Cyberwarfare and Iran

(Redirected from Cyberwarfare by Iran)

Cyberwarfare is a part of the Iranian government's "soft war" military strategy. Being both a victim and wager of cyberwarfare,[1] Iran is considered an emerging military power in the field.[2] Since November 2010, an organization called "The Cyber Defense Command" (Persian: قرارگاه دفاع سایبری; Gharargah-e Defa-e Saiberi) has been operating in Iran under the supervision of the country's "Passive Civil Defense Organization" (Persian: سازمان پدافند غیرعامل; Sazeman-e Padafand-e Gheyr-e Amel) which is itself a subdivision of the Joint Staff of Iranian Armed Forces.[3]

According to a 2014 report by Institute for National Security Studies, Iran is "one of the most active players in the international cyber arena".[4] In 2013, a Revolutionary Guards general stated that Iran has "the 4th biggest cyber power among the world's cyber armies."[5][6] According to a 2021 report by a cyber-security company, "Iran is running two surveillance operations in cyber-space, _targeting more than 1,000 dissidents".[7]

As of 2024, Iran's cyber activities have advanced, particularly in their precision and intelligence-gathering capabilities, allowing for more accurate and _targeted attacks against Israel. Following directives from Iran's supreme leader Ali Khamenei after the October 7 attacks, cyber operations expanded, including joint efforts with Hezbollah. Despite these advances, Iran's cyber capabilities still fall short of Israel's, with Iranian hackers' skills being likened to those of mid-level organized crime gangs. However, Israeli officials remain concerned that Iran could rapidly enhance its capabilities, particularly through potential cooperation with Russia.[8]

Background

edit
 
Cyberwarfare specialists of the United States Army's 782nd Military Intelligence Battalion (Cyber) supporting the 3rd Brigade Combat Team, 1st Cavalry Division during a training exercise in 2019.

Cyberwarfare is the use of cyber attacks against an enemy state, causing comparable harm to actual warfare and/or disrupting vital computer systems.[9] Some intended outcomes could be espionage, sabotage, propaganda, manipulation or economic warfare.

There is significant debate among experts regarding the definition of cyberwarfare, and even if such a thing exists.[10] One view is that the term is a misnomer since no cyber attacks to date could be described as a war.[11] An alternative view is that it is a suitable label for cyber attacks which cause physical damage to people and objects in the real world.[12]

Many countries, including the United States, United Kingdom, Russia, China, Israel, Iran, and North Korea,[13][14][15][16] have active cyber capabilities for offensive and defensive operations. As states explore the use of cyber operations and combine capabilities, the likelihood of physical confrontation and violence playing out as a result of, or part of, a cyber operation is increased. However, meeting the scale and protracted nature of war is unlikely, thus ambiguity remains.[17]

The first instance of kinetic military action used in response to a cyber-attack resulting in the loss of human life was observed on 5 May 2019, when the Israel Defense Forces _targeted and destroyed a building associated with an ongoing cyber-attack.[18][19]

Iranian cyber defense system - digital fortress part of national information network (national internet) - is developed for thwarting attacks and engaging attackers.[20] In November 2022, the Iranian Majlis Islamic Consultative Assembly recommended a Passive Defence Incorporation.[21]

Attacks against Iran

edit

In June 2010, Iran was the victim of a cyber-attack when its nuclear facility in Natanz was infiltrated by the cyber-worm 'Stuxnet'.[22] Reportedly a combined effort by the United States and Israel,[23] Stuxnet destroyed perhaps over 1,000 nuclear centrifuges and, according to a Business Insider article, "[set] Tehran's atomic programme back by at least two years."[24] The worm spread beyond the plant to allegedly infect over 60,000 computers, but the government of Iran indicates it caused no significant damage. Iran crowdsourced solutions to the worm and is purportedly now better positioned in terms of cyber warfare technology.[22] No government has claimed responsibility for the worm.[24] The cyber-worm was also used against North Korea.[citation needed]

Events

edit
  • In October 2013, media reported Mojtaba Ahmadi, who served as commander of the "Cyber War Headquarters" was found dead wounded by bullets in Karaj.[25]
  •   November 2018: The Iranian telecommunication minister Mohammad-Javad Azari Jahromi accuses Israel of a failed cyberattack on its telecommunications infrastructure, and vows to respond with legal action.[26][27]
  • October 2021: An attack paralyzed gas stations across the country, preventing users from purchasing fuel using state-issued cards and digital billboards displaying antigovernment messages
  • In September, October and November 2022, Iranian state networks and emails came under attack by Anonymous and other hacking groups acting in solidarity with Iranian protestors.[28]
  • In the year 2023 several government ministries were fully hacked by multiple people including Ministry of Science research and technology on September 23.[29][30][31] Veterans affairs[32] Ministry of foreign affairs(50TB)[33] Central Insurance and 19 subsidiary corporations(119 million lines records)[34][35][36] City of Tehran municipality , State news bulletin[37] National Civil Registration vital records organization database(20TB)[38] Atomic Energy Organization[39] Presidency[40] Ridesharing company Tapsi was hacked as well.
  • December 2023 seventy percent of entire national Iranian fuel pumps taken out, Predators Sparrow took responsibility[41]
  • January 2024 Snapp was hacked with records of 80 million Iranians along with payment info sold.[42]
  • In 2024 February
    • Islamic Consultative Assembly was hacked revealing massive payment to members.[43][44]
    • Russian hackers attacked Iranian embassy.[45]
    • 3000000 court penal cases of Iranian Judicial system hacked and put online.[46]
    • Anonymous reportedly extracted 14 GB of data out of a Malek-Ashtar University of Technology server belonging to Ministry of Defense.[47]
    • US military attacked two Iranian intelligence vessels at Red Sea.[48]
  • May 2024 Iranian regime was getting hammered with huge scale cyberattacks causing internet issues [49]
  • June 2024 Islamic culture and guidance's ministry Haj.ir taken out , source code and database hacked by IRleaks team, it included pilgrim and civil travel records since 1980s[50]
    • Ministry of Science hacked.[51]
  • IRLeaks attack on Iranian banks
  • October Israeli cyberattacks on nuclear facilities[52]

Attacks by Iran

edit

The Iranian government has been accused by Western analysts of its own cyber-attacks against the United States, Israel and Persian Gulf Arab countries, but denied this, including specific allegations of 2012 involvement in hacking into American banks.[24] The conflict between Iran and the United States has been called "history's first known cyber-war" by Michael Joseph Gross in mid-2013.[53]

2010-2020

edit
  •   August 2014: An IDF official told the press that Iran has launched numerous significant attacks against Israel's Internet infrastructure.[54]
  •   31 March 2015: There was a massive power outage for 12 hours in 44 of 81 provinces of Turkey, holding 40 million people. Istanbul and Ankara were among the places suffering blackouts. According to Observer.com, Iranian hackers, possibly the Iranian Cyber Army, were behind the power outage.[55]
  •   June 2017: The Daily Telegraph reported that intelligence officials concluded that Iran was responsible for a cyberattack on the British Parliament lasting 12 hours that compromised around 90 email accounts of MPs. The motive for the attack is unknown but experts suggested that the Islamic Revolutionary Guard Corps could be using cyberwarfare to undermine the Iran nuclear deal.[56]

2022

edit
  •   January 2022: The website of Israel's Jerusalem Post newspaper and the Twitter account of Maariv newspaper are hacked by suspected Iranian hackers. The website's content was replaced with a threat to _target the Shimon Peres Negev Nuclear Research Center, and an apparent reference to Qasem Soleimani who was assassinated exactly two years earlier in Baghdad, Iraq.[57][58]
  •   March 2022: Large-scale cyberattacks were launched against multiple Israeli government websites, allegedly by Iran as retaliation for failed Mossad operations, though neither the attack attribution nor the purported Mossad operations could be confirmed as of March 2022. The National Cyber Directorate declared a state of emergency as a result of the attacks and unnamed defense sources told media outlets it was possibly the largest-ever cyberattack against Israel.[59][60]
  •   November 2022: Iranian hackers attacked Albanian networks.[61][62]
  •   November: seventeen American networks system were turned into mining crypto because of existing undefended vulnerability.[63]

2023

edit
  • Moneybird ransomware was used by Agrius against Israeli people.[64] Cyberattack on Israeli university was blamed on Iranian ministry of intelligence.[65] Attacks attributed to Iranians _targeted Israeli ports and Haifa harbors.[66]
  • Disinformation en masse sponsored by state _targeted Iranians in 2023.[67]
  • In August 2023, Germany's Federal Office for the Protection of the Constitution reported that hackers linked to Iran's Islamic Revolutionary Guard Corps _targeted Iranian regime opponents in Germany, using fake identities to conduct cyber espionage.[68]
  • Sophos and Zimperium report Iranian citizens credentials hacked by Iranian hackers, with Firebase, C2 (C&C) iOS, Android malware apps called Bank Saderat, Central Bank and Bank Mellat.[69]
  • In November 2023, Ziv Hospital in Safed, Israel, reported a cyber breach of its computer systems. An Iranian-linked hacking group subsequently claimed to have obtained 500 gigabytes of patient information.[8]
  • In late November 2023, the Municipal Water Authority of Aliquippa, Pennsylvania experienced a cyberattack by pro-Iran hackers who breached its industrial equipment, including a system managing water pressure.[70]
  • In December 2023, a cyberattack by hackers linked to Iran disrupted the water supply in a rural area of County Mayo, Ireland, leaving about 160 households without water for two days.[71]
  • December 14, 2023 ESET documented OilRig group which is state sponsored use C&C attacks.[72]

2024

edit
  • In February 2024, OpenAI announced that it had shut down accounts used by the Crimson Sandstorm hacking group. The group had been using OpenAI services to research evasion techniques, write and refactor code, and create phishing campaign content.[73][74]
  • April 2024 Israel secrets published by Iranian website,[75]
  • In June 2024, Iranian-backed hackers, identified as Mint Sandstorm (also known as Charming Kitten or APT35), _targeted a high-ranking official from a U.S. presidential campaign with a spear-phishing attack. The hackers used a compromised email account to send a malicious link.[76]
  • July 2024 MuddyWater increased the cyber attacks in the Middle East.[77]
  • On August 9, 2024, Microsoft reported that Iran has intensified its interference in the US elections by launching fake news sites and conducting hacking attempts. According to a Washington Post report, Iranian-operated news networks, such as Nio Thinker and Savannah Time, aim to polarize American voters by promoting extreme viewpoints. Microsoft also detailed a spear-phishing attack conducted by Iranian hackers _targeting a US presidential campaign. This group used a compromised email account to attempt unauthorized access to sensitive information. Another Iranian group also managed to breach an account belonging to a county government employee in a swing state.[78]
  • In September 2024, U.S. authorities revealed that Iranian hackers had accessed and distributed stolen information from Trump's campaign to individuals linked to Biden's re-election effort, aiming to disrupt the election. Despite Iran's denial of involvement, officials suggested the intent was to erode public confidence in the electoral process.[79]
  • Also in September 2024, Swedish authorities revealed that a cyber group called Anzu, operating under Iran's Islamic Revolutionary Guard Corps (IRGC), were responsible for hacking into a Swedish text messaging service in July 2023, taking over passwords, usernames and other tools, and sending thousands of messages calling Swedes "demons" and bearing instructions to exact vengeance upon Koran burners. Iran denied the accusation, though the investigation by the Swedish Prosecution Authority managed to identify the individual hackers responsible for the data breach. In a statement by Justice Minister Gunnar Stromme it was said that the goal was to destabilise Sweden or increase polarisation, and the security service warned that Iran is among those seeking to create division and bolster their own regimes.[80][81][82]

On October 30th FBI and Treasury released a cybsecurity threat advisory related in relation to Emennet Passargad.[83][84]

In November 2024 ClearSky revealed an Iranian "dream job malware" APT TA455 doing an op using North Korean shared methods _targeting US defence sector.[85]

Iranian state-sponsored hackers, identified as TA455 (also known as APT35 and Charming Kitten), have been conducting a cyber espionage campaign _targeting the aerospace industry since September 2023, using tactics similar to those of North Korean threat actors. The campaign involves creating fake recruiter profiles on LinkedIn and using malicious domains to lure victims into downloading malware known as SnailResin. Victims are enticed to open ZIP files disguised as job-related documents, which have a low antivirus detection rate. The malware is deployed through DLL side-loading attacks, closely mirroring techniques used by North Korean hackers. Researchers suggest that the Iranian hackers may have adopted these methods from North Korea, particularly given the malware's initial association with North Korean groups like Kimsuky and Lazarus. TA455 employs Cloudflare to obscure its command-and-control domains and encodes command and control data on GitHub to blend in with legitimate web traffic, making tracking their infrastructure difficult. The primary _targets of this campaign are aerospace professionals, with the goal of infiltrating networks within the aerospace, aviation, and defense sectors, particularly in the Middle East, including Israel, the UAE, and potentially Turkey, India, and Albania. The goal appears to be espionage and data exfiltration from these high-value _targets in the aerospace sector.[86]

The UK and US have jointly issued a warning about ongoing spear-phishing attacks conducted by cyber actors affiliated with Iran's Islamic Revolutionary Guard Corps (IRGC). These sophisticated attacks _target individuals connected to Iranian and Middle Eastern affairs, including government officials, think tank personnel, journalists, activists, and those involved in US political campaigns. The attackers use social engineering techniques to impersonate trusted contacts, aiming to gain access to victims' personal and business accounts. They often use fraudulent login pages to obtain credentials, allowing them to access sensitive information and manipulate email accounts. The National Cyber Security Centre (NCSC) and its US counterparts are urging at-risk individuals to follow mitigation steps and utilize free cyber defence services to protect themselves. Paul Chichester, NCSC Director of Operations, emphasized the persistent nature of this threat and the importance of remaining vigilant, particularly for those in sensitive sectors.[87]

December

  • FBI's Donald Trump appointment director Kash Patel successfully hacked.[88]
  • Cotton Sandstorm : Meta reported that they had successfully detected and taken down 48 accounts belonging to IRGC posing as anti west activists part of an influence op[89][90]

Command and control

edit

Iranian armed forces install malware apps for espionage on Android phones.[91] They could steal victims identity according to Microsoft.[92]

Suspended Iranian accounts

edit

On May 5, 2020, Reuters reported, quoting a monthly Facebook report, that Iranian state-run media had _targeted hundreds of fake social media accounts to covertly spread pro-Iranian messaging, online since at least 2011, for secretly broadcasting online promotional messages in favor of Iran in order _targeting voters in countries including Britain and the United States.[93] Accounts were suspended for coordinated inauthentic behavior, which removed eight networks in recent weeks, including one with links to the Islamic Republic of Iran Broadcasting.[93]

See also

edit
Alleged operations and malware against Iran
Alleged operations and malware by Iran

References

edit
  1. ^ Joshi, Shashank. "Iran, the Mossad and the power of cyber-warfare". Archived from the original on October 3, 2013. Retrieved March 18, 2015.
  2. ^ "Iran's military is preparing for cyber warfare". The Telegraph. October 3, 2013. Archived from the original on August 10, 2018. Retrieved March 18, 2015.
  3. ^ Bastani, Hossein (December 13, 2012). "Structure of Iran's Cyber Warfare". Institut Français d'Analyse Stratégique. Archived from the original on May 23, 2019. Retrieved March 18, 2015.
  4. ^ Siboni, Gabi; Kronenfeld, Sami (April 3, 2014). "Developments in Iranian Cyber Warfare, 2013–2014". INSS Insight. Institute for National Security Studies. Archived from the original on January 5, 2020. Retrieved March 18, 2015.
  5. ^ "Israeli Think Tank Acknowledges Iran as Major Cyber Power, Iran Claims its 4th Biggest Cyber Army in World". Hack Read. October 18, 2013. Archived from the original on May 30, 2019. Retrieved March 18, 2015.
  6. ^ "- IRANIAN CYBER THREAT TO THE U.S. HOMELAND". www.govinfo.gov. Archived from the original on 2021-10-28. Retrieved 2021-10-28.
  7. ^ "Iran 'hides spyware in wallpaper, restaurant and games apps'". BBC News. 8 February 2021. Archived from the original on 2021-08-07. Retrieved 2021-10-28.
  8. ^ a b "Iran's electronic confrontation with Israel". The Economist. ISSN 0013-0613. Retrieved 2024-08-18.
  9. ^ Singer, P. W.; Friedman, Allan (March 2014). Cybersecurity and cyberwar: what everyone needs to know. Oxford University Press. ISBN 978-0-19-991809-6. OCLC 802324804.
  10. ^ "Cyberwar – does it exist?". NATO. 2019-06-13. Retrieved 2019-05-10.
  11. ^ Smith, Troy E. (2013). "Cyber Warfare: A Misrepresentation of the True Cyber Threat". American Intelligence Journal. 31 (1): 82–85. ISSN 0883-072X. JSTOR 26202046.
  12. ^ Lucas, George (2017). Ethics and Cyber Warfare: The Quest for Responsible Security in the Age of Digital Warfare. Oxford University Press. p. 6. ISBN 978-0-19-027652-2.
  13. ^ "Advanced Persistent Threat Groups". FireEye. Retrieved 2019-05-10.
  14. ^ "APT trends report Q1 2019". securelist.com. 30 April 2019. Retrieved 2019-05-10.
  15. ^ "GCHQ". www.gchq.gov.uk. Retrieved 2019-05-10.
  16. ^ "Who are the cyberwar superpowers?". World Economic Forum. 4 May 2016. Retrieved 2021-06-24.
  17. ^ Green, James A., ed. (7 November 2016). Cyber warfare: a multidisciplinary analysis. London: Routledge. ISBN 978-0-415-78707-9. OCLC 980939904.
  18. ^ Newman, Lily Hay (2019-05-06). "What Israel's Strike on Hamas Hackers Means For Cyberwar". Wired. ISSN 1059-1028. Retrieved 2019-05-10.
  19. ^ Liptak, Andrew (2019-05-05). "Israel launched an airstrike in response to a Hamas cyberattack". The Verge. Retrieved 2019-05-10.
  20. ^ "شکست حملات سایبری در مقابل"دژفا"". 2020-02-09. Archived from the original on 2020-02-09. Retrieved 2021-10-28.
  21. ^ "آغاز جلسه علنی مجلس/ طرح تشکیل سازمان پدافند غیرعامل در دستور". 6 November 2022. Archived from the original on 13 November 2022. Retrieved 13 November 2022.
  22. ^ a b "Stuxnet and the Future of Cyber War". James P. Farwell and Rafal Rohozinski.
  23. ^ Sanger, David E. (1 June 2012). "Obama Order Sped Up Wave of Cyberattacks Against Iran". The New York Times. Archived from the original on 1 June 2012. Retrieved 1 June 2012.
  24. ^ a b c "US General: Iran's Cyber War Machine 'A Force To Be Reckoned With'". Business Insider. Archived from the original on 2019-04-02. Retrieved 2017-11-14.
  25. ^ McElroy, Damien (October 2, 2013). "Iranian cyber warfare commander shot dead in suspected assassination". The Telegraph. Archived from the original on October 7, 2019. Retrieved March 18, 2015.
  26. ^ "Iran accuses Israel of failed cyber attack". Reuters. 5 November 2018. Archived from the original on 2020-05-28. Retrieved 2018-11-06.
  27. ^ "Iran accuses Israel of failed cyber attack - CNA". Archived from the original on 2019-09-10. Retrieved 2018-11-06.
  28. ^ Browne, Ryan; Turak, Natasha (5 October 2022). "Hacktivists seek to aid Iran protests with cyberattacks and tips on how to bypass internet censorship". CNBC. Archived from the original on 2023-01-13. Retrieved 2023-03-09.
  29. ^ "ماجرای حمله سایبری به سایت وزارت علوم چه بود؟". اعتمادآنلاین (in Persian). 2023-09-24. Retrieved 2023-09-24.
  30. ^ فردا, رادیو (2023-09-24). "سایت وزارت علوم ایران "هک شد"؛ هکرها می‌گویند به "بیش از ۲۰ هزار سند" دست یافته‌اند". رادیو فردا (in Persian). Retrieved 2023-09-24.
  31. ^ قربانی, زهرا (2023-09-23). "ماجرای هک سایت وزارت علوم چیست؟ / سامانه‌های دولتی زیر ذره‌بین هکر‌ها". راه پرداخت (in Persian). Retrieved 2023-09-24.
  32. ^ "واکنش عجیب رییس بنیاد شهید به هک شدن سرورهای این سازمان؛ اطلاعاتی حساسی نداشتیم!". اعتمادآنلاین (in Persian). 2023-09-24. Retrieved 2023-09-24.
  33. ^ "ماجرای هک سایت وزارت امور خارجه چه بود؟". اعتمادآنلاین (in Persian). 2023-09-24. Retrieved 2023-09-24.
  34. ^ "هک شرکت‌های بیمه در ایران و نگرانی از ضعف امنیت سایبری". BBC News فارسی (in Persian). 2023-09-04. Retrieved 2023-09-24.
  35. ^ فردا, رادیو (2023-09-04). "برکناری رئیس کل بیمه مرکزی ایران در پی اخبار "هک اطلاعات ۱۸ شرکت بیمه"". رادیو فردا (in Persian). Retrieved 2023-09-24.
  36. ^ "پس‌لرزه‌های هک اطلاعات ۱۸ شرکت بیمه؛ رئیس کل بیمه مرکزی ایران برکنار شد". صدای آمریکا (in Persian). 2023-09-04. Retrieved 2023-09-24.
  37. ^ "ابعاد هک و انتشار اطلاعات شخصی خبرنگاران و کارکنان خبرگزاری فارس بررسی شود". اعتمادآنلاین (in Persian). 2023-09-24. Retrieved 2023-09-24.
  38. ^ قربانی, زهرا (2023-09-20). "ماجرای هک سازمان ثبت‌احوال چه بود؟". راه پرداخت (in Persian). Retrieved 2023-09-24.
  39. ^ "هشدار هکرهای بلک رویوارد: اگر رژیم به خواست مردم تن ندهد، اسناد هسته‌ای را رو می کنیم". ایران اینترنشنال (in Persian). 2023-09-22. Retrieved 2023-09-24.
  40. ^ "سند هک شده: وزارت خارجه جمهوری اسلامی نشستی برای مدیریت بحران پهپادی در اوکراین برگزار کرد". ایران اینترنشنال (in Persian). 2024-01-25. Retrieved 2024-01-25.
  41. ^ "اختلال سراسری در پمپ بنزین‌های ایران؛ "گنجشک درنده": حمله سایبری کار ما بود". BBC News فارسی (in Persian). 2023-12-18. Retrieved 2024-01-25.
  42. ^ "هکرهای شرکت «اسنپ فود» نهایی شدن دریافت باج را تائید کردند". BBC News فارسی (in Persian). 2024-01-01. Retrieved 2024-03-01.
  43. ^ فردا, رادیو (2024-02-13). "روابط عمومی مجلس هک وب‌سایت‌ها و «دسترسی» هکرها به اسناد مجلس را تأیید کرد". رادیو فردا (in Persian). Retrieved 2024-03-01.
  44. ^ "هک وب‌سایت‌های مجلس؛ هکرها «حقوق ۲۰۰ میلیونی» نمایندگان و مزایایی مانند «آجیل شب یلدا» را فاش کردند". صدای آمریکا (in Persian). 2024-02-13. Retrieved 2024-03-01.
  45. ^ "حمله سایبری هکرهای روسی به سفارت‌خانه‌های جمهوری اسلامی". ایران اینترنشنال (in Persian). 2024-03-01. Retrieved 2024-03-01.
  46. ^ "Justice Of Iran". 2024-02-21. Archived from the original on 2024-02-21. Retrieved 2024-03-01.
  47. ^ "هکرهای گمنام چهارده گیگابایت اطلاعات از سرورهای دانشگاه صنعتی مالک اشتر استخراج کردند". صدای آمریکا (in Persian). 2024-02-22. Retrieved 2024-03-01.
  48. ^ "US Cyberattack Hit 2 Iranian Military Ships in Red Sea". Voice of America. 2024-02-16. Retrieved 2024-03-01.
  49. ^ "زارع‌پور، وزیر ارتباطات: نمی‌خواهیم مردم از حملات سایبری مطلع شوند". 16 May 2024.
  50. ^ "سایت سازمان حج و زیارت هک شد؟". June 2024.
  51. ^ "سایت وزارت علوم پس از حمله هکری به طور موقت از دسترس خارج شد". 8 June 2024.
  52. ^ "Israel-Hezbollah war: Iran hit by massive cyberattacks; "nuclear facilities and government agencies _targeted"". The Times of India. 13 October 2024.
  53. ^ "Silent War" Archived 2014-11-15 at the Wayback Machine July 2013 Vanity Fair
  54. ^ Joseph Marks (22 April 2015). "Iran launched major cyberattacks on the Israeli Internet". Politico. Archived from the original on 10 November 2014. Retrieved 27 April 2015.
  55. ^ Micah Halpern (22 April 2015). "Iran Flexes Its Power by Transporting Turkey to the Stone Age". Observer. Archived from the original on 14 December 2019. Retrieved 27 April 2015.
  56. ^ "Iran blamed for cyberattack on Parliament that hit dozens of MPs, including Theresa May". The Telegraph. 14 October 2017. Archived from the original on 6 December 2017. Retrieved 6 December 2017.
  57. ^ "Israel's Jerusalem Post Website Hacked". Reuters. 3 January 2022. Archived from the original on 2022-01-03. Retrieved 2022-01-03.
  58. ^ "Jerusalem Post website hacked with Iran warning on anniversary of Soleimani killing". The Times of Israel. Archived from the original on 2022-01-03. Retrieved 2022-01-03.
  59. ^ Yonah Jeremy Bob (2022-03-14). "Cyberattack against Israeli sites follows reports of failed Mossad op against Iran". The Jerusalem Post. Archived from the original on 2022-03-14. Retrieved 2022-03-14.
  60. ^ Yaniv Kubovich. "Israeli Government Sites Crash in Cyberattack". Haaretz. Archived from the original on 2022-03-14. Retrieved 2022-03-14.
  61. ^ "New Entries in the CFR Cyber Operations Tracker: Q3 2022". Council on Foreign Relations. Archived from the original on 2023-04-26. Retrieved 2023-03-09.
  62. ^ Agencies. "Albania cuts diplomatic ties with Iran, boots out diplomats over July cyberattack". www.timesofisrael.com. Archived from the original on 2022-11-17. Retrieved 2023-03-09.
  63. ^ "Iranian hackers compromise US government network in cryptocurrency generating scheme, officials say". Archived from the original on 2022-11-17. Retrieved 2022-11-17.
  64. ^ "Iranian hacker group Agrius launches Moneybird ransomware attacks on Israeli entities". www.2-spyware.com. 2023-05-25. Retrieved 2023-05-25.
  65. ^ Kleinman, Danielle (2023-03-07). "Iran Launches Cyberattack on Israeli University". FDD. Retrieved 2023-05-25.
  66. ^ "Iran suspect in cyberattack _targeting Israeli shipping, financial firms - Al-Monitor: Independent, trusted coverage of the Middle East". www.al-monitor.com. 2023-05-24. Retrieved 2023-05-25.
  67. ^ "Iran state-backed hackers are shifting to disinformation, Microsoft says".
  68. ^ "هکرهای سپاه پاسداران مخالفان رژیم جمهوری اسلامی را در آلمان هدف قرار می‌دهند". ایران اینترنشنال (in Persian). 2024-01-25. Retrieved 2024-01-25.
  69. ^ Kohli, Pankaj (2023-07-27). "Uncovering an Iranian mobile malware campaign". Sophos News. Retrieved 2023-12-02.
  70. ^ Lyngaas, Sean; Sgueglia, Kristina (2023-11-28). "Federal officials investigating after pro-Iran group allegedly hacked water authority in Pennsylvania". CNN. Retrieved 2023-11-29.
  71. ^ "حمله سایبری هکرهای جمهوری اسلامی موجب قطع آب منطقه‌ای در ایرلند شد". ایران اینترنشنال (in Persian). 2024-03-01. Retrieved 2024-03-01.
  72. ^ "OilRig's persistent attacks using cloud service-powered downloaders". www.welivesecurity.com. Retrieved 2024-01-25.
  73. ^ "Disrupting malicious uses of AI by state-affiliated threat actors". February 14, 2024.
  74. ^ "Staying ahead of threat actors in the age of AI". Microsoft. February 14, 2024.
  75. ^ "Iran-linked Website Leaks Secret Israeli Data - National Security & Cyber - Haaretz.com".
  76. ^ "Iran attempted to hack a high-ranking presidential campaign official: Microsoft".
  77. ^ "MuddyWater Threat Group Deploys New BugSleep Backdoor". Check Point Blog. July 15, 2024.
  78. ^ Menn, Joseph (2024-08-09). "Iran uses fake news sites to interfere in U.S. election, Microsoft says". The Washington Post.
  79. ^ "US says Iran emailed stolen Trump campaign material to Biden camp". Reuters News. 19 September 2024. Retrieved 19 September 2024.
  80. ^ "Sweden blames Iran for cyber-attack after Quran burnings". www.bbc.com. Retrieved 2024-09-26.
  81. ^ Olsen, Jan M. (24 September 2024). "Iran was behind thousands of text messages calling for revenge over Quran burnings, Sweden says". AP News.
  82. ^ Kirby, Paul. "Sweden blames Iran for cyber-attack after Quran burnings". BBC News.
  83. ^ "New Tradecraft of Iranian Cyber Group Aria Sepehr Ayandehsazan aka Emennet Pasargad" (PDF). Internet Crime Complaint Center.
  84. ^ samanthar@checkpoint.com (2024-11-14). "Malware Spotlight: A Deep-Dive Analysis of WezRat". Check Point Research. Retrieved 2024-11-15.
  85. ^ "Iranian "Dream Job" Campaign 11.24". ClearSky Cyber Security.
  86. ^ Prajeet Nair (November 14, 2024). "Iranian Threat Actors Mimic North Korean Job Scam Techniques". BankInfoSecurity. Retrieved 2024-12-26.
  87. ^ Allison, George (2024-10-01). "UK warns of Iranian state-sponsored phishing attacks". Retrieved 2024-12-26.
  88. ^ https://www.cnn.com/2024/12/03/politics/kash-patel-_targeted-iran-hack/index.html
  89. ^ https://github.com/facebook/threat-research/blob/main/indicators/csv/Q3_2024/Q3_2024%20IRAN_BASED_CIB_NETWORK.csv
  90. ^ https://web.archive.org/web/20241204090231/https://scontent.fblr24-3.fna.fbcdn.net/v/t39.8562-6/468803217_3032365593577504_4214030314490019057_n.pdf?_nc_cat=100&ccb=1-7&_nc_sid=b8d81d&_nc_ohc=gNa84otj-bgQ7kNvgHWIH7o&_nc_zt=14&_nc_ht=scontent.fblr24-3.fna&_nc_gid=A6Ow7Lpusiu3cUxryupv9Th&oh=00_AYDX23onekeBK7SqpILJm2xxyfBKHp8lQllXBbXCAauC3Q&oe=6755CDD3
  91. ^ "Lookout Discovers Android Spyware Tied to Iranian Police _targeting Minorities: BouldSpy". Archived from the original on 2023-05-01. Retrieved 2023-04-30.
  92. ^ "Rinse and repeat: Iran accelerates its cyber influence operations worldwide". 2 May 2023.
  93. ^ a b "Facebook says it dismantles disinformation network tied to Iran's state media". REUTERS. 5 May 2020. Archived from the original on 21 August 2021. Retrieved 28 October 2021.
edit
  NODES
Association 1
Bugs 1
INTERN 8
Note 1
twitter 1
USERS 1