Security experts: Iran-backed hackers targeting U.S. and Saudi Arabia

Cybersecurity firm FireEye has identified a new group of hackers, known as APT33, that it says has been working on behalf of the Iranian government since 2013. The group has “potential destructive capabilities,” FireEye warned.

“The campaigns that were laid out were not just aligned with the Iranian government but with the Iranian military,” said Stuart Davis, a director at FireEye subsidiary Mandiant.

Between the middle of 2016 and early 2017, APT33 targeted a U.S. organization in the aerospace sector and a Saudi Arabian company with aviation links, as well as a South Korean oil and chemicals firm, FireEye said.

APT33 targets represent “growth areas for the Iranian government,” Davis said on a conference call with reporters on Thursday.

Iran is emerging from years of isolation under sanctions and is now looking to expand in aviation and energy.

“As we continue to monitor the threat activity related to this, we will have key questions and observations on how that could expand out to other petrochemical entities potentially within Europe and Asia,” Davis said.

Read more…

Source: CNN