Iranian Hackers Spent Three Years Quietly Attacking 2,000 U.S. Computers

They seem to be getting better and better at infiltrating U.S. systems — and intelligence officials have noticed.

National Journal
Marina Koren
Add to Briefcase
Marina Koren
May 29, 2014, 7:45 a.m.

It was the “most elab­or­ate so­cial-en­gin­eer­ing cam­paign” these se­cur­ity re­search­ers had ever seen.

A new re­port from iSight Part­ners, a Dal­las-based com­puter-se­cur­ity firm, ex­posed on Thursday a three-year cyberes­pi­on­age cam­paign car­ried out by Ir­a­ni­an hack­ers. The di­git­al at­tacks, which in­fec­ted about 2,000 U.S. per­son­al com­puters since 2011, tar­geted mem­bers of the U.S. mil­it­ary and Con­gress, as well as dip­lo­mats, lob­by­ists, and Wash­ing­ton-based journ­al­ists.

The long-term cam­paign, dubbed “News­caster” by the se­cur­ity firm, em­ployed a dozen fake so­cial-me­dia ac­counts on sites such as Face­book, Twit­ter, and Linked­In. Hack­ers sent tar­gets links that, when ac­cessed, would un­leash mal­ware. They dir­ec­ted people to fake lo­gin screens to steal their user names and pass­words. They im­per­son­ated journ­al­ists and de­fense con­tract­ors, and even set up a fake news web­site to lure vic­tims.

All signs poin­ted to Ir­an as the source. Nicole Per­l­roth writes in The New York Times:

There were many clues. The fake News­On­Air.org web­site was re­gistered in Tehran and sites that hack­ers used to de­ploy their mal­ware were also hos­ted in Ir­an. The mal­ware that the hack­ers used con­tained sev­er­al Per­sian words. The time stamps of hack­ers’ activ­ity tracked with pro­fes­sion­al work­ing hours in Tehran. They even took the day off on Ir­a­ni­an week­ends and hol­i­days.

An­oth­er tell­tale sign, re­search­ers said, was the con­tent the hack­ers pos­ted on their per­so­nas’ so­cial me­dia. In some cases, they pos­ted Ir­a­ni­an jokes to their Face­book pages. One hack­er used a Face­book page to ask fol­low­ers, “What’s kind of sanc­tion will lead to un­der­min­ing the Ir­a­ni­an na­tion?”

It’s un­clear ex­actly what in­form­a­tion these hack­ers stole. But the fact that such a highly co­ordin­ated at­tack went un­noticed for sev­er­al years sug­gests that the tech­nic­al skills of Ir­a­ni­an hack­ers, usu­ally out­done by far-su­per­i­or Chinese and Rus­si­an hack­ers, are im­prov­ing. This time last year, a wave of at­tacks tar­get­ing Amer­ic­an en­ergy com­pan­ies was traced to Ir­an. Back then, U.S. in­tel­li­gence of­fi­cials were already wor­ried about Ir­a­ni­an hack­ers’ grow­ing tal­ents.

What We're Following See More »
STAKES ARE HIGH
Debate Could Sway One-Third of Voters
7 hours ago
THE LATEST

"A new Wall Street Journal/NBC News poll found that 34% of registered voters think the three presidential debates would be extremely or quite important in helping them decide whom to support for president. About 11% of voters are considered 'debate persuadables'—that is, they think the debates are important and are either third-party voters or only loosely committed to either major-party candidate."

Source:
YOU DON’T BRING ME FLOWERS ANYMORE
Gennifer Flowers May Not Appear After All
7 hours ago
THE LATEST

Will he or won't he? That's the question surrounding Donald Trump and his on-again, off-again threats to bring onetime Bill Clinton paramour Gennifer Flowers to the debate as his guest. An assistant to flowers initially said she'd be there, but Trump campaign chief Kellyanne Conway "said on ABC’s 'This Week' that the Trump campaign had not invited Flowers to the debate, but she didn’t rule out the possibility of Flowers being in the audience."

Source:
HAS BEEN OFF OF NEWSCASTS FOR A WEEK
For First Debate, Holt Called on NBC Experts for Prep
7 hours ago
THE DETAILS

NBC's Lester Holt hasn't hosted the "Nightly News" since Tuesday, as he's prepped for moderating the first presidential debate tonight—and the first of his career. He's called on a host of NBC talent to help him, namely NBC News and MSNBC chairman Andy Lack; NBC News president Deborah Turness; the news division's senior vice president of editorial, Janelle Rodriguez; "Nightly News" producer Sam Singal, "Meet the Press" host Chuck Todd, senior political editor Mark Murray and political editor Carrie Dann. But during the debate itself, the only person in Holt's earpiece will be longtime debate producer Marty Slutsky.

Source:
WHITE HOUSE PROMISES VETO
House Votes to Bar Cash Payments to Iran
7 hours ago
THE DETAILS

"The House passed legislation late Thursday that would prohibit the federal government from making any cash payments to Iran, in protest of President Obama's recently discovered decision to pay Iran $1.7 billion in cash in January. And while the White House has said Obama would veto the bill, 16 Democrats joined with Republicans to pass the measure, 254-163."

Source:
NO SURPRISE
Trump Eschewing Briefing Materials in Debate Prep
7 hours ago
THE DETAILS

In contrast to Hillary Clinton's meticulous debate practice sessions, Donald Trump "is largely shun­ning tra­di­tion­al de­bate pre­par­a­tions, but has been watch­ing video of…Clin­ton’s best and worst de­bate mo­ments, look­ing for her vul­ner­ab­il­it­ies.” Trump “has paid only curs­ory at­ten­tion to brief­ing ma­ter­i­als. He has re­fused to use lecterns in mock de­bate ses­sions des­pite the ur­ging of his ad­visers. He prefers spit­balling ideas with his team rather than hon­ing them in­to crisp, two-minute an­swers.”

Source:
×