Daesh seizes village in south Syria: monitor

This photo taken on July 11, 2018, shows makeshift graves in front of buildings destroyed during airstrikes by Syrian regime forces in the rebel-held town of Nawa, southern Syria. An affiliate of Daesh seized a village in southern Syria overnight from rebels who had agreed to a regime takeover. (AFP)
Updated 13 July 2018
0

Daesh seizes village in south Syria: monitor

  • An affiliate of Daesh seized a village in southern Syria overnight from rebels who had agreed to a regime takeover.
  • Overnight into Thursday, the extremists took control of the village of Heet near the Jordanian border.

BEIRUT: An affiliate of Daesh seized a village in southern Syria overnight from rebels who had agreed to a regime takeover, a Britain-based monitor said Thursday.
Much of the southern province of Daraa had been quiet since Friday, when a cease-fire deal between rebels and the Russian-backed regime ended a nearly three-week government assault.
But Jaish Khaled bin Walid, a local branch of Daesh that controls a small corner in the southwest of the province, on the border with Jordan and close to the Israeli-occupied Golan Heights, is not included in that deal.
Overnight into Thursday, the extremists took control of the village of Heet near the Jordanian border, the Syrian Observatory for Human Rights monitor said.
“After violent clashes, Jaish Khaled bin Walid took control of Heet despite Russian and regime air strikes against them,” Observatory chief Rami Abdel Rahman said.
Fighting since Wednesday has left 16 rebels and 12 extremists dead including two suicide bombers, he said.
Since June 19, the regime has been pressing military and negotiation efforts to retake the whole of Daraa and the adjacent Quneitra province from the opposition.
A government victory in the strategic area bordering Jordan and the occupied Golan Heights would be symbolic, as it is seen as the cradle of the seven-year uprising.
The regime now controls more than 80 percent of Daraa province, the Observatory says, though some parts of its western countryside remain under opposition control.
President Bashar Assad’s regime has retaken more than 60 percent of the country since 2015, when Russia intervened militarily to bolster it.
Syria’s civil war has killed more than 350,000 people and displaced millions since it started in 2011 with a brutal crackdown of anti-Assad protests.


Cybersecurity firm: More Iran hacks as US sanctions loom

Alister Shepherd, the director of a subsidiary of FireEye, during a presentation about the APT33 in Dubai Tuesday. (AP)
Updated 20 September 2018
0

Cybersecurity firm: More Iran hacks as US sanctions loom

  • The firm warns that this raises the danger level ahead of America re-imposing crushing sanctions on Iran’s oil industry in early November.
  • Iran’s mission to the UN rejected FireEye’s report, calling it “categorically false.”

DUBAI: An Iranian government-aligned group of hackers launched a major campaign targeting Mideast energy firms and others ahead of US sanctions on Iran, a cybersecurity firm said Tuesday, warning further attacks remain possible as America reimposes others on Tehran.

While the firm FireEye says the so-called “spear-phishing” email campaign only involves hackers stealing information from infected computers, it involves a similar type of malware previously used to inject a program that destroyed tens of thousands of terminals in Saudi Arabia.

The firm warns that this raises the danger level ahead of America re-imposing crushing sanctions on Iran’s oil industry in early November.

“Whenever we see Iranian threat groups active in this region, particularly in line with geopolitical events, we have to be concerned they might either be engaged in or pre-positioning for a disruptive attack,” Alister Shepherd, a director for a FireEye subsidiary, told The Associated Press.

Iran’s mission to the UN rejected FireEye’s report, calling it “categorically false.”

“Iran’s cyber capabilities are purely defensive, and these claims made by private firms are a form of false advertising designed to attract clients,” the mission said in a statement. “They should not be taken at face value.”

FireEye, which often works with governments and large corporations, refers to the group of Iranian hackers as APT33, an acronym for “advanced persistent threat.” APT33 used phishing email attacks with fake job opportunities to gain access to the companies affected, faking domain names to make the messages look legitimate. Analysts described the emails as “spear-phishing” as they appear targeted in nature.

FireEye first discussed the group last year around the same time. This year, the company briefed journalists after offering presentations to potential government clients in Dubai at a luxury hotel and yacht club on the man-made, sea-horse-shaped Daria Island.

While acknowledging their sales pitch, FireEye warned of the danger such Iranian government-aligned hacking groups pose. Iran is believed to be behind the spread of Shamoon in 2012, which hit Saudi Arabian Oil Co. and Qatari natural gas producer RasGas. The virus deleted hard drives and then displayed a picture of a burning American flag on computer screens. Saudi Aramco ultimately shut down its network and destroyed over 30,000 computers.

A second version of Shamoon raced through Saudi government computers in late 2016, this time making the destroyed computers display a photograph of the body of 3-year-old Syrian boy Aylan Kurdi, who drowned fleeing his country’s civil war.

But Iran first found itself as a victim of a cyberattack. Iran developed its cyber capabilities in 2011 after the Stuxnet computer virus destroyed thousands of centrifuges involved in Iran’s contested nuclear program. Stuxnet is widely believed to be an American and Israeli creation.

APT33’s emails haven’t been destructive. However, from July 2 through July 29, FireEye saw “a by-factors-of-10 increase” in the number of emails the group sent targeting their clients, Shepherd said.