Sophisticated Iranian cyber-espionage campaign revealed

Iranian hackers used social media to access high-profile, global targets in three-year cyber espionage campaign.

An elaborate and nuanced three-year cyber espionage campaign carried out by Iranian hackers has been revealed by US security company, iSight. Using social engineering techniques primarily within Facebook to access military and political leaders in the US, UK, Israel, Syria, Iraq and Afghanistan, the campaign is being touted “the most sophisticated cyber-espionage campaign ever mounted.”

In a complex scheme of building trust with the target by establishing a sophisticated network of mutual Facebook acquaintances, corroborating social media profiles and seemingly authentic news articles on a fabricated website, the hackers would ultimately send links infected with information-gathering malware.

It is not yet clear what data has been compromised by the hackers, who were looking for passwords to government and corporate networks.

In an email to SCmagazineUK.com, Lancope CTO, TK Keanini, reflected: “cyberwar is a game of knowledge, not of bullets or bombs. As we become a knowledge economy and digital society, these events will become more regular and more impactful to our daily lives."

It is not without some irony that this story becomes public the day after Facebook's CEO was ordered to appear before Iranian court to face complaints over public privacy.