea, Saudi Arabia and Pakistan. Researchers said they had found evidence that hackers had gained complete remote access to airport gates and security control systems, “potentially allowing them to spoof gate credentials.”

Just to flesh out the picture a little more, this extract (from "The Rise of Terrorist Hackers", Eric Schmidt and Jared Cohen, April 23, 2013, Cryptome) is part of a much longer look at how hacking is no longer what kids do in basements but poses life-and-death threats:

In 2011, the world met a twenty-one-year-old Iranian software engineer, apparently working in Tehran, who called himself Comodohacker. He was unusual compared to other hacktivists, who generally combat government control over the Internet, because as he told The New York Times via e-mail, he believed his country “should have control over Google, Skype, Yahoo!, etc.” He made it clear that he was intentionally working to thwart antigovernment dissidents within Iran. “I’m breaking all encryption algorithms,” he said, “and giving power to my country to control all of them.” Boasting aside, Comodohacker was able to forge more than five hundred Internet security certificates, which allowed him to thwart “trusted website” verification and elicit confidential or personal information from unwitting targets. It was estimated that his efforts compromised the communications of as many as three hundred thousand unsuspecting Iranians over the course of the summer. He targeted companies whose products were known to be used by dissident Iranians (Google and Skype), or those with special symbolic significance. He said he attacked a Dutch company, DigiNotar, because Dutch peacekeepers failed to protect Bosnian Muslims in Srebrenica in 1995.

No comments:

About us

THIS ONGOING WAR is not part of the activity of the Malki Foundation which was founded by us, Frimet and Arnold Roth of Jerusalem, on September 11, 2001. But it is inspired by the same tragic circumstances. The Malki Foundation (also known by its Hebrew name: Keren Malki) is a memorial to the life of our daughter, Malki who was murdered at the age of 15 in a massacre in the centre of Jerusalem carried out by Hamas.

Beyond its function as a remembrance of a beautiful life, the foundation provides tangible, concrete, invaluable support daily to several thousand Israeli families from every part of the religious and socio-economic spectrum: Christian, Moslem, Jewish, Druze and others who care at home for a seriously disabled child.

Reach us at thisongoingwar@gmail.com

Good for the soul | The Malki Foundation

If you care to make a positive and constructive contribution to the care of Israeli children with special needs - whether they're Christian, Moslem, Jewish, Druze or unconnected to any particular faith community - you can't do better than direct your donation to the work of the Malki Foundation.

It's the charitable organization we, the bloggers who produce This Ongoing War, established in 2001 in memory of our murdered daughter. Her name is Malki.

Keren Malki (in Hebrew, Keren means 'foundation' or 'fund') is efficient, effective, non-sectarian, non-political and unique in the good work it does. Thousands of families from every part of our richly diverse society here in Israel have benefited in concrete and meaningful ways. Donations to Keren Malki are tax-effective in Israel, Canada, UK and the United States.

There's also plenty of background at www.malkifoundation.org as well as on the Malki Foundation Blog.

Fair use notice

This blog may contain copyrighted material that may not have been specifically authorized by the copyright owner. Such material, published without profit, is made available for educational purposes, to advance understanding of human rights, democracy, scientific, moral, ethical, and social justice issues. It is published in accordance with the provisions of Israel's 2007 Copyright Law, the US Copyright Act of 1976, the 2004 Supreme Court of Canada ruling and similar laws in other jurisdictions.