Cybersecurity firm: More Iran hacks as US sanctions loom

Alister Shepherd, the director of a subsidiary of FireEye, during a presentation about the APT33 in Dubai Tuesday. (AP)
Updated 20 September 2018
0

Cybersecurity firm: More Iran hacks as US sanctions loom

  • The firm warns that this raises the danger level ahead of America re-imposing crushing sanctions on Iran’s oil industry in early November.
  • Iran’s mission to the UN rejected FireEye’s report, calling it “categorically false.”

DUBAI: An Iranian government-aligned group of hackers launched a major campaign targeting Mideast energy firms and others ahead of US sanctions on Iran, a cybersecurity firm said Tuesday, warning further attacks remain possible as America reimposes others on Tehran.

While the firm FireEye says the so-called “spear-phishing” email campaign only involves hackers stealing information from infected computers, it involves a similar type of malware previously used to inject a program that destroyed tens of thousands of terminals in Saudi Arabia.

The firm warns that this raises the danger level ahead of America re-imposing crushing sanctions on Iran’s oil industry in early November.

“Whenever we see Iranian threat groups active in this region, particularly in line with geopolitical events, we have to be concerned they might either be engaged in or pre-positioning for a disruptive attack,” Alister Shepherd, a director for a FireEye subsidiary, told The Associated Press.

Iran’s mission to the UN rejected FireEye’s report, calling it “categorically false.”

“Iran’s cyber capabilities are purely defensive, and these claims made by private firms are a form of false advertising designed to attract clients,” the mission said in a statement. “They should not be taken at face value.”

FireEye, which often works with governments and large corporations, refers to the group of Iranian hackers as APT33, an acronym for “advanced persistent threat.” APT33 used phishing email attacks with fake job opportunities to gain access to the companies affected, faking domain names to make the messages look legitimate. Analysts described the emails as “spear-phishing” as they appear targeted in nature.

FireEye first discussed the group last year around the same time. This year, the company briefed journalists after offering presentations to potential government clients in Dubai at a luxury hotel and yacht club on the man-made, sea-horse-shaped Daria Island.

While acknowledging their sales pitch, FireEye warned of the danger such Iranian government-aligned hacking groups pose. Iran is believed to be behind the spread of Shamoon in 2012, which hit Saudi Arabian Oil Co. and Qatari natural gas producer RasGas. The virus deleted hard drives and then displayed a picture of a burning American flag on computer screens. Saudi Aramco ultimately shut down its network and destroyed over 30,000 computers.

A second version of Shamoon raced through Saudi government computers in late 2016, this time making the destroyed computers display a photograph of the body of 3-year-old Syrian boy Aylan Kurdi, who drowned fleeing his country’s civil war.

But Iran first found itself as a victim of a cyberattack. Iran developed its cyber capabilities in 2011 after the Stuxnet computer virus destroyed thousands of centrifuges involved in Iran’s contested nuclear program. Stuxnet is widely believed to be an American and Israeli creation.

APT33’s emails haven’t been destructive. However, from July 2 through July 29, FireEye saw “a by-factors-of-10 increase” in the number of emails the group sent targeting their clients, Shepherd said.

 


UN investigation delves into Daesh’s crimes against Yazidis

Yazidi activist Nadia Murad won the 2018 Nobel Peace Prize. (AFP)
Updated 15 min 19 sec ago
0

UN investigation delves into Daesh’s crimes against Yazidis

  • The team began its work in August, a year after it was approved the UN Security Council
  • The investigation aims to collect and preserve evidence of acts by Daesh in Iraq that may be war crimes

LONDON: A UN investigation into atrocities committed against Yazidis and others in Iraq will do more than simply gather information that will molder in an archive, the probe’s leader said on Wednesday, it will help bring perpetrators to justice.

The team, led by British lawyer Karim Asad Ahmad Khan began its work in August, a year after it was approved the UN Security Council.

Speaking on the sidelines of a London event celebrating Yazidi activist Nadia Murad — who won the 2018 Nobel Peace Prize —  Khan said the investigation will get into full gear in 2019.

“We will be pushing forward with greater capacity next year once we have a budget from the United Nations,” he told the Thomson Reuters Foundation.

The investigation aims to collect and preserve evidence of acts by Daesh in Iraq that may be war crimes, crimes against humanity or genocide. In September 2017 — after a year of talks with Iraq — the UN council adopted a resolution asking UN Secretary-General Antonio Guterres to create the team “to support domestic efforts” to hold the militants accountable.

The evidence gathered is primarily for use by Iraqi authorities.

Whether that evidence will then be shared with international courts, will “be determined in agreement with the Government of Iraq on a case-by-case basis,” according to the resolution.

“This mandate was not created to create simply an archive that would gather dust,” said Khan.

“Our bid is ... to ensure that the best possible evidence is presented, is preserved, is collected. The necessary investigations are committed so that those who committed these horrendous acts are subjected to the vigour of the law.”

UN experts warned in June 2016 that Daesh was committing genocide against the Yazidis in Syria and Iraq, destroying the minority religious community through killings, sexual slavery and other crimes.

Supporters of the Yazidi cause have expressed irritation at delays the probe has faced.

“Four years have passed since the crimes of genocide committed against Yazidis but we have seen no justice as yet for the victims and survivors,” Karwan Tahir, the Kurdish regional government’s representative in Britain told the London event.

About 7,000 women and girls were captured in northwest Iraq in August 2014 and held by Daesh in Mosul where they were tortured and raped.

Murad, a young Yazidi woman who was enslaved and raped by Islamic State fighters in Mosul in 2014, and international human rights lawyer Amal Clooney have long pushed Iraq to allow UN investigators to help.