On February 9, the Sydney Morning Herald reported that a Hezbollah-linked hacking group dubbed Volatile Cedar had targeted servers run by the Australian-based technology giant Atlassian, as well as those from US-based Oracle, across the globe with remote access trojans (RATs). The potential security and criminal implications of the hack are significant, as Hezbollah was able to vacuum up a lot of personal data, including client call records.
Troy Hunt, an independent security researcher cited in the report, asks, “If it’s a state-backed hack, are there critical infrastructure services using these products for power plants, sewage treatment, airports? Is it partly corporate espionage, people looking for trade secrets, information to gain a competitive advantage?”
Hezbollah is the Lebanese proxy of Iran’s Islamic Revolutionary Guard Corps (IRGC), making this, in essence, a state-backed hack. While Hezbollah receives significant funding from Iran, it also runs a global criminal enterprise spanning the range of criminal activities, including, it now appears, cybercrime. This provides a lucrative funding stream, especially useful now that Iran is under crushing sanctions.
On February 9, the Sydney Morning Herald reported that a Hezbollah-linked hacking group dubbed Volatile Cedar had targeted servers run by the Australian-based technology giant Atlassian, as well as those from US-based Oracle, across the globe with remote access trojans (RATs). The potential security and criminal implications of the hack are significant, as Hezbollah was able to vacuum up a lot of personal data, including client call records. Troy Hunt, an independent security researcher cited in the report, asks, “If it’s a state-backed hack, are there critical infrastructure services using these products for power plants, sewage treatment, airports? Is it partly corporate espionage, people looking for trade secrets, information to gain a competitive advantage?” Hezbollah is the Lebanese proxy of Iran’s Islamic Revolutionary Guard Corps (IRGC), making this, in essence, a state-backed hack. While Hezbollah receives significant funding from Iran, it also runs a global criminal enterprise spanning the range of criminal activities, including, it now appears, cybercrime. This provides a lucrative funding stream, especially useful now that Iran is under crushing sanctions. Hezbollah cyberattack Hezbollah cyberattack Hezbollah cyberattack