Iran

Report: Iranian Hackers Linked to Sophisticated Cyber-Attacks on Political Dissidents

Iranian dissidents abroad who are falling victim to sophisticated cyber-attacks are likely being targeted by Iranian hackers who seek “to steal their email communications and contacts,” according to a report released this week by Canadian researchers, Voice of America reported yesterday.

The report, titled “London Calling,” details a multi-layered, real-time phishing campaign that uses a cybersecurity technique known as “two-factor authorization” – often employed to bolster online security – to trick its targets. …

The ploy basically worked like this: A target would receive an early-morning phone call, usually from London. The caller, pretending to be a trusted source, would inform the target that he or she would soon receive a Google document, which would arrive almost instantly at the target’s Gmail account.

“So before you’re fully awake, you get something that looks legitimate,” Scott-Railton told VOA. “But what you’re actually looking at is a fake Web page controlled by the attackers.”

The report’s authors, who are based at the Citizen Lab research center in the University of Toronto, wrote that Iranian dissidents are the frequent targets of these hacking schemes. While many of the victims requested anonymity, the Associated Press quoted one activist who said he was contacted by the hackers:

Omid Memarian, an exiled Iranian journalist living in New York, says the hackers contacted him in June through Google Chat messages, phone calls and emails, telling him he needed to change his Gmail password. He realized it was a phishing attempt and didn’t hand over his information, but the hackers’ repeated attempts made him fear that his account had been compromised.

Memarian, who speaks out frequently through mainstream and social media about jailed reporters in Iran and other human-rights issues, says that while he’s received generic phishing emails before, it was “terrifying” to know that he had been personally targeted by the hackers.

“There’s no doubt that this comes from Iran’s Revolutionary Guard, which has been very vicious against the free press and free speech,” Memarian says.

According to a report in The Daily Beast, Iranian ex-patriot Roya Hakakian was also likely targeted in the campaign. Hakakian, a secular poet and human rights advocate, recently wrote an op-ed in The Forward criticizing the Iranian regime’s manipulation of foreign journalists.

Cyber-attacks against Israel by Iran and its terrorist proxies, Hamas and Hezbollah, have also increased in the past year, according to a recent report in The Times of Israel.

Late last year, a report found that state-sponsored Iranian hackers had managed to attack transportation systems and even “[gain] complete remote access to airport gates and security control systems.”

In Iran Has Built an Army of Cyber-Proxies, which was published in the August 2015 of The Tower Magazine, Jordan Brunner examined how Iran rose to become a world leader in cyber-warfare.

The relatively inexpensive nature of computers and the wealth of students who are easily trainable in the arts of cyber-warfare have made cyber-capability increasingly attractive to rogue regimes like Iran. In contrast to the Iranian nuclear program, which has drawn the attention of world powers and forced Iran to negotiate with the United States in order to gain relief from heavy sanctions, Iran’s cyber-force draws much less attention and cannot be monitored as easily as a nuclear program. Worse still, it seems that Iran’s surreptitious development of its cyber-capabilities will only expand. Ian Bremmer, president of the global consulting firm Eurasia Group and editor-at-large at Time magazine, recently tweeted, “In 10 years’ time, Iran’s cyber capabilities will be more troubling than its nuclear program.”

[Photo: iloque / Flickr ]