NEW YORK – Iranian hackers are waging a sophisticated espionage campaign targeting the country’s rivals across the Middle East and attacking key defence and intelligence agencies, according to a leading Israeli-American cybersecurity company, a sign of how Iran’s quickly improving cyber attacks have become a new, important prong in a shadow war.
Over the past year, hackers struck at countries including Israel, Saudi Arabia and Jordan in a months-long campaign linked to Iran’s Ministry of Intelligence and Security, according to a new report by the company, Check Point.
The Iranian hackers appeared to gain access to emails from an array of targets, including government staff members, militaries, telecommunications companies and financial organisations, the report said.
The malware used to infiltrate the computers also appeared to map out the networks the hackers had broken into, providing Iran with a blueprint of foreign cyber infrastructure that could prove helpful for planning and executing future attacks.
“The primary purpose of this operation is espionage,” security experts at Check Point wrote in the report, adding that the approach was “notably more sophisticated compared to previous activities” that Check Point had linked to Iran.
Iran’s mission to the United Nations did not respond to an inquiry Monday about the hack.
But Iran’s minister of defence, Brigadier-General Mohammad Reza Ashtiani, said last week in a speech to his country’s defence officials that given the current complex security situation in the Middle East, Iran had to redefine its national defences beyond its geographic borders.
He said that meant utilising new warfare strategies to defend Iran, including the use of space, cyber space and other ways. “Our enemies know that if they make one mistake, the Islamic Republic of Iran will respond with force,” Brig-Gen Ashtiani said, according to Iranian media.
Although the report did not specify what, if any, data Iran had taken, Check Point said the hacking campaign successfully broke into computers associated with the Saudi Arabian ministry of defence, and agencies, banks and telecom firms in several other Middle Eastern countries including Jordan, Kuwait and Oman.
The report also did not specify which Israeli systems had been hacked.
A senior Israeli official dealing with cyber issues has confirmed that in recent months an attack by a group known as LionTail has been underway against local and national government agencies and various institutions in Israel.
The official said that the attacks are identified and handled by Shin Bet, Israel’s internal security agency, and the Israeli National Cyber Directorate.
The Saudi government’s Centre for International Communication, which handles media inquiries, did not immediately respond to a request for comment on Monday. Jordan’s information minister did not immediately respond to a similar request.
The cyber attacks mark a new phase in a digital conflict between Iran and its rivals. The widespread and surprisingly sophisticated hacks, according to Check Point, underscored how Iran has found ways to punch back in an arena where it had been outmuscled.