Hacker group, not Israel, behind cyberattack on Iran’s train system
A shadowy group – not Israel – was behind a July cyberattack
on Iran’s railroad system that according to state media caused “unprecedented
chaos” at train stations and reportedly led Tehran to attack an Israeli-owned
ship a few weeks later, according to a new report.
The report, released Saturday by the Israeli- American
cybersecurity company Check Point Software Technologies, named the Iranian
opposition group Indra as the actor behind the attack, which it characterized
as having inflicted “nation-state-level damage.”
During the July 9 attack, the hackers posted fake messages
about alleged train delays and cancellations on display boards at stations
across Iran. They also urged passengers to call for more information, listing
the phone number of the office of the country’s supreme leader, Ayatollah Ali
Khamenei.
On the following day, the Iranian transportation ministry
said a “cyber disruption” had affected its computer systems, taking down its
website and links associated with it.
In its report, Check Point said those assaults were carried out
using a version of a hacking tool deployed in previous attacks on Iranian
interests in Syria that Indra — which is named for a Hindu war god – had
claimed responsibility for in 2019 and 2020.
According to one report, Iran may have believed Israel was
behind the cyberattacks, and chose to retaliate by launching a drone attack
against the Israeli-owned oil tanker MT Mercer Street on July 29, killing two
crew-members and sparking an international uproar.
Check Point said the case highlighted the danger of “a
non-state sponsored entity… creating the same kind of havoc” as a state actor
with far more resources.
Israel and Iran have been engaged in a years-long shadow
war, with Israel allegedly directing most of its efforts – including multiple
suspected cyberattacks — at sabotaging the Islamic Republic’s nuclear program.
Comments
Post a Comment