Search form

You are here

  • Home
  • US, Iranian hackers in tit-for-tat cyberattacks amid rising tensions


US, Iranian hackers in tit-for-tat cyberattacks amid rising tensions

A US Department of Justice employee puts up a poster of the seven indicted hackers prior to a news conference on March 2 in Washington. (AFP)
Updated 23 June 2019
AP
Follow

US, Iranian hackers in tit-for-tat cyberattacks amid rising tensions

  • Iran has long targeted the US oil and gas sectors and other critical infrastructure
  • Tensions spiked this past week after Iran shot down an unmanned US drone
Updated 23 June 2019
AP

WASHINGTON: US military cyber forces launched a strike against Iranian military computer systems on Thursday as President Donald Trump backed away from plans for a more conventional military strike in response to Iran’s downing of a US surveillance drone, US officials said Saturday.
Two officials told The Associated Press that the strikes were conducted with approval from Trump. A third official confirmed the broad outlines of the strike. All spoke on condition of anonymity because they were not authorized to speak publicly about the operation.
The cyberattacks — a contingency plan developed over weeks amid escalating tensions — disabled Iranian computer systems that controlled its rocket and missile launchers, the officials said. Two of the officials said the attacks, which specifically targeted Iran’s Islamic Revolutionary Guard Corps computer system, were provided as options after Iranian forces blew up two oil tankers earlier this month.
The IRGC, which was designated a foreign terrorist group by the Trump administration earlier this year, is a branch of the Iranian military.
The action by US Cyber Command was a demonstration of the US’s increasingly mature cyber military capabilities and its more aggressive cyber strategy under the Trump administration. Over the last year US officials have focused on persistently engaging with adversaries in cyberspace and undertaking more offensive operations.
Tensions have escalated between the two countries ever since the US withdrew last year from the 2015 nuclear deal with Iran and began a policy of “maximum pressure.” Iran has since been hit by multiple rounds of sanctions. Tensions spiked this past week after Iran shot down an unmanned US drone — an incident that nearly led to a US military strike against Iran on Thursday evening.
The cyberattacks are the latest chapter in the US and Iran’s ongoing cyber operations targeting the other. Yahoo News first reported the cyber strike.

Iranian attacks
In recent weeks, hackers believed to be working for the Iranian government have targeted US government agencies, as well as sectors of the economy, including finance, oil and gas, sending waves of spear-phishing emails, according to representatives of cybersecurity companies CrowdStrike and FireEye, which regularly track such activity. This new campaign appears to have started shortly after the Trump administration imposed sanctions on the Iranian petrochemical sector this month.
It was not known if any of the hackers managed to gain access to the targeted networks with the emails, which typically mimic legitimate emails but contain malicious software.
Tensions have run high between the two countries since the US withdrew from the 2015 nuclear deal with Iran last year and began a policy of “maximum pressure.” Iran has since been hit by multiple rounds of sanctions. Then Iran shot down an unmanned US drone this week.
“Both sides are desperate to know what the other side is thinking,” said John Hultquist, director of intelligence analysis at FireEye. “You can absolutely expect the regime to be leveraging every tool they have available to reduce the uncertainty about what’s going to happen next, about what the US’s next move will be.”
CrowdStrike shared images of the spear-phishing emails with the AP.
One such email that was confirmed by FireEye appeared to come from the Executive Office of the President and seemed to be trying to recruit people for an economic adviser position. Another email was more generic and appeared to include details on updating Microsoft Outlook’s global address book.
The Iranian actor involved in the cyberattack, dubbed “Refined Kitten” by CrowdStrike, has for years targeted the US energy and defense sectors, as well as allies such as Saudi Arabia and the United Arab Emirates, said Adam Meyers, vice president of intelligence at CrowdStrike.
The Department of Homeland Security said in a statement released Saturday that its agency tasked with infrastructure security has been aware of a recent rise in malicious cyber activities directed at US government agencies by Iranian regime actors and proxies.
Cybersecurity and Infrastructure Security Agency Director Christopher C. Krebs said the agency has been working with the intelligence community and cybersecurity partners to monitor Iranian cyber activity and ensure the US and its allies are safe.
“What might start as an account compromise, where you think you might just lose data, can quickly become a situation where you’ve lost your whole network,” Krebs said.
The National Security Agency would not discuss Iranian cyber actions specifically, but said in a statement to the AP on Friday that “there have been serious issues with malicious Iranian cyber actions in the past.”
“In these times of heightened tensions, it is appropriate for everyone to be alert to signs of Iranian aggression in cyberspace and ensure appropriate defenses are in place,” the NSA said.

"Contentious cyber history"

Iran has long targeted the US oil and gas sectors and other critical infrastructure, but those efforts dropped significantly after the nuclear agreement was signed. After Trump withdrew the US from the deal in May 2018, cyber experts said they have seen an increase in Iranian hacking efforts.

“This is not a remote war (anymore),” said Sergio Caltagirone, vice president of threat intelligence at Dragos Inc. “This is one where Iranians could quote unquote bring the war home to the United States.”
Caltagirone said as nations increase their abilities to engage offensively in cyberspace, the ability of the United States to pick a fight internationally and have that fight stay out of the United States physically is increasingly reduced.
The US has had a contentious cyber history with Iran.
In 2010, the so-called Stuxnet virus disrupted the operation of thousands of centrifuges at a uranium enrichment facility in Iran. Iran accused the US and Israel of trying to undermine its nuclear program through covert operations.
Iran has also shown a willingness to conduct destructive campaigns. Iranian hackers in 2012 launched an attack against state-owned oil company Saudi Aramco, releasing a virus that erased data on 30,000 computers and left an image of a burning American flag on screens.
In 2016, the US indicted Iranian hackers for a series of punishing cyberattacks on US banks and a small dam outside of New York City.
The Defense Department refused to comment on the latest Iranian activity. “As a matter of policy and for operational security, we do not discuss cyberspace operations, intelligence or planning,” Pentagon spokeswoman Heather Babb said in a statement. The White House did not respond to a request for comment.
Despite the apparent cyber campaign, experts say the Iranians would not necessarily immediately exploit any access they gain into computer systems and may seek to maintain future capabilities should their relationship with the US further deteriorate.
“It’s important to remember that cyber is not some magic offensive nuke you can fly over and drop one day,” said Oren Falkowitz, a former National Security Agency analyst. It takes years of planning, he said, but as tensions increase, “cyber impact is going to be one of the tools they use and one of the hardest things to defend against.”

Topics: cyberwar Iran-US tensions

Related

Middle-East
Trump says US ‘moving forward’ with additional sanctions on Iran
Middle-East
New Iran threat to ‘set region on fire’

First class graduates from American University of Baghdad, once Saddam’s palace

Updated 25 May 2025
AP
Follow

First class graduates from American University of Baghdad, once Saddam’s palace

  • A total of 38 students — 20 male and 18 female — graduated Saturday with degrees in business administration, sciences and humanities at a ceremony attended by political dignitaries as well as families and faculty members
Updated 25 May 2025
AP

BAGHDAD: The American University of Baghdad celebrated the graduation of its first cohort of students Saturday at a campus that was once a palace built by Saddam Hussein.
Officials said they hope the graduation will mark the beginning of a new era in higher education in Iraq rooted in modernity, openness and international academic standards.
The university was inaugurated in 2021 on the site of the Al-Faw Palace, built on an island in the middle of an artificial lake by Saddam in the 1990s to mark the retaking of the peninsula of the same name during the war.
After the US-led invasion that unseated Saddam in 2003, it was used as a US coalition military headquarters called Camp Victory. It was later developed into an American-style university with a core liberal arts program through funding by influential Iraqi business owner Saadi Saihood.
A total of 38 students — 20 male and 18 female — graduated Saturday with degrees in business administration, sciences and humanities at a ceremony attended by political dignitaries as well as families and faculty members.
Speaking to the attendees, university President Dr. Michael Mulnix reflected on the university’s rocky beginnings.
“When I first arrived at the American University of Baghdad in 2018, the campus looked nothing like it does today,” he said. “Years of war and neglect had left the infrastructure in ruins, with many buildings damaged or destroyed. Today, we stand before an exceptional, nonprofit academic institution that ranks among the finest research universities.”
Today AUB has a growing network of international partnerships with top universities, he said, including Vanderbilt University, Colorado School of Mines, Lawrence Technological University, Temple University, the University of Exeter, and Sapienza University of Rome.
University founder and owner Saihood called the graduation “a symbolic moment that affirms this institution was built to last and to make a real difference.”
He acknowledged the economic challenges facing graduates, especially the scarcity of government employment, but emphasized that the university has equipped its students with the adaptability and initiative needed to thrive in the private sector or through entrepreneurship.
Although Iraq’s security situation has improved in recent years after decades of conflict, the country still suffers from brain drain as young people seek opportunities and stability abroad.
“The future in Iraq is not easy. All of us graduates have concerns,” said Mohammed Baqir from Najaf province, who graduated Saturday with a bachelor’s degree in business. “But what sets us apart from other universities is that we’ve already received job offers through AUB, especially in the private sector. Although my education cost around ten million Iraqi dinars, it was a truly valuable investment.” Ten million Iraqi dinars equals about $7,600.

Topics: American University of Baghdad Iraq Graduates

Related

Offbeat
Iraq’s first filmmaker in Cannes says sanctions no piece of cake
Special
Middle-East
How Baghdad’s first skatepark reflects renewed focus on the aspirations of Iraqi youth 

Israel may change tack to allow aid groups in Gaza to stay in charge of non-food aid

Updated 25 May 2025
AP
Follow

Israel may change tack to allow aid groups in Gaza to stay in charge of non-food aid

  • The group says it plans to handle food aid, initially from a handful of hubs in southern and central Gaza with armed private contractors that would guard the distribution
Updated 25 May 2025
AP

TEL AVIV, Israel: As pressure mounts to get more aid into Gaza, Israel appears to be changing tack and may let aid groups operating in the battered enclave remain in charge of non-food assistance while leaving food distribution to a newly established US-backed group, according to a letter obtained by The Associated Press.
The development indicates Israel may be walking back from its plans to tightly control all aid to Gaza and prevent aid agencies long established in the territory from delivering it in the same way they have done in the past.
Israel accuses Hamas of siphoning off aid but the United Nations and aid groups deny there is significant diversion. The UN has rejected Israel’s plan, saying it allows Israel to use food as a weapon, violates human humanitarian principles and won’t be effective.
Israel had blocked food, fuel, medicine and all other supplies from entering Gaza for nearly three months, worsening a humanitarian crisis for 2.3 million Palestinians there. Experts have warned of a high risk of famine and international criticism and outrage over Israel’s offensive has escalated.

 

Even the United States, a staunch ally, has voiced concerns over the hunger crisis.
The letter, dated May 22, is from Jake Wood, the head of the Israel-approved Gaza Humanitarian Foundation, or GHF, and is addressed to COGAT, the Israeli military agency in charge of transferring aid to the territory.
It says that Israel and GHF have agreed to allow non-food humanitarian aid — from medical supplies to hygiene items and shelter materials — to be handled and distributed under an existing system, which is led by the United Nations. UN agencies have so far provided the bulk of the aid for Gaza.
The foundation would still maintain control over food distribution, but there would be a period of overlap with aid groups, the letter said.
“GHF acknowledges that we do not possess the technical capacity or field infrastructure to manage such distributions independently, and we fully support the leadership of these established actors in this domain,” it said.
The foundation confirmed the authenticity of the letter. A spokesman for GHF said the agreement with Israel came after persistent advocacy. While it acknowledged that many aid groups remain opposed to the plan, it said GHF will continue to advocate for an expansion of aid into Gaza and to allow aid groups’ work in the enclave to proceed.

COGAT declined to comment on the letter and referred the AP to the office of Israeli Prime Minister Benjamin Netanyahu, which did not respond to a request for comment.
UN officials also did not reply to requests for comment.
Unclear who is funding GHF
The GHF, which is not yet up and working in Gaza, is run by security contractors, ex-military officers and humanitarian aid officials, and has the backing of Israel.
The group says it plans to handle food aid, initially from a handful of hubs in southern and central Gaza with armed private contractors that would guard the distribution. Additional sites will be opened within a month, including in northern Gaza.
The letter says aid agencies will continue providing food assistance in parallel to the GHF until at least eight sites are up and running.
Aid groups have been pushing back on the GHF and Israel’s plans to take over the handling of food aid, saying it could forcibly displace large numbers of Palestinians by pushing them toward the distribution hubs and that the foundation doesn’t have the capacity to meet the needs of the Palestinians in Gaza.
It’s also unclear who is funding the GHF, which claims to have more than $100 million in commitments from a foreign government donor but has not named the donor.
’Functioning aid’
The letter says that GHF’s Wood was on a call with the CEOs of six aid groups discussing the new plans, including Save the Children, International Medical Corps, Catholic Relief Services, Mercy Corps, CARE International and Project HOPE.
Rabih Torbay, head of Project HOPE, confirmed the call and said his organization was encouraged to hear that the delivery of medicines and other non-food items would continue under the current system.
Still, Torbay appealed for food aid to be allowed into Gaza without “obstruction or politicization.”
A spokesperson for CARE said it has shared its concerns regarding GHF’s proposal for food distribution in the hubs and reiterated the importance of using existing distribution mechanisms under the UN The spokesperson said the meeting was an opportunity to ask a lot of questions, but CARE’s attendance was not an endorsement of the effort.
Mairav Zonszein, a senior analyst on Israel for the International Crisis Group, says the letter is a clear sign that both Israel and the GHF recognize the humanitarian catastrophe people face in Gaza and the need for immediate aid.
“The GHF and Israel are clearly scrambling to get something that works — or at least the appearance of functioning aid — and that this mechanism is not ready or equipped or fitting for the needs of the population in Gaza,” Zonszein said.
Ahmed Bayram, Middle East spokesperson for the Norwegian Refugee Council, said that Israel is part of the conflict and should not be in control of the aid distribution.
“Israel interfering in parts or all of that process would be damaging to the independence and neutrality of humanitarian aid,” Bayram said.
Humanitarian principles
The GHF came under more scrutiny this week, with TRIAL International — a Geneva-based advocacy group focusing on international justice — saying Friday that it was taking legal action to urge Swiss authorities to monitor the group, which is registered in Switzerland.
The foundation’s spokesperson has insisted that it abides by humanitarian principles and operates free from Israeli control. The spokesperson, speaking anonymously under the foundation’s policy, told the AP earlier this week that it is not a military operation and that its armed security guards are necessary for it to work in Gaza.
The war in Gaza began on Oct. 7, 2023, when Hamas-led militants attacked southern Israel, killing 1,200 people and abducting 251 others. Israel’s retaliatory offensive has killed more than 53,000 Palestinians, according to Gaza’s Health Ministry, which doesn’t differentiate between civilians and combatants in its count.

Topics: War on Gaza GHF COGAT

Related

video
Middle-East
Some flour reaches Gaza as blockade eases, aid groups call for more
Middle-East
Aid groups: Thousands of children in Gaza are malnourished amid Israel’s blockade

Syria reboots interior ministry as Damascus seeks to reassure West

Updated 25 May 2025
AFP
Follow

Syria reboots interior ministry as Damascus seeks to reassure West

  • The restructure includes “strengthening the role of the anti-drug department and further developing its importance within Syria
Updated 25 May 2025
AFP

DAMASCUS: Syrian authorities on Saturday announced an interior ministry restructuring that includes fighting cross-border drug and people smuggling as they seek to improve ties with Western nations that have lifted sanctions.
Keen to reboot and rebuild nearly 14 years after a devastating civil war broke out, the new authorities in Damascus have hailed Washington’s lifting of US sanctions.
The move was formalized Friday after being announced by President Donald Trump on a Gulf tour this month during which he shook hands with Syria’s jihadist-turned-interim President Ahmed Al-Sharaa.
Spokesman Noureddine Al-Baba said the interior ministry restructure included reforms and creating “a modern civil security institution that adopts transparency and respects international human rights standards.”
It includes setting up a citizens’ complaints department and incorporating the police and General Security agency into an Internal Security command, he told a press conference.
A border security body for Syria’s land and sea frontiers will be tasked with “combating illegal activities, particularly drug and human smuggling networks,” Baba said.
The restructure includes “strengthening the role of the anti-drug department and further developing its importance within Syria and abroad” after the country became a major exporter of illicit stimulant captagon, he added.
Another department will handle security for government facilities and foreign missions, as embassies reopen in Syria following Bashar Assad’s ouster in December.
A tourism police body will secure visitors and sites as the war-torn country — home to renowned UNESCO World Heritage sites — seeks to relaunch tourism.
Syria’s foreign ministry welcomed Washington’s lifting of sanctions, calling the move “a positive step in the right direction to reduce humanitarian and economic struggles in the country.”
Turkish foreign ministry spokesperson Oncu Keceli said the recent US and European Union steps to lift sanctions were “of critical importance in efforts to bring stability and security to Syria.”
The European Union announced the lifting of its economic sanctions on Syria earlier this month.
Sharaa met President Recep Tayyip Erdogan on Saturday on his third visit to Turkiye since taking power on a visit to discuss “common issues,” Syria’s presidency said.
Ankara is a major backer of Syria’s new authorities, who are negotiating with Kurdish forces that control swathes of the northeast and that Turkiye considers “terrorists.”
A government delegation made a first visit Saturday to the notorious Al-Hol camp in the northeast that hosts families of suspected Islamic State (IS) group jihadists.
Trump said he wanted to give Syria’s new rulers “a chance at greatness” after their overthrow of Assad.
While in Istanbul, Sharaa met with the US ambassador to Turkiye, who doubles as Washington’s Syria envoy.
In a statement, Tom Barrack said: “President Trump’s goal is to enable the new government to create the conditions for the Syrian people to not only survive but thrive.”
He added that it would aid Washington’s “primary objective” of ensuring the “enduring defeat” of IS.
US sanctions were first imposed on Syria in 1979 under the rule of Bashar Assad’s father Hafez.
They were sharply expanded after the bloody repression of anti-government protests in 2011 triggered Syria’s civil war.
The new administration has been looking to build relations with the West and roll back sanctions, but some governments expressed reluctance, pointing to the Islamist past of leading figures.
The sanctions relief extends to the new government on condition that Syria not provide safe haven for terrorist organizations and ensure security for religious and ethnic minorities, the US Treasury Department said.
Concurrently, the US State Department issued a 180-day waiver for the Caesar Act to make sure that sanctions do not obstruct foreign investment in Syria.
The 2020 legislation severely sanctioned any entity or company cooperating with the now ousted government.
US Secretary of State Marco Rubio said the waiver would “facilitate the provision of electricity, energy, water and sanitation, and enable a more effective humanitarian response across Syria.”
However, Rubio cautioned that Trump “has made clear his expectation that relief will be followed by prompt action by the Syrian government on important policy priorities.”
He said lifting the sanctions aims to promote “recovery and reconstruction efforts.”
Syria’s 14-year civil war killed more than half a million people and ravaged its infrastructure.
The interior ministry’s spokesman said around a third of the population had been under suspicion by the Assad government’s feared intelligence and security services.
Analysts say a full lifting of sanctions may take time, as some US restrictions are acts that need to be reversed by Congress.
Syrian authorities also need to ensure an attractive environment for foreign investment.

Topics: Fall of Assad Syria Damascus

Related

Middle-East
Erdogan, Syria’s Sharaa hold talks in Istanbul
Middle-East
Syria hails US lifting of sanctions as ‘positive step’

Libya says oil leak occurs in pipeline south of Zawiya city

Updated 24 May 2025
Reuters
Follow

Libya says oil leak occurs in pipeline south of Zawiya city

  • The NOC posted a picture showing a stream of leaked oil in the desert
Updated 24 May 2025
Reuters

An oil leak forced the shutdown of a pipeline south of Libya's city of Zawiya, the National Oil Corporation (NOC) said on Saturday.
Zawiya, 40 km (25 miles) west of the capital Tripoli, is home to Libya's biggest functioning refinery, with a capacity of 120,000 barrels per day. The refinery is connected to the country's 300,000-barrels-per-day Sharara oilfield.
The NOC posted a picture showing a stream of leaked oil in the desert. Flow from the Hamada oilfields through the affected pipeline was immediately halted, the company said in a statement.
"In parallel with the maintenance work, a team of specialists is conducting an investigation to determine the causes of the leak. Arrangements and coordination are also underway to recover the leaked oil and address any resulting environmental pollution," the company added.

Topics: Libya

Related

Middle-East
At least 58 corpses found in Libyan hospital, ministry says
video
Middle-East
Libya’s PM says eliminating militias is ‘ongoing project’ as ceasefire holds

Lebanon army says receives suspect in Christian party official’s killing

Updated 24 May 2025
AFP
Follow

Lebanon army says receives suspect in Christian party official’s killing

  • Pascal Sleiman of the Lebanese Forces Christian party was abducted and killed in April 2024
  • The army had said he was killed in a carjacking by Syrian gang members
Updated 24 May 2025
AFP

BEIRUT: Lebanon’s army said Saturday it had taken into custody a suspect in last year’s killing of a Christian political official, with help from Syria’s new authorities, in a case that sparked public outrage.

Pascal Sleiman, a coordinator in the Byblos (Jbeil) area north of Beirut for the Lebanese Forces (LF) Christian party, was abducted and killed in April 2024.

The army had said he was killed in a carjacking by Syrian gang members who then took his body across the border.

The army received “one of the main individuals involved in the crime of kidnapping and killing” Sleiman after coordinating with Syrian authorities, a military statement said.

The suspect “heads a gang involved in kidnapping, robbery and forgery and has a large number of arrest warrants against him,” the statement said, adding that investigations were underway.

Sleiman’s LF party opposed Syria’s longtime ruler Bashar Assad, who was ousted in December, as well as its Lebanese ally Hezbollah, which last year was engaged in cross-border fire with Israel that escalated into all-out war.

Beirut and Damascus have been seeking to improve ties since the overthrow of Assad, whose family dynasty for decades exercised control over Lebanese affairs.

Anti-Syrian sentiment soared after Sleiman’s disappearance and death, in a country hosting hundreds of thousands of Syrian refugees.

Some accused Hezbollah of having a hand in the killing, but then chief Hassan Nasrallah, who was later killed in a massive Israeli air strike, denied his party was involved.

The LF had said it would consider Sleiman’s death a “political assassination until proven otherwise.”

Topics: Lebanon Lebanese Forces Pascal Suleiman Syria

Related

Middle-East
Army says Lebanese Forces official killed by kidnappers
Middle-East
Seven Syrians held over murder of Lebanon politician: judicial official

Latest updates

Eco-friendly and safer walkways expanded to 33% in Makkah Hajj sites 
Champions to be crowned as Lahore, Quetta face off in PSL final today
Bryson DeChambeau’s wild ride: LIV Golf star gets taste of speed at Indianapolis Motor Speedway
George Floyd’s uncertain legacy is marked five years on
Over 1,245 wild animals resettled so far in Saudi Arabia’s largest natural reserve

Search form

Print Edition
Read pdf version Subscribe now
© 2025 SAUDI RESEARCH & PUBLISHING COMPANY, All Rights Reserved And subject to Terms of Use Agreement.