Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Government Security

Russian Cyberattackers Stole Iranian Tools, Then Attacked 35 Countries (stripes.com) 20

An anonymous reader quotes Bloomberg News: A Russia-linked group is believed to have utilized Iranian tools to conduct cyber attacks against dozens of countries, in an apparent effort to mask their identities, according to joint advisories by the U.S. and the U.K.

The group, known as Turla, used tools from suspected Iran-based hacking groups and deployed them against old and new targets. In order to acquire the tools, Turla "comprised the suspected Iran-based hacking groups themselves," according to the U.S. National Security Agency and the U.K.'s National Cyber Security Centre, which released the advisories on Monday. The original owners of the tools "were almost certainly not aware of, or complicit with, Turla's use of their implants," the agencies said. The attacks, against more than 35 countries, would appear to the victims as coming from Iran.

This discussion has been archived. No new comments can be posted.

Russian Cyberattackers Stole Iranian Tools, Then Attacked 35 Countries

Comments Filter:
  • So uh, does this mean we should un-drone-strike their shit now?

  • by weilawei ( 897823 ) on Saturday October 26, 2019 @04:19PM (#59350658)

    So everyone else can steal the keys and ransom the entire US economy into the ground.

    Remember kids! Make sure to support your Freedom Port!

  • by Archtech ( 159117 ) on Saturday October 26, 2019 @04:27PM (#59350684)

    Has anyone been able to detect any meaninfgul content in TFA? As far as I can make out, it is published by Bloomberg (strike #1), based solely on anonymous statements by US and UK "intelligence" agencies (strike #2), and alleges nothing except that some "Russian" group used "Iranian" "tools" to do some vague harm to something or other in over 35 unnamed countries.

    The article reads as if it had been composed against a very short time limit (a minute or less) by someone poorly educated from Russia, Iran or some other country where English is not widely spoken. (Admittedly, that leaves open the option of the USA).

    "Turla, which is also known as Waterbug or Venomous Bear, collects information by targeting government, military, technology, energy and commercial operations for the purposes of intelligence collection, the agencies said.".

    What viciously sophisticated hacking technique! These foul evildoers go so far as to "collect information by targeting... operations for the purposes of intelligence collection". If it were not so serious a matter, I would be tempted to laugh uproariously for the purposes of laughing uproariously.

    Or maybe the article was one of those written by a leading-edge AI?

    To put the cherry on top, the nameless experts who gave Bloomberg this priceless exclusive believe that a sufficient defence is to "update vulnerable systems" - apparently an exceptional emergency measure that no one would ever undertake in normal circumstances. I do hope they remember to reboot afterwards.

    • Well I'd like to know why the NSA decided to leak this information to the press and how they can be sure that this time they have the correct source. Maybe it is someone else posing as a Russian hacker group posing as an Iranian hacking group. Are they assuming only 1 layer of indirection? If we don't know how they know we cannot know how credible the information is.

  • Since all these tools have been stolen and passed around by all the spy agencies, it seems more efficient for them all to just share a public GitHub repo instead of stealing from each other just to get more tools so they can steal more tools. Ideas like this are probably why I was passed over for that Head of Spy Agency job.
    • by rtb61 ( 674572 )

      What will be interesting is when the various intelligence agencies start targeting the others sides tax cheats et al or even their side and strive to empty those off shore tax haven accounts by hacking the computers of the tax cheats et all, first time they connect, well, it will be the last time, as that account will then be emptied and closed. You can image the spy vs spy professionally paranoid types, doing this stuff after hours as well as during work hours.

      So are the proceeds of crime in off shore tax

  • Instead of "Them evil Russkis" and Them evil Towelheads" it's now "them evil Russkies stealing tools from them evil Towelheads".

    Or, in other words, we ran out of excuses to bomb something, so let's make up an even more convoluted mess to confuse everyone enough that we can bomb whatever.

    How about, for a change, trying to aid our companies to get their shit in order and make their stuff secure instead of demanding backdoors that make it less secure?

A committee takes root and grows, it flowers, wilts and dies, scattering the seed from which other committees will bloom. -- Parkinson

Working...