Security News
The U.S. government on Tuesday attributed several past attacks involving industrial control systems to Russian, Chinese and Iranian state-sponsored threat actors. "CISA and the FBI assess that these actors were specifically targeting U.S. pipeline infrastructure for the purpose of holding U.S. pipeline infrastructure at risk. Additionally, CISA and the FBI assess that this activity was ultimately intended to help China develop cyberattack capabilities against U.S. pipelines to physically damage pipelines or disrupt pipeline operations," the agencies said.
The Department of Justice has seized the domains of 36 Iranian media sites that officials say weren't just operating in violation of sanctions, but were part of a widespread government-backed malign-influence operation targeting the U.S. The DoJ said that 33 of the sites are run by the Iranian Islamic Radio and Television Union, which is allegedly under the control of the sanctioned Islamic Revolutionary Guard Quds Force. Three additional sites taken down were allegedly controlled by Kata'ib Hizballah, which has been designated an Iraqi terrorist group by the U.S. government.
American authorities seized a range of Iran's state-linked news website domains they accused of spreading disinformation, the U.S. Justice Department said Tuesday, a move that appeared to be a far-reaching crackdown on Iranian media amid heightened tensions between the two countries. Relations between Iran and the U.S. have deteriorated for years following President Donald Trump's withdrawal from Tehran's nuclear deal and the return of devastating sanctions on the country.
Threat actors with suspected ties to Iran have been found to leverage instant messaging and VPN apps like Telegram and Psiphon to install a Windows remote access trojan capable of stealing sensitive information from targets' devices since at least 2015. Russian cybersecurity firm Kaspersky, which pieced together the activity, attributed the campaign to an advanced persistent threat group it tracks as Ferocious Kitten, a group that has singled out Persian-speaking individuals allegedly based in the country while successfully operating under the radar.
Israeli spy agencies accused Iran on Monday of using fake social media accounts to lure citizens of the Jewish state abroad "To harm or abduct them". The Israeli claim came hours after Iran accused its arch-enemy of orchestrating an attack on a key nuclear site and vowed "Revenge".
Iran blamed Israel on Monday for a sabotage attack on its underground Natanz nuclear facility that damaged its centrifuges, an assault that imperils ongoing talks over Tehran's tattered nuclear deal and brings a shadow war between the two countries into the light. "My policy as prime minister of Israel is clear: I will never allow Iran to obtain the nuclear capability to carry out its genocidal goal of eliminating Israel," Netanyahu said.
Iran has admitted that one of its nuclear facilities went offline over the weekend, and a single report claiming Israeli cyber-weapons were the cause has been widely accepted as a credible explanation for the incident. Iran on Sunday published this announcement that said an "Accident" impacted the "Electricity distribution network" at its Natanz enrichment facility.
Iran on Sunday described a blackout at its underground Natanz atomic facility an act of "Nuclear terrorism," raising regional tensions as world powers and Tehran continue to negotiate over its tattered nuclear deal. Ali Akbar Salehi, the American-educated head of the Atomic Energy Organization of Iran, who once served as the country's foreign minister, offered what appeared to be the harshest comments of his long career, which included the assassination of nuclear scientists a decade ago.
A declassified joint report from several United States agencies assesses that Russian and Iranian threat actors did attempt to meddle in the 2020 U.S. presidential election, but claims that the technical integrity of the voting process wasn't affected. The joint report is meant to provide information on the extent to which foreign actors attempted interference with the 2020 U.S. elections, along with details on whether these adversaries targeted political organizations, campaigns, or election candidates, and an assessment on whether the attacks were able to successfully compromise the targeted infrastructure.
The USA's Office of National Intelligence today released its previously classified assessment of "Foreign Threats to the 2020 US Federal Elections" and found "Some successful compromises of state and local government networks prior to Election Day-as well as a higher volume of unsuccessful attempts". It's described as the intelligence community's collective assessment of attempts to disrupt the 2020 election and to contain "Analytic judgments identical to those in the classified version" but without "Full supporting information" or information on "Specific intelligence reports, sources , or methods."