Iran TerrorismIBM Warns of Iran’s New Cyber Threats

IBM Warns of Iran’s New Cyber Threats

-

Iran hacking threats

By Pooya Stone

IBM has warned that state-sponsored Iranian hackers, notably APT34 “and at least one other group, [also] likely based out of Iran”, have created new “malicious malware” to target “industrial and energy sectors” in the Middle East.

Although no specific companies were identified, the nature of the attack is unsurprising as Iran’s ongoing conflict with America and its allies has made these sectors a target.

APT34 has been in the news several times over the past year, including through its use of LinkedIn during a phishing attack, but the identity of the other group that is more interesting. Cybersecurity experts believe that the other group is Iran’s APT33, possibly the most famous Iranian threat actor, because of the sectors it is targeting and its wiper malware.

APT33 is responsible for the Microsoft Outlook exploit in July, which used its own virtual private network (VPN) to conceal the attack, and the 2012 Shamoon attack on Saudi Aramco, which wiped most of the data from the state-owned energy company’s computers.

The new wiper malware has been named “ZeroCleare” by IBM’s X-Force team, who wrote in their report: “We were not surprised to find that ZeroCleare bears some similarity to the Shamoon malware—ZeroCleare aims to overwrite the Master Boot Record (MBR) and disk partitions on Windows-based machines.”

The malware used EldoS RawDisk to clear the MBR and damage disk partitions on many networked devices. IBM thinks this is the first time that this strain of malware has been used.

The report read: “[This sows] the seeds of a destructive attack that could affect thousands of devices and cause disruption that could take months to fully recover from.”

Iran’s hackers are demonstrating an increasingly advanced set of cyber weapons to target certain industries in the Middle East and this is a big concern for cybersecurity.

IBM said: “[The attacks represent a] low-cost, and potentially non-attributable means of conducting hostile, and even warlike activity, [which has the] potential to disrupt critical services, damage or destroy highly specialized equipment, and ultimately inflict detrimental cascading effects upon global energy security and industries.”

For the Iranian government, cyber warfare means that they can attack states, like Saudi Arabia, the US, and the UK, much more easily and with less danger of retaliation than if they conducted a military strike. Cyberwarfare has become a bigger threat in 2019 and it is only set to get worse in the years to come.

Latest news

Land Subsidence in Critical Conditions in Isfahan

Mehdi Toghyani, a member of the Iranian regime’s Majlis (parliament), pointed to the occurrence of land subsidence in various...

Iran’s Actual Inflation Rate Higher Than Official Stats

The state-run Donya-e-eqtesad newspaper, in a report analyzing the "general sentiment" regarding inflation in 2023, has stated that households...

Iranian Workers’ Monthly $136 Wages Can’t Cover $500 Expenses

The lives of a significant portion of the Iranian population are marked by uncertainty, largely because the Iranian economy...

Iranian Nurses Earn Twice Their Wages in Ride-Hailing Services

Reza Aryanpour, a member of the regime’s Majlis (parliament) Health and Treatment Commission, highlighted the growing trend of nurses...

Iran: Unprecedented Record of 152 Million Liters of Gasoline Consumption Per Day

On March 19, Iran set a new historical record in gasoline consumption with 152 million liters consumed in one...

Iran’s Youths Have Highest Unemployment Rate

The Iranian regime’s Eghtesad News website reported that data from the Statistical Center of Iran shows that the youth...

Must read

Hundreds, Including Kids, Infected with HIV in One Iranian Village

By Pooya Stone At least 300 people, including children,...

Iran says oil revenues down by half: paper

Reuters: Iran's oil revenues have been cut in half...

You might also likeRELATED
Recommended to you