Get started on your cybersecurity degree at American Military University. |
By LTC Steven Howard, U.S. Army (Ret.)
Contributor, InCyberDefense
An Iranian hacker group known as “Leafminer” recently attacked government networks in Saudi Arabia, the United Arab Emirates, Qatar, Kuwait, Bahrain, Egypt, Israel, and Afghanistan. The U.S. cybersecurity firm Symantec first reported the attacks on August 2.
According to Symantec, the targets included “energy, telecommunications, financial services, transportation, and government” sectors. The company states that the attacks began in early 2017, but have increased since the end of last year.
Iranian Cyber Attack Used Multiple Methods of Intrusion
The most common means of intrusion used in the Leafminer attacks were brute-force login attempts and watering-hole style attacks that involved malware infections on websites often visited by government network users.
Symantec reportedly discovered a compromised web server that was used in several of the attacks. The report goes on to say that the hackers “made a major blunder in leaving a staging server publicly accessible, exposing the group’s entire arsenal of tools. That one misstep provided us with a valuable trove of intelligence to help us better defend our customers against further Leafminer attacks.”
Comments are closed.