A cyber security company has uncovered evidence of a three-year Iranian-backed online espionage campaign. iSight Partners officials said that, among others, the hackers spied on top government officials and military personnel in the United States and Israel.
The hackers created fake personas through social networking sites, such as Facebook, Twitter, LinkedIn, Google+, and Blogger.
iSight claimed, “The targeting, operational schedule, and infrastructure used in this campaign is consistent with Iranian origins.” The hours seemed to conform to the work hours in Iran, as the hackers worked only half the day on Thursday and never on Friday, which is the Iranian weekend. iSight also analyzed that other leads, such as the individuals targeted, ultimately led them to determine that Iran was behind the operation.
A four-star Navy admiral was targeted, along with U.S. government representatives and diplomatic personnel. American pro-Israel groups were also targeted in the cyber espionage pursuit. Leaders in the UK, Saudi Arabia, Syria, Iraq, and Afghanistan were potentially compromised.
The company refused to specify the exact identities of the victims, and they were unsure what was specifically stolen. However, they were able to report that the hackers were looking to obtain government and corporate credentials to access their networks.
“If it’s been going on for so long, clearly they have had success,” an iSight vice president said of the three-year campaign.
The hackers created six fake “personas” who worked for a nonexistent news website. They created eight additional fake identities claiming to work for government and private defense contractors.
iSight determined the stolen data could be used to “support the development of weapon systems, provide insight into the disposition of the U.S. military or the U.S. alliance with Israel, or impart an advantage in negotiations between Iran and the U.S., especially with regards to sanctions and proliferation issues.”
The company worried that there may be additional victims who are at risk as a result of the cyber scheme. iSight strongly recommends that individuals who fear they may have been a victim to immediately contact the Federal Bureau of Investigation.