Iranian hackers unleash malware against aviation, petrochem industries — cybersecurity firm

Stuart Davis, a director at one of FireEye's subsidiaries speaks to journalists about the techniques of Iranian hacking on Wednesday, Sept. 20, 2017, in Dubai, United Arab Emirates. A new report by FireEye, a cybersecurity firm, warned that a suspected group of hackers in Iran are targeting the aviation and petrochemical industries in Saudi Arabia, the US and South Korea. (AP Photo/Kamran Jebreili)
Updated 20 September 2017

Iranian hackers unleash malware against aviation, petrochem industries — cybersecurity firm

DUBAI: A group of hackers suspected of working in Iran for its government is targeting the aviation and petrochemical industries in Saudi Arabia, the US and South Korea, a cybersecurity firm warned Wednesday.
The report by FireEye also said the suspected Iranian hackers left behind a new type of malware that could have been used to destroy the computers it infected, an echo of two other Iran-attributed cyberattacks targeting Saudi Arabia in 2012 and 2016 that destroyed systems.
Iran’s office at the United Nations did not immediately respond to a request for comment Wednesday and its state media did not report on the claims. However, suspected Iranian hackers long have operated without caring if people found it was them or if there would be consequences, making them incredibly dangerous, said Stuart Davis, a director at one of FireEye’s subsidiaries.
“Today, without any repercussions, a neighboring country can compromise and wipe out 20 institutions,” Davis said.
FireEye, which often works with governments and large corporations, refers to the group as APT33, an acronym for “advanced persistent threat.” APT33 used phishing e-mail attacks with fake job opportunities to gain access to the companies affected, faking domain names to make it look like the messages came from Boeing Co. or defense contractors.
The hackers remained inside of the systems of those affected for “four to six months” at a time, able to steal data and leaving behind the malware that FireEye refers to as Shapeshifter. The coding contains Farsi-language references, the official language of Iran, FireEye said.
Timestamps in the code also correspond to hackers working from Saturday to Wednesday, the Iranian workweek, Davis said. The programs used in the campaign are popular with Iranian coders, servers were registered via Iranian companies and one of the spies appears to have accidentally left his online handle, “xman_1365_x,” in part of the code.
That name “shows up all over Iranian hacker forums,” FireEye’s John Hultquist said. “I don’t think they’re worried about being caught. ... They just don’t feel like they have to bother.”
The Associated Press was able to find other clues pointing to an Iranian nexus. One of the e-mail addresses used to register a malicious server belongs to an Ali Mehrabian, who used the same address to create more than 120 Iranian websites over the past six years.
Neither Mehrabian, who listed himself as living in Tehran, nor “xman” returned e-mails seeking comment.
Iran developed its cyber capabilities in 2011 after the Stuxnet computer virus destroyed thousands of centrifuges involved in Iran’s contested nuclear program. Stuxnet is widely believed to be an American and Israeli creation.
Iran is believed to be behind the spread of Shamoon in 2012, which hit Saudi Arabian Oil Co. and Qatari natural gas producer RasGas. The virus deleted hard drives and then displayed a picture of a burning American flag on computer screens. Saudi Aramco ultimately shut down its network and destroyed over 30,000 computers.
A second version of Shamoon raced through Saudi government computers in late 2016, this time having the destroyed computers display a photograph of the body of 3-year-old Syrian boy Aylan Kurdi, who drowned fleeing his country’s civil war. Suspicion again fell on Iran.
FireEye’s report said it believed APT33 “is likely in search of strategic intelligence capable of benefiting a government or a military sponsor.”
High on the list of any potential suspects within Iran would be its paramilitary Revolutionary Guard. US prosecutors in March 2016 accused hackers associated to Guard-linked companies of attacking dozens of banks and a small dam near New York City. Hackers linked to the Guard also have been suspected of targeting the e-mail and social-media accounts of Obama administration officials.
___
Associated Press writer Raphael Satter in Paris contributed to this report.


Trump plan calls for Palestinian state with capital in eastern Jerusalem

Updated 17 min 21 sec ago

Trump plan calls for Palestinian state with capital in eastern Jerusalem

  • United States will recognize Israeli settlements on the occupied West Bank
  • The absence of the Palestinians from Trump’s announcement is likely to fuel criticism that the plan tilts toward Israel

WASHINGTON: US President Donald Trump on Tuesday proposed creation of a Palestinian state with a capital in eastern Jerusalem, dependent on Palestinians taking steps to become self-governing, in an effort to achieve a peace breakthrough in their decades of conflict with Israel.
Senior administration officials, briefing Reuters on the plan the president announced at the White House, said that under Trump’s proposed Middle East peace plan the United States will recognize Israeli settlements on the occupied West Bank.

******

Read the full report here: Middle East peace plan

******


In exchange, Israel would agree to accept a four-year freeze on new settlement activity while Palestinian statehood is negotiated.
“Today, Israel has taken a giant step toward peace,” Trump said as he announced the plan at the White House with Israeli Prime Minister Benjamin Netanyahu at his side, saying he also sent a letter about it to Palestinian President Mahmoud Abbas.
“This is a historic day,” Netanyahu said, comparing Trump’s peace plan to former President Harry Truman’s 1948 recognition of the state of Israel. “On this day, you became the first world leader to recognize Israel’s sovereignty over areas in Judea and Samaria that are vital to our security and central to our heritage,” he added, using the Biblical names for the West Bank.
While Israeli leaders have welcomed Trump’s long-delayed plan, Palestinian leaders had rejected it even before its official release, saying his administration was biased toward Israel.
The absence of the Palestinians from Trump’s announcement is likely to fuel criticism that the plan tilts toward Israel’s needs rather than those of the Palestinians.


Israeli-Palestinian talks broke down in 2014, and it was far from clear that the Trump plan will resuscitate them.
US officials said they were braced for initial Palestinian skepticism but hoped that over time they will agree to negotiate. The plan places high hurdles for the Palestinians to overcome to reach their long-sought goal of a state.
It remains to be seen also how Israel responds, given the pressures its right-wing prime minister, Netanyahu, faces going into his third attempt at re-election in less than a year.
The US plan represented the most dramatic and detailed attempt to break the historic deadlock between Israel and the Palestinians in several years, the result of a three-year effort by Trump senior advisers Jared Kushner and Avi Berkowitz and former adviser Jason Greenblatt.
Trump has endorsed a proposed map outlining the two states, the officials said. The Palestinian state would be double the size of land that Palestinians currently control and would be connected by roads, bridges and tunnels, the official said.
Trump briefed Netanyahu and his rival in Israel’s March 2 elections, Blue and White Party chief Benny Gantz, in talks on Monday.
Asked what Washington was prepared to do to advance negotiations, the officials said it was up to the Palestinians to come forward and to say they are prepared to negotiate.
They said both Netanyahu and Gantz had said they were willing to support the effort.
Israeli leaders have agreed to negotiate on the basis of the Trump plan and agreed to the map, the officials said. Israel’s agreement on statehood for Palestinians is dependent on a security arrangement to protect Israelis, they said.
Israel will also take steps to ensure Muslim access to Al-Aqsa mosque in Jerusalem and respect Jordan’s role regarding holy sites, the officials said.
Palestinian statehood would be dependent on Palestinians taking steps for self-government, such as respect for human rights, freedom of the press and having transparent and credible institutions, the officials said.
“In doing the map it’s incredibly difficult to try to create contiguity for a Palestinian state based on what’s happened over the past 25 years so if we don’t do this freeze now I think that their chance to ever have a state basically goes away,” said one official in reference to the growth of Jewish settlements.
“So what we’ve done is basically we’ve bought four more years for them to get their act together and try to negotiate a deal for them to become a state, and I think this is a huge opportunity for them,” the official said.
The official said the question for Palestinians is will they “come to the table and negotiate?“
If they agree to negotiate, there are some areas that can be compromised in the future, the official said without offering details.
Trump’s plan calls for Palestinians to be able to return to a future state of Palestine and creates a “generous compensation fund,” the official said.
About Israel retaining the settlements, a US official said: “The plan is based on a principle that people should not have to move to accomplish peace ... But it does stop future settlement expansion which we consider to be the most realistic approach.
“The notion that hundreds of thousands of people, or tens of thousands of people, are going to be removed either forcibly or not from their homes is just not worth entertaining,” the official said.
Before the Trump announcement, thousands of Palestinians demonstrated in Gaza City and Israeli troops reinforced positions near a flashpoint site between the Palestinian city of Ramallah and the Jewish settlement of Beit El in the West Bank.
A Netanyahu spokesman said the Israeli leader would fly to Moscow on Wednesday to brief Russian President Vladimir Putin on the proposals.
Palestinian leaders had said they were not invited to Washington, and that no plan could work without them.
On Monday Palestinian leader Mahmoud Abbas said he would not agree to any deal that did not secure a two-state solution. That formula, the basis for many years of frustrated international peace efforts, envisages Israel co-existing with a Palestinian state.
Palestinians have refused to deal with the Trump administration in protest at such pro-Israeli policies as its moving the US Embassy in Israel from Tel Aviv to Jerusalem, whose eastern half the Palestinians seek for a future capital.
The Trump administration in November reversed decades of US policy when Secretary of State Mike Pompeo said Washington no longer regarded the settlements on West Bank land as a breach of international law. Palestinians and most countries view the settlements as illegal, which Israel disputes.
Both Trump and Netanyahu face political challenges at home. Trump was impeached in the House of Representatives last month and is on trial in the Senate on abuse of power charges.
On Tuesday Netanyahu was formally indicted in court on corruption charges, after he withdrew his bid for parliamentary immunity from prosecution.
Both men deny any wrongdoing.