US, Iranian hackers in tit-for-tat cyberattacks amid rising tensions

A US Department of Justice employee puts up a poster of the seven indicted hackers prior to a news conference on March 2 in Washington. (AFP)
Updated 23 June 2019
Follow

US, Iranian hackers in tit-for-tat cyberattacks amid rising tensions

  • Iran has long targeted the US oil and gas sectors and other critical infrastructure
  • Tensions spiked this past week after Iran shot down an unmanned US drone

WASHINGTON: US military cyber forces launched a strike against Iranian military computer systems on Thursday as President Donald Trump backed away from plans for a more conventional military strike in response to Iran’s downing of a US surveillance drone, US officials said Saturday.
Two officials told The Associated Press that the strikes were conducted with approval from Trump. A third official confirmed the broad outlines of the strike. All spoke on condition of anonymity because they were not authorized to speak publicly about the operation.
The cyberattacks — a contingency plan developed over weeks amid escalating tensions — disabled Iranian computer systems that controlled its rocket and missile launchers, the officials said. Two of the officials said the attacks, which specifically targeted Iran’s Islamic Revolutionary Guard Corps computer system, were provided as options after Iranian forces blew up two oil tankers earlier this month.
The IRGC, which was designated a foreign terrorist group by the Trump administration earlier this year, is a branch of the Iranian military.
The action by US Cyber Command was a demonstration of the US’s increasingly mature cyber military capabilities and its more aggressive cyber strategy under the Trump administration. Over the last year US officials have focused on persistently engaging with adversaries in cyberspace and undertaking more offensive operations.
Tensions have escalated between the two countries ever since the US withdrew last year from the 2015 nuclear deal with Iran and began a policy of “maximum pressure.” Iran has since been hit by multiple rounds of sanctions. Tensions spiked this past week after Iran shot down an unmanned US drone — an incident that nearly led to a US military strike against Iran on Thursday evening.
The cyberattacks are the latest chapter in the US and Iran’s ongoing cyber operations targeting the other. Yahoo News first reported the cyber strike.

Iranian attacks
In recent weeks, hackers believed to be working for the Iranian government have targeted US government agencies, as well as sectors of the economy, including finance, oil and gas, sending waves of spear-phishing emails, according to representatives of cybersecurity companies CrowdStrike and FireEye, which regularly track such activity. This new campaign appears to have started shortly after the Trump administration imposed sanctions on the Iranian petrochemical sector this month.
It was not known if any of the hackers managed to gain access to the targeted networks with the emails, which typically mimic legitimate emails but contain malicious software.
Tensions have run high between the two countries since the US withdrew from the 2015 nuclear deal with Iran last year and began a policy of “maximum pressure.” Iran has since been hit by multiple rounds of sanctions. Then Iran shot down an unmanned US drone this week.
“Both sides are desperate to know what the other side is thinking,” said John Hultquist, director of intelligence analysis at FireEye. “You can absolutely expect the regime to be leveraging every tool they have available to reduce the uncertainty about what’s going to happen next, about what the US’s next move will be.”
CrowdStrike shared images of the spear-phishing emails with the AP.
One such email that was confirmed by FireEye appeared to come from the Executive Office of the President and seemed to be trying to recruit people for an economic adviser position. Another email was more generic and appeared to include details on updating Microsoft Outlook’s global address book.
The Iranian actor involved in the cyberattack, dubbed “Refined Kitten” by CrowdStrike, has for years targeted the US energy and defense sectors, as well as allies such as Saudi Arabia and the United Arab Emirates, said Adam Meyers, vice president of intelligence at CrowdStrike.
The Department of Homeland Security said in a statement released Saturday that its agency tasked with infrastructure security has been aware of a recent rise in malicious cyber activities directed at US government agencies by Iranian regime actors and proxies.
Cybersecurity and Infrastructure Security Agency Director Christopher C. Krebs said the agency has been working with the intelligence community and cybersecurity partners to monitor Iranian cyber activity and ensure the US and its allies are safe.
“What might start as an account compromise, where you think you might just lose data, can quickly become a situation where you’ve lost your whole network,” Krebs said.
The National Security Agency would not discuss Iranian cyber actions specifically, but said in a statement to the AP on Friday that “there have been serious issues with malicious Iranian cyber actions in the past.”
“In these times of heightened tensions, it is appropriate for everyone to be alert to signs of Iranian aggression in cyberspace and ensure appropriate defenses are in place,” the NSA said.

"Contentious cyber history"

Iran has long targeted the US oil and gas sectors and other critical infrastructure, but those efforts dropped significantly after the nuclear agreement was signed. After Trump withdrew the US from the deal in May 2018, cyber experts said they have seen an increase in Iranian hacking efforts.

“This is not a remote war (anymore),” said Sergio Caltagirone, vice president of threat intelligence at Dragos Inc. “This is one where Iranians could quote unquote bring the war home to the United States.”
Caltagirone said as nations increase their abilities to engage offensively in cyberspace, the ability of the United States to pick a fight internationally and have that fight stay out of the United States physically is increasingly reduced.
The US has had a contentious cyber history with Iran.
In 2010, the so-called Stuxnet virus disrupted the operation of thousands of centrifuges at a uranium enrichment facility in Iran. Iran accused the US and Israel of trying to undermine its nuclear program through covert operations.
Iran has also shown a willingness to conduct destructive campaigns. Iranian hackers in 2012 launched an attack against state-owned oil company Saudi Aramco, releasing a virus that erased data on 30,000 computers and left an image of a burning American flag on screens.
In 2016, the US indicted Iranian hackers for a series of punishing cyberattacks on US banks and a small dam outside of New York City.
The Defense Department refused to comment on the latest Iranian activity. “As a matter of policy and for operational security, we do not discuss cyberspace operations, intelligence or planning,” Pentagon spokeswoman Heather Babb said in a statement. The White House did not respond to a request for comment.
Despite the apparent cyber campaign, experts say the Iranians would not necessarily immediately exploit any access they gain into computer systems and may seek to maintain future capabilities should their relationship with the US further deteriorate.
“It’s important to remember that cyber is not some magic offensive nuke you can fly over and drop one day,” said Oren Falkowitz, a former National Security Agency analyst. It takes years of planning, he said, but as tensions increase, “cyber impact is going to be one of the tools they use and one of the hardest things to defend against.”


Palestinian boy who lost nine siblings arrives in Italy for treatment

Updated 12 June 2025
Follow

Palestinian boy who lost nine siblings arrives in Italy for treatment

  • According to the United Nations Children’s Fund (Unicef) website, more than 15,000 children have reportedly been killed and over 34,000 injured in almost two years of war in Gaza

MILAN: A group of 17 Palestinian children, including an 11-year-old boy who lost nine siblings in an Israel strike in Gaza last month, arrived in Italy on Wednesday for hospital treatment, accompanied by more than 50 family members.
Adam Al-Najjar, who has multiple fractures, arrived with his mother at Milan’s Linate airport where he was welcomed by Foreign Minister Antonio Tajani, before being transferred to the city’s Niguarda Hospital.
The plane that landed at Linate carried five other injured Palestinian minors, while 11 more arrived on flights to other Italian airports.
The May 23 attack left Adam in a serious condition at Nasser Hospital, one of the few operational medical facilities in southern Gaza.
Adam “is stable, has a head wound that is healing but his left arm is bad, the bones are fractured and the nerves damaged,” his 36-year-old mother, Alaa Al-Najjar, a paediatrician, told Italian newspaper la Repubblica.
Adam’s father, Hamdi Al-Najjar, who was also a doctor, died a week after the attack.
“The damage is in my left hand, there is a problem with the nerves, I can’t feel my fingers. There’s still a lot of pain,” Adam told Turkish news agency Anadolu.
A total of 70 Palestinians were set to arrive in Italy on three military aircraft that set off from Israel’s Eilat airport, the Italian foreign ministry said earlier on Wednesday.
The patients will be treated at hospitals in numerous cities including Milan, Rome, Florence and Bologna.
According to the United Nations Children’s Fund (Unicef) website, more than 15,000 children have reportedly been killed and over 34,000 injured in almost two years of war in Gaza.
Including the latest operation, Prime Minister Giorgia Meloni’s government has so far brought 150 injured Palestinians from Gaza to Italy for treatment, the foreign ministry said.
The Italian government has been a staunch supporter of Israel since the Oct. 7, 2023 attack by Hamas-led militants that killed some 1,200 people and took about 250 hostages to Gaza, according to Israeli figures.
In recent months, Rome has criticized the extent of the Israeli response, and expressed concern as the death toll in Gaza has mounted, while declining to apply sanctions.
Italy was not among numerous European Union countries that called last month for a review of EU-Israeli economic and trade relations.

 


Israel to expel French nationals on Gaza aid boat by end of week

Updated 12 June 2025
Follow

Israel to expel French nationals on Gaza aid boat by end of week

  • All 12 of them have been banned from Israel for 100 years
  • France and Saudi Arabia are co-hosting a UN meeting later this month in New York on steps toward recognizing a Palestinian state and reaching a so-called two-state solution to the conflict

JERUSALEM: Israel is to expel by the end of the week four French nationals held after security forces intercepted their Gaza-bound aid boat, France’s foreign minister said Wednesday, as an Israeli NGO said one of the French campaigners was briefly put in solitary confinement.
The announcement came as France’s prime minister accused activists aboard the boat — who hoped to raise awareness about the humanitarian situation in war-torn Gaza — of capitalizing on the Israeli-Palestinian conflict for political attention.
The four, who include Rima Hassan, a member of European Parliament from the hard-left France Unbowed (LFI) party who is of Palestinian descent, will be deported on Thursday and Friday, French Foreign Minister Jean-Noel Barrot said on X.
They were among 12 people on board the Madleen sailboat which was carrying food and supplies for Gaza before it was intercepted by Israeli forces in international waters off the besieged Palestinian territory on Monday.
Four, including two French citizens and Swedish campaigner Greta Thunberg, agreed to be deported immediately.
The remaining eight were taken into custody after they refused to leave Israel voluntarily, according to Adalah, an Israeli rights NGO representing most of the activists.
All 12 of them have been banned from Israel for 100 years.
Adalah said on Wednesday that Israeli authorities had placed French MEP Hassan and Brazilian activist Thiago Avila in solitary confinement, with Hassan later removed.

“Israeli authorities transferred two of the volunteers — the Brazilian volunteer Thiago Avila and the French-Palestinian European Parliament member Rima Hassan — to separate prison facilities, away from the others, and placed them in solitary confinement,” Adalah said in a statement.
The NGO later said that Hassan had been moved back to Givon prison in Ramla, near Tel Aviv, while Avila remained in isolation.
When asked for comment, Israel’s prison authority referred AFP to the foreign ministry, which said it was checking the reports.
Adalah said Hassan was put in isolation after writing “Free Palestine” on a prison wall.
The NGO said Brazilian activist Avila was placed in isolation “due to his ongoing hunger and thirst strike, which he began two days ago.”
“He has also been treated aggressively by prison authorities, although this has not escalated to physical assault,” it added.
The leader of Hassan’s LFI party in parliament, Mathilde Panot, said France’s prime minister Francois Bayrou had failed to condemn Israel’s actions.
The party’s boss, Jean-Luc Melenchon, accused Bayrou of “abandoning the French prisoners,” and called on President Emmanuel Macron to step in.
“These activists obtained the effect they wanted, but it’s a form of instrumentalization to which we should not lend ourselves,” Bayrou responded in the National Assembly.
It’s “through diplomatic action, and efforts to bring together several states to pressure the Israeli government, that we can obtain the only possible solution” to the conflict, he added.
Foreign Minister Barrot also rejected Panot’s criticism, saying “the admirable mobilization” of French officials had made a rapid resolution of the situation possible “despite the harassment and defamation that they have been subjected to.”

France and Saudi Arabia are co-hosting a UN meeting later this month in New York on steps toward recognizing a Palestinian state and reaching a so-called two-state solution to the conflict.
Israel is facing mounting pressure to allow more humanitarian aid into Gaza, whose entire population the United Nations has warned is at risk of famine.
Israel’s defense minister Israel Katz on Wednesday called on Egypt to block a hundreds-strong pro-Palestinian activist convoy from reaching Gaza, as the group arrived in the Libyan capital of Tripoli.
Palestinian militant group Hamas on October 7, 2023 attacked Israel, resulting in the deaths of 1,219 people on the Israeli side, mostly civilians, according to an AFP tally of official figures.
The health ministry in Hamas-run Gaza says the retaliatory Israeli military offensive has killed at least 55,104 people, the majority civilians. The United Nations considers these figures to be reliable.
Out of 251 taken hostage during the Hamas attack, 54 are still held in Gaza including 32 the Israeli military says are dead.

 


Israel says bodies of two hostages retrieved from Gaza

Updated 11 June 2025
Follow

Israel says bodies of two hostages retrieved from Gaza

  • Yair Yaakov was seized in the Hamas-led October 7, 2023 attack on Israel and killed the same day

JERUSALEM: Israeli forces have retrieved the bodies of two hostages from the Gaza Strip, the military said Wednesday, as Israel presses its offensive in the Palestinian territory.
A military statement said a joint operation by the army and the Shin Bet security agency recovered the bodies of Yair Yaakov and “an additional hostage whose name has not yet been cleared for publication” from the Khan Yunis area of southern Gaza.
Yaakov, a member of Kibbutz Nir Oz, was 59 when he was seized in the Hamas-led October 7, 2023 attack on Israel and killed the same day.
The military statement said he had been abducted and killed by fighters from Islamic Jihad, a Hamas ally.
Yaakov was abducted along with his partner Meirav Tal, as they sheltered in their safe room in Nir Oz.
She was freed on November 28, 2023 during the first truce.
Abducted separately at the home of their mother, Yair’s two children Yagil and Or were also released on November 27 during the first truce.
Nir Oz was one of the communities hit hardest by the attack, with nearly a quarter of its residents killed or taken hostage.


Milei says Argentina to move Israel embassy to Jerusalem in 2026

Argentine President Javier Milei attends a Plenum session of the Knesset, Israel’s Parliament, in Jerusalem. (Reuters)
Updated 11 June 2025
Follow

Milei says Argentina to move Israel embassy to Jerusalem in 2026

  • “I am proud to announce before you that in 2026 we will make effective the move of our embassy to the city of west Jerusalem,” Milei told Israeli parliament Wednesday

JERUSALEM: Argentine President Javier Milei said Wednesday his country would move its embassy in Israel to Jerusalem, the status of which is one of the most delicate issues in the Israel-Palestinian conflict.
“I am proud to announce before you that in 2026 we will make effective the move of our embassy to the city of west Jerusalem,” Milei said in a speech in the Israeli parliament during an official state visit.
Argentina’s embassy is currently located near the coastal city of Tel Aviv.
Several countries, including the United States, Paraguay, Guatemala and Kosovo, have moved their embassies to Jerusalem, breaking with international consensus.
Israel has occupied east Jerusalem since 1967, later annexing it in a move not recognized by the international community.
Israel treats the city as its capital, while Palestinians want east Jerusalem to become the capital of a future state.
Most foreign embassies to Israel are located in the coastal hub city of Tel Aviv in order to avoid interfering with negotiations between Israelis and Palestinians.
In 2017, during his first term as US president, Donald Trump unilaterally recognized Jerusalem as Israel’s capital, sparking Palestinian anger and the international community’s disapproval.
The United States transferred its embassy to Jerusalem in May 2018.


Syrian, Egyptian foreign ministers hold talks at Oslo Forum

Updated 11 June 2025
Follow

Syrian, Egyptian foreign ministers hold talks at Oslo Forum

  • Lawmakers exchange views on challenges to regional security

LONDON: The foreign ministers of the Syrian Arab Republic and Egypt held talks on Wednesday on the sidelines of the Oslo Forum 2025 in Norway.

Asaad al-Shaibani and Badr Abdelatty discussed ways to improve collaboration between their countries and exchanged views on the challenges to security and stability in the region, the Syrian Arab News Agency reported.

Saudi Minister of Foreign Affairs Prince Faisal bin Farhan also met Abdelatty on the sidelines of the forum to discuss bilateral relations and the escalating situation in the Gaza Strip and occupied West Bank.

The Oslo Forum is an annual event organized by the Norwegian Ministry of Foreign Affairs in collaboration with the Center for Humanitarian Dialogue in Switzerland. It provides a platform for global leaders, decision-makers and conflict mediators to share their experiences and discuss pathways to peace.