Iranian Hackers Spent Three Years Quietly Attacking 2,000 U.S. Computers

They seem to be getting better and better at infiltrating U.S. systems — and intelligence officials have noticed.

National Journal
Marina Koren
Add to Briefcase
Marina Koren
May 29, 2014, 7:45 a.m.

It was the “most elab­or­ate so­cial-en­gin­eer­ing cam­paign” these se­cur­ity re­search­ers had ever seen.

A new re­port from iSight Part­ners, a Dal­las-based com­puter-se­cur­ity firm, ex­posed on Thursday a three-year cyberes­pi­on­age cam­paign car­ried out by Ir­a­ni­an hack­ers. The di­git­al at­tacks, which in­fec­ted about 2,000 U.S. per­son­al com­puters since 2011, tar­geted mem­bers of the U.S. mil­it­ary and Con­gress, as well as dip­lo­mats, lob­by­ists, and Wash­ing­ton-based journ­al­ists.

The long-term cam­paign, dubbed “News­caster” by the se­cur­ity firm, em­ployed a dozen fake so­cial-me­dia ac­counts on sites such as Face­book, Twit­ter, and Linked­In. Hack­ers sent tar­gets links that, when ac­cessed, would un­leash mal­ware. They dir­ec­ted people to fake lo­gin screens to steal their user names and pass­words. They im­per­son­ated journ­al­ists and de­fense con­tract­ors, and even set up a fake news web­site to lure vic­tims.

All signs poin­ted to Ir­an as the source. Nicole Per­l­roth writes in The New York Times:

There were many clues. The fake News­On­ web­site was re­gistered in Tehran and sites that hack­ers used to de­ploy their mal­ware were also hos­ted in Ir­an. The mal­ware that the hack­ers used con­tained sev­er­al Per­sian words. The time stamps of hack­ers’ activ­ity tracked with pro­fes­sion­al work­ing hours in Tehran. They even took the day off on Ir­a­ni­an week­ends and hol­i­days.

An­oth­er tell­tale sign, re­search­ers said, was the con­tent the hack­ers pos­ted on their per­so­nas’ so­cial me­dia. In some cases, they pos­ted Ir­a­ni­an jokes to their Face­book pages. One hack­er used a Face­book page to ask fol­low­ers, “What’s kind of sanc­tion will lead to un­der­min­ing the Ir­a­ni­an na­tion?”

It’s un­clear ex­actly what in­form­a­tion these hack­ers stole. But the fact that such a highly co­ordin­ated at­tack went un­noticed for sev­er­al years sug­gests that the tech­nic­al skills of Ir­a­ni­an hack­ers, usu­ally out­done by far-su­per­i­or Chinese and Rus­si­an hack­ers, are im­prov­ing. This time last year, a wave of at­tacks tar­get­ing Amer­ic­an en­ergy com­pan­ies was traced to Ir­an. Back then, U.S. in­tel­li­gence of­fi­cials were already wor­ried about Ir­a­ni­an hack­ers’ grow­ing tal­ents.

What We're Following See More »
Obamacare Premiums Set to Soar Next Year
39 minutes ago

The "benchmark" Obamacare silver plan—"upon which federal subsidies are based—will cost an average of $296 a month next year," an increase of 22% over current averages. That figure, however, "masks wide variation among the states. In Arizona, the benchmark plan's average premium will increase 116% in 2017. Arizona had the lowest rates of any state this year, said Kathryn Martin, an acting assistant secretary at the U.S. Department of Health & Human Services. In Indiana, the benchmark plan will be 3% cheaper."

Ron Klain in Line to Be Clinton’s Chief of Staff?
40 minutes ago

Sources tell CNN that longtime Democratic operative Ron Klain, who has been Vice President Biden's chief of staff, is "high on the list of prospects" to be chief of staff in a Clinton White House. "John Podesta, the campaign chairman, has signaled his interest in joining the Cabinet, perhaps as Energy secretary."

Uphill Battle for AT&T/Time Warner Deal
40 minutes ago

"AT&T Inc.’s $85.4 billion deal to buy Time Warner Inc. sails toward two cresting waves of opposition: resurgent antitrust enforcement in Washington and politicians fired by a new bipartisan populist rage. It is too early to know how regulators will treat the AT&T-Time Warner deal. But after several quiet years, President Barack Obama’s antitrust team has switched into high gear in response to a recent spurt of deal-making," a trend that's likely to continue into the next administration. The Obama Justice Department has scuttled 43 mergers, "more than double the mergers blocked by the preceding Bush Justice Department."

CNN/ORC Has Clinton Up 5 Points
14 hours ago

Hillary Clinton leads Donald Trump 49%-44% in a new CNN/ORC poll out Monday afternoon. But it's Gary Johnson's performance, or lack thereof, that's the real story. Johnson, who had cleared 10% in some surveys earlier this fall, as he made a bid to qualify for the debates, is down to 3% support. He must hit 5% nationwide for the Libertarian Party to qualify for some federal matching funds in future elections.

McCarthy, Pelosi Team Up on National Guard Bonuses
16 hours ago

The majority and minority leader of the House are both saying "California's veterans are not to blame for being mistakenly overpaid, after a Los Angeles Times story revealed that officials are trying to claw back millions in bonuses from California National Guardsmen. House Majority Leader Kevin McCarthy called the efforts to recoup the money 'disgraceful,' and asked for the Department of Defense to waive the repayments soldiers would be forced to make if they inappropriately received re-enlistment bonuses for the wars in Iraq and Afghanistan." Minority Leader Nancy Pelosi said she's looking for a "legislative fix" in the lame-duck session.


Welcome to National Journal!

You are currently accessing National Journal from IP access. Please login to access this feature. If you have any questions, please contact your Dedicated Advisor.