عربي English Türkçe اردو فارسى
Logo
Latest News
World

Washington Warns of Iranian Piracy Targeting World Sectors

An FBI special agent investigates a scene in Queens, New York March 25, 2010. (Reuters)
An FBI special agent investigates a scene in Queens, New York March 25, 2010. (Reuters)
TT
TT

Washington Warns of Iranian Piracy Targeting World Sectors

An FBI special agent investigates a scene in Queens, New York March 25, 2010. (Reuters)
An FBI special agent investigates a scene in Queens, New York March 25, 2010. (Reuters)

In a joint US-UK operation, US security and law enforcement agencies issued a warning of Iranian-affiliated hacking operations targeting a range of government and private organizations in multiple sectors around the world.

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and other British and US agencies were quoted by Reuters as saying that they had observed Iranian entities, known as MuddyWater, carrying out cyber-espionage targeting the defense, local government, oil and natural gas and telecommunications sectors across the globe.

An alert issued by the US Cyber Security Agency stated that it had revealed, in cooperation with the FBI, the US National Cyber Command Force, and the National Cyber Security Center in the United Kingdom, the presence of “a group of Iranian government-sponsored advanced persistent threat (APT) actors, known as MuddyWater, conducting cyber espionage and other malicious cyber operations targeting a range of government and private-sector organizations across sectors…”

The US Cyber Security Agency said that MuddyWater was a “subordinate element within the Iranian Ministry of Intelligence and Security” and had “conducted broad cyber campaigns in support of MOIS objectives since approximately 2018.”

“MuddyWater actors are positioned both to provide stolen data and accesses to the Iranian government and to share these with other malicious cyber actors,” according to the agency.

The alert read: “MuddyWater actors are known to exploit publicly reported vulnerabilities and use open-source tools and strategies to gain access to sensitive data on victims’ systems and deploy ransomware. These actors also maintain persistence on victim networks via tactics such as side-loading dynamic link libraries (DLLs)—to trick legitimate programs into running malware…”

The US warning comes less than two weeks after the Cyber Security Agency had cautioned against a “new storm” of cyber-attacks targeting individuals and facilities.

A report by the FBI and the Cyber Security Agency of the Department of Homeland Security on Feb. 10 disclosed major plans that some hackers might carry out to target civilian facilities and individuals with the aim to cause wider damage.

However, the latest warning pointed specifically to Iran’s MuddyWater which mainly targeted Middle Eastern, European and North American countries. The group’s victims are mainly in the telecommunications and government sectors, as well as oil.

The group was previously associated with the FIN7, but MuddyWater may have been motivated by espionage.

FIN7 has been working on active financially motivated threats since 2013 and primarily targeting the retail, restaurant and hospitality sectors in the United States, often using point-of-sale malware.

Most Viewed

 
 
World

NATO and Ukraine to Hold Emergency Talks after Russia’s Attack with New Hypersonic Missile

A missile shrapnel lies on the grass in front of damaged rehabilitation center for people with disabilities, following a Russian attack in the Ukrainian city of Dnipro, on November 22, 2024. (AFP)
A missile shrapnel lies on the grass in front of damaged rehabilitation center for people with disabilities, following a Russian attack in the Ukrainian city of Dnipro, on November 22, 2024. (AFP)
TT
TT

NATO and Ukraine to Hold Emergency Talks after Russia’s Attack with New Hypersonic Missile

A missile shrapnel lies on the grass in front of damaged rehabilitation center for people with disabilities, following a Russian attack in the Ukrainian city of Dnipro, on November 22, 2024. (AFP)
A missile shrapnel lies on the grass in front of damaged rehabilitation center for people with disabilities, following a Russian attack in the Ukrainian city of Dnipro, on November 22, 2024. (AFP)

NATO and Ukraine will hold emergency talks Tuesday after Russia attacked a central city with an experimental, hypersonic ballistic missile that escalated the nearly 33-month-old war.

The conflict is “entering a decisive phase,” Poland's Prime Minister Donald Tusk said Friday, and “taking on very dramatic dimensions.”

Ukraine’s parliament canceled a session as security was tightened following Thursday's Russian strike on a military facility in the city of Dnipro.

In a stark warning to the West, President Vladimir Putin said in a nationally televised speech to his nation that the attack with the intermediate-range Oreshnik missile was retaliation for Kyiv’s use of US and British longer-range missiles capable of striking deeper into Russian territory.

Putin said Western air defense systems would be powerless to stop the new missile.

Kremlin spokesman Dmitry Peskov kept up Russia's bellicose tone on Friday, blaming “the reckless decisions and actions of Western countries” in supplying weapons to Ukraine to strike Russia.

"The Russian side has clearly demonstrated its capabilities, and the contours of further retaliatory actions in the event that our concerns were not taken into account have also been quite clearly outlined," he said.

Hungarian Prime Minister Viktor Orban, widely seen as having the warmest relations with the Kremlin in the European Union, echoed Moscow's talking points, suggesting the use of US-supplied weapons in Ukraine likely requires direct American involvement.

“These are rockets that are fired and then guided to a target via an electronic system, which requires the world’s most advanced technology and satellite communications capability,” Orban said on state radio. “There is a strong assumption ... that these missiles cannot be guided without the assistance of American personnel.”

Orban cautioned against underestimating Russia’s responses, emphasizing that the country’s recent modifications to its nuclear deployment doctrine should not be dismissed as a “bluff.” “It’s not a trick... there will be consequences,” he said.

Separately in Kyiv, Czech Foreign Minister Jan Lipavský called Thursday's missile strike an “escalatory step and an attempt of the Russian dictator to scare the population of Ukraine and to scare the population of Europe.”

At a news conference with Ukrainian Foreign Minister Andrii Sybiha, Lipavský also expressed his full support for delivering the necessary additional air defense systems to protect Ukrainian civilians from the “heinous attacks.”

He underlined that the Czech Republic will impose no limits on the use of its weapons and equipment given to Ukraine.

Three lawmakers from Ukraine's parliament, the Verkhovna Rada, confirmed that Friday's previously scheduled session was called off due to the ongoing threat of Russian missiles targeting government buildings in central Kyiv.

In addition, there also was a recommendation to limit the work of all commercial offices and nongovernmental organizations "in that perimeter, and local residents were warned of the increased threat,” said lawmaker Mykyta Poturaiev, who added this is not the first time such a threat has been received.

President Volodymyr Zelenskyy’s office continued to work in compliance with standard security measures, a spokesperson said.

Ukraine’s Main Intelligence Directorate said the Oreshnik missile, whose name in Russian means “hazelnut tree,” was fired from the Kapustin Yar 4th Missile Test Range in Russia’s Astrakhan region, and flew 15 minutes before striking Dnipro. The missile had six nonnuclear warheads each carrying six submunitions and reached a spoeed of Mach 11, it said.

Test launches of a similar missile were conducted in October 2023 and June 2024, the directorate said. The Pentagon confirmed the missile was a new, experimental type of intermediate-range missile based on its RS-26 Rubezh intercontinental ballistic missile.

Thursday's attack struck the Pivdenmash plant that built ICBMs when Ukraine was part of the Soviet Union. The military facility is located about 4 miles (6 1/2 kilometers) southwest of the center of Dnipro, a city of about 1 million that is Ukraine’s fourth-largest and a key hub for military supplies and humanitarian aid, and is home to one of the country’s largest hospitals for treating wounded soldiers from the front before their transfer to Kyiv or abroad.

The stricken area was cordoned off and out of public view. With no fatalities reported from the attack, Dnipro residents resorted to dark humor on social media, mostly focused on the missile’s name, Oreshnik.

Elsewhere in Ukraine, Russia struck a residential district of Sumy overnight with Iranian-designed Shahed drones, killing two people and injuring 13, the regional administration said..

Ukraine’s Suspilne media, quoting Sumy regional head Volodymyr Artiukh, said the drones were stuffed with shrapnel elements. “These weapons are used to destroy people, not to destroy objects,” said Artiukh, according to Suspilne.