Iranian hackers are targeting nuclear experts and other officials in the United States and as abroad, as the US, led by Secretary of State Mike Pompeo, and other European nations spoke before the UN Security Council to encourage the global body to increase pressure on Iran.
In the last month, have tried to break into the emails of more than a dozen US Treasury officials, a new investigation by the Associated Press (AP) found.
Following the re-imposition of harsh economic sanctions on Iran last month, hackers from that nation have launched an attack on American officials, as well as, other enforcers, defenders and detractors of the nuclear deal struck between Iran and the US, which includes Arab atomic scientists, Iranian civil society figures and employees of Washington, D.C., think tanks.
In a related story, US Secretary of State Mike Pompeo has called for a “coalition of responsible nations” to push back against the malign actions of Iran. At the same time, the US and several European countries are taking their concerns to the UN Security Council in order to ramp up pressure on the regime.
Using data that had been gathered by the London-based cybersecurity group Certfa, the Associated Press learned that a hacking group named Charming Kitten had spent the past month targeting a wide group of individuals linked to the Tehran nuclear deal and US sanctions. One of the most alarming findings was that the hackers were targeting foreign nuclear experts.
Certfa researchers published a report last Thursday tying the hackers to the Iranian government. They came to this conclusion by studying certain operational blunders, which included instances where hackers had accidentally revealed the computers they were operating from, which were located inside Iran.
To verify their conclusion, Certfa reached out to Atlanta-based Secureworks, a firm familiar with the hacking group’s past operations, who concurred with Certfa’s report that the hackers were Iranian government-backed.
Outside experts and both researcher firms all agree that the “the targets are very specific” and information uncovered in the operations are “clear-cut” in linking the hackers to the Iranian government.
Researchers at Certfa stumbled across a “hit list” of individuals the hackers had targeted, when the hacking group Charming Kitten had accidentally left one of its servers open to access from the Internet. On the server, the researchers found a list containing 77 Gmail and Yahoo email addresses that hackers had targeted. They gave the list to the Associated Press for further analysis.
The researchers and the AP say it’s unclear how many of the accounts had been successfully compromised. They add that the 77 email addresses found may only represent a fraction of the overall effort and targets of the hacking group.
Nonetheless, the find provided considerable insight into the priorities of Tehran’s espionage efforts.
In a related story, Pompeo called on the UN Security Council to “get serious” about pushing back at Iranian.
“Iran has exploited the goodwill of nations and defied multiple Security Council Resolutions in its quest for a robust ballistic missile force,” Pompeo told the Council. “The United States will never stand for this.”
The meaning of the UN Security Council follows a medium-range ballistic missile test earlier this month by Tehran. Pompeo said the launch was in violation of Security Council Resolution 2231, the document that enshrined the 2015 Iran deal, called the Joint Comprehensive Plan of Action (JCPoA), negotiated under the Obama administration.