8-11-18 Cyber News

Iran Cyber Issues


Accenture published a security report a while ago saying that Iranian state institutions have perpetrated a growing number of international cyber-attacks for profit in recent months.

Those increased efforts seem to be focused on making profit rather than dealing other types of damage.

Research conducted since the start of this year indicates that Iranian state hackers used several ransomware tools to carry out those for-profit cyber attacks, and were linked to the Iran’s Islamic Revolutionary Guard Corps (IRGC) and similar state bodies.

We have seen in the past when the sanctions on North Korea started to be a burden they turned to the cyber world and started to launch sophisticated cyber attacks which aimed to steal money; one of the biggest heists attempted to steal more than $4 billion US. This attack was suspected to be linked to North Korea, and now the same thing is happening with Iran. As the world sanctions start to become a burden, they are perfecting their cyber attacks to focus on stealing money rather than using it to obtain intelligence or information.

Just a reminder: in 2016 Iran was the first country that was blamed by the US president for performing a cyber attack against the USA on a critical infrastructure site, trying to gain physical access on a dam in New York.

Iran cyber forces are considered to be experienced, and they were linked to several  financial and intelligence campaigns during the recent years.

Fake Russian and Iranian bot networks revealed


It seems not only governments are worried about Iran; several companies made announcements related to Iran within the last month.

Facebook announced that they removed 652 pages and accounts from their platform.
These accounts originated from Iran and Russia, but were designed to mislead others about who the accounts really were. Soon after, Twitter also released a statement saying that they closed nearly 300 accounts for the same reasons.

Google followed too and released a statement saying that they have deleted 39 YouTube channels and 19 other web pages connected to the Islamic Republic of Iran Broadcasting, a state-run media outlet, citing “attempted state-sponsored hacking and influence campaigns.”

In Google’s case they concluded the manipulations started during 2017.

The network of accounts promoted narratives across the social media platforms about U.S policies favourable to Iran such as the US-Iran nuclear deal and other issues.

These findings were made thanks to an alert from cyber intelligence firm EEyE, which tipped the companies off with indicators they identified related to those fake accounts network. This helped them to start the investigation and root out accounts that were used to perform manipulations and distributed false news.

Telegram, the end of an era ?


Telegram Messenger is recently gaining popularity and is widely used around the world because of its positioning as more secure messenger than others.

One of the strong points of Telegram is that they actively and continuously refused to share sensitive data about the users with governments.

Telegram is a Russian company, and as a result there was a long fight between Telegram and the Russian authorities. The Russian authorities insisted that Telegram provide them with the decryption keys needed to unlock the content and see conversations. Telegram refused until last week, when they announced that they agreed to transfer information about terrorists to the Secret Service based on a court decision.

So if you thought Telegram is more secure than other apps, maybe you should reflect about another Russian company called Kaspersky and make the right choice for you.


Leave a Reply