China and Iran cyberattacks are increasing and worse than officials thought, new report says
China and Iran cyberattacks are increasing and worse than officials thought, new report says
Iran and China’s cyberattacks against the U.S. are increasing and worse than officials previously thought, a new report has revealed.
Iran’s hacking attacks have ramped up against U.S. entities, targeting “dozens of corporations and multiple United States agencies,” seven anonymous sources told The New York Times. These numbers exceed those previously reported.
At the same time, Chinese hackers have also increased their efforts in gathering trade secrets and sensitive military data from both contractors and companies, nine intelligence sources told the Times, which unveiled its report Monday.
An intelligence briefing relayed to the Times described that Boeing, General Electric Aviation and T-Mobile were some of various entities recently targeted in China’s espionage efforts.
National Security Agency analysts, as well as those at the security firm FireEye, identified Iran as the source behind many of the recent attacks.
FireEye’s report last month identified Iran “with moderate confidence” due to evidence of hacking targets that aligned with Iranian government interests.
The report also said the Iranian hackers were conducting phishing schemes by hacking into Domain Name System (DNS) functions of notable entities from North America and the Middle East, then making their emails appear as they would from legitimate sources. The scheme would encourage more unsuspecting users to click links and attachments that would then expose their information.
“The entities targeted by this group include Middle Eastern governments whose confidential information would be of interest to the Iranian government and have relatively little financial value,” the analysts said. “A large number of organizations have been affected by this pattern of DNS record manipulation… They include telecoms and [Internet service providers], internet infrastructure providers, government and sensitive commercial entities.”
CrowdStrike researchers observed an increase in cyber activities originating from Iran immediately after President Donald Trump withdrew from the Iran nuclear agreement in May 2018, the New York Times reported at the time.
—
Read More: American Military News
Iran Briefing | News Press Focus on Human Rights Violation by IRGC, Iran Human Rights