Friday, May 30, 2014

Cyberespionage Attacks Tied to Hackers in Iran - NYTimes.com

Cyberespionage Attacks Tied to Hackers in Iran - NYTimes.com: An elaborate, three-year cyberespionage campaign against United States military contractors, members of Congress, diplomats, lobbyists and Washington-based journalists has been linked to hackers in Iran.

The campaign compromised the computers of some 2,000 victims and went unnoticed since 2011, according to a report to be released Thursday by iSight Partners, a computer security firm in Dallas.

American intelligence officials have long said Iranian hackers are a serious threat, not for their technical skills, but because of the country’s vow to retaliate for Stuxnet, the computer virus created by the United States and Israel and unleashed on an Iranian nuclear site. But the skills of Iranian hackers were not believed to be on par with hackers in Russia and China.

The new report suggests that the Iranian skills gap may be closing.

“This marks the emergence of Iran on the cyberespionage landscape,” said John Hultquish, the head of cyberespionage intelligence at iSight Partners.

The report details elaborate attacks by a group that has been able to flourish, largely unnoticed.

The campaign, called “Newscaster” by iSight Partners researchers, employed “social engineering.” Hackers used a dozen fake personas and connected with victims over Facebook, LinkedIn, Twitter and YouTube. They sent their targets malicious links, which downloaded malware onto their machines, or directed them to fake login screens to steal the usernames and passwords.