Russian hackers hide their cyber attacks using an Iranian group

The Iranian group, codenamed OilRig, operated by a Russian-based group known as Turla.

The Russians pressured the Iranian group to target other victims.

The National Center for Internet Security (NCSC) discovered that the attack on the enterprise was carried out by the Russian group Turla, which realized that it was looking for the capabilities and tools used by the Iran-based OilRig Group.

In the months-long investigation, it became clear that the Russian group had targeted the Iran-based group, then used its tools and access to collect data and threaten other regimes.

Attacks have been discovered against more than 35 countries with the majority of casualties in the Middle East. At least 20 victims were successfully hacked. The ambition was to steal secrets, and to obtain documents from a number of goals, including governments.

Intelligence agencies said the Turla group had information that the Iranians were stealing but were also running their own operations using Iranian access and hoping it would conceal its effects.

There is no evidence that Iran was complicit or aware of the Russians' use of their arrival or that this activity was conducted to provoke trouble between countries, but it is an indication of the increasingly complex world of electronic operations.

The National Internet Security Center (NCSC) will not directly attribute the attacks to the Russian and Iranian states, but Turla has previously linked others to its relationship with the Russian security service, FSB and OilRig.

Post a Comment