British Spooks have rumbled an alleged Russia-based group of cyber hackers masquerading as Iranian crooks.
The Turla terror group routinely targets governments, the military, and technology, energy and commercial firms to collect intelligence.
They were rumbled after an 18 month probe by the National Cyber Security Centre (NCSC), working with US counterparts, after a 'UK academic' organisation was hit.
Turla are believed to have hijacked an alleged state-backed Iranian hacking group known as OilRig or APT43, to subsequently carry out attacks on 35 countries, mostly in the Middle East.
The NCSC, part of the Government Communications Headquarters, said they believed Turla wanted to masquerade as another adversary to throw the scent off their own work.
The agency's director of operations Paul Chichester said there was no evidence to suggest Iran was complicit in the cyberhack, nor is there any suggestion of collusion.
He added: 'This is a group of opportunists being inventive – we have got no evidence to suggest this is a politically led campaign.'
Mr Chichester said exposing Turla was particularly significant because of the new method of espionage it used.
In a briefing to journalists, he said: 'We want to call out this behaviour and share the knowledge.
'This is more assessment than fact – I think initially it looked more like an attempt to see how far they could go.
'That has given them, over time, a range of capabilities should they chose to do it.
'This is a real change in the modus operandi of a cyber attack.'
He said by compromising their operational platforms, the group was hitting 'where the APT34's crown jewels are'.
Mr Chichester added: 'We have never seen these done to the significance it has been done here, it is unique in its complexity.
'It is not linked to a broader Russian campaign, we're calling it out because it is a new technique.
'There is not enough known about this in the public domain.'
Got a story for Metro.co.uk?
Get in touch with our news team by emailing us at webnews@metro.co.uk. For more stories like this, check our news page.
via https://ift.tt/31xlmIL
No comments:
Post a Comment