{"id":15732,"date":"2018-09-20T08:24:03","date_gmt":"2018-09-20T08:24:03","guid":{"rendered":"http:\/\/qatar-news.org\/qatarnewsEn\/?p=15732"},"modified":"2018-09-20T08:24:03","modified_gmt":"2018-09-20T08:24:03","slug":"israeli-air-force-chief-to-give-moscow-findings-on-russian-plane-downing","status":"publish","type":"post","link":"https:\/\/qatar-news.org\/qatarnewsEn\/?p=15732","title":{"rendered":"Israeli air force chief to give Moscow findings on Russian plane downing"},"content":{"rendered":"
\n

\nDUBAI: An Iranian government-aligned group of hackers launched a major campaign targeting Mideast energy firms and others ahead of US sanctions on Iran, a cybersecurity firm said Tuesday, warning further attacks remain possible as America reimposes others on Tehran.<\/p>\n

\nWhile the firm FireEye says the so-called \u201cspear-phishing\u201d email campaign only involves hackers stealing information from infected computers, it involves a similar type of malware previously used to inject a program that destroyed tens of thousands of terminals in Saudi Arabia.<\/p>\n

\nThe firm warns that this raises the danger level ahead of America re-imposing crushing sanctions on Iran\u2019s oil industry in early November.<\/p>\n

\n\u201cWhenever we see Iranian threat groups active in this region, particularly in line with geopolitical events, we have to be concerned they might either be engaged in or pre-positioning for a disruptive attack,\u201d Alister Shepherd, a director for a FireEye subsidiary, told The Associated Press.<\/p>\n

\nIran\u2019s mission to the UN rejected FireEye\u2019s report, calling it \u201ccategorically false.\u201d<\/p>\n

\n\u201cIran\u2019s cyber capabilities are purely defensive, and these claims made by private firms are a form of false advertising designed to attract clients,\u201d the mission said in a statement. \u201cThey should not be taken at face value.\u201d<\/p>\n

\nFireEye, which often works with governments and large corporations, refers to the group of Iranian hackers as APT33, an acronym for \u201cadvanced persistent threat.\u201d APT33 used phishing email attacks with fake job opportunities to gain access to the companies affected, faking domain names to make the messages look legitimate. Analysts described the emails as \u201cspear-phishing\u201d as they appear targeted in nature.<\/p>\n

\nFireEye first discussed the group last year around the same time. This year, the company briefed journalists after offering presentations to potential government clients in Dubai at a luxury hotel and yacht club on the man-made, sea-horse-shaped Daria Island.<\/p>\n

\nWhile acknowledging their sales pitch, FireEye warned of the danger such Iranian government-aligned hacking groups pose. Iran is believed to be behind the spread of Shamoon in 2012, which hit Saudi Arabian Oil Co. and Qatari natural gas producer RasGas. The virus deleted hard drives and then displayed a picture of a burning American flag on computer screens. Saudi Aramco ultimately shut down its network and destroyed over 30,000 computers.<\/p>\n

\nA second version of Shamoon raced through Saudi government computers in late 2016, this time making the destroyed computers display a photograph of the body of 3-year-old Syrian boy Aylan Kurdi, who drowned fleeing his country\u2019s civil war.<\/p>\n

\nBut Iran first found itself as a victim of a cyberattack. Iran developed its cyber capabilities in 2011 after the Stuxnet computer virus destroyed thousands of centrifuges involved in Iran\u2019s contested nuclear program. Stuxnet is widely believed to be an American and Israeli creation.<\/p>\n

\nAPT33\u2019s emails haven\u2019t been destructive. However, from July 2 through July 29, FireEye saw \u201ca by-factors-of-10 increase\u201d in the number of emails the group sent targeting their clients, Shepherd said.<\/p>\n

\n\u00a0<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

DUBAI: An Iranian government-aligned group of hackers launched a major campaign targeting Mideast energy firms and others ahead of US sanctions on Iran, a cybersecurity firm said Tuesday, warning further attacks remain possible as America reimposes others on Tehran. While the firm FireEye says the so-called \u201cspear-phishing\u201d email campaign only involves hackers stealing information from…<\/p>\n","protected":false},"author":10,"featured_media":15733,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[],"class_list":["post-15732","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-middle_east_news"],"_links":{"self":[{"href":"https:\/\/qatar-news.org\/qatarnewsEn\/index.php?rest_route=\/wp\/v2\/posts\/15732","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/qatar-news.org\/qatarnewsEn\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/qatar-news.org\/qatarnewsEn\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/qatar-news.org\/qatarnewsEn\/index.php?rest_route=\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/qatar-news.org\/qatarnewsEn\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=15732"}],"version-history":[{"count":0,"href":"https:\/\/qatar-news.org\/qatarnewsEn\/index.php?rest_route=\/wp\/v2\/posts\/15732\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/qatar-news.org\/qatarnewsEn\/index.php?rest_route=\/wp\/v2\/media\/15733"}],"wp:attachment":[{"href":"https:\/\/qatar-news.org\/qatarnewsEn\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=15732"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/qatar-news.org\/qatarnewsEn\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=15732"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/qatar-news.org\/qatarnewsEn\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=15732"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}