Iranian hackers linked to the country’s military intelligence have launched a global cyber espionage campaign, according to the United States and the United Kingdom. This rare warning was issued last week against “Iranian Government-Sponsored” threat actors after reports highlighted intense Russia-Ukraine cyberwarfare.
Digital invasions and denial-of-service (DDoS) attacks — which occurs when a malicious cyber threat actor prevents legitimate users from accessing information systems, devices, or other network resources — wreaked havoc on Ukraine in the run-up to and during the Russian invasion.
As per the United States and the United Kingdom, Russian military-linked hackers were behind a wave of DoS attacks last week that briefly took down Ukrainian banking and government websites before the Russian invasion. Later reports revealed that in response to the digital threat, Ukraine is now seeking volunteer hackers to launch cyberattacks against Russian organizations such as businesses, banks and government bodies.
However, amid this ongoing electronic cyber-war between these two countries, the United States and the United Kingdom have issued warnings against the group of Iranian hackers, MuddyWater.
This group, according to United States Cyber Command, has been operating on behalf of Iran’s Intelligence and Security Ministry and the Iranian Revolutionary Guard Corps. ‘MuddyWater’ has been active since at least 2015, operating under various names and targeting victims from Israel, Saudi Arabia, Jordan, the United Arab Emirates and other Asian countries.
In an analysis report, the agency noted that the hacking group conducts cyber espionage and other malicious cyber operations targeting a range of government and private-sector organizations across sectors which include telecommunications, defense, local government, as well as oil and natural gas.
America’s Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and Cyber Command, along with Britain’s National Cyber Security Center, released a joint statement exposing harmful cyber operations by MuddyWater.
Though Israel and Iran have been fighting a proxy cyber-war for a long time, Russian aggression in Ukraine has pushed the cyber front to the forefront as the former attempted to use the digital realm for offensive military purposes. In response, on February 26 the Ukrainian government announced the formation of the “IT Army”.
Ukraine’s Vice Prime Minister Mykhailo Fedorov wrote in a tweet: “There will be tasks for everyone. We continue to fight on the cyber front. The first task is on the channel for cyber specialists.”
Meanwhile, the official website of Kremlin and the office of Russian President Vladimir Putin, Kremlin.ru, was taken offline during the weekend in an alleged distributed denial of service (DDoS) attack — which is a destructive attempt to interrupt a targeted server’s, service’s , or network’s routine traffic by flooding the target or its surrounding infrastructure with Internet traffic.
However, due to this escalating situation, tensions have also spread to Israel, where thousands of people with ties to Russia or Ukraine work in the tech and cyber industries.
Around 15,000 Ukrainians work remotely for Israeli computer companies. Tensions are high as companies scurry to relocate their employees and provide support for those who have remained in the country.
Why ‘MuddyWater’ Warning Matters
The warning about MuddyWater comes at a time when Iran opposed the war in Ukraine but also indicated that it will not condemn Russia’s military action overtly and instead blamed NATO’s presence in the region on the West.
In a tweet, the foreign minister Hossein Amirabdollahian said that Iran does not see war as a solution and has called for an immediate truce as well as a “political and democratic solution,” without using terms like “invasion”.
Iran’s relationship with Russia has become stronger in recent years, majorly due to its clash with the West involving issues like the nuclear programme. Additionally, in January, the Iranian president paid a two-day visit to Moscow, during which he and Putin both indicated support for stronger ties.
Even though Iranian authorities back Russia’s anti-Western rhetoric, which they see as a sign of the West’s downfall, experts believe that Iran does not back Kremlin’s military efforts overtly since they could be used against it in some of Iran’s border regions where separatist tendencies have prevailed in the past.
However, in early 2020, Iran’s relations with Ukraine were severely harmed after the Islamic Revolutionary Guard Corps shot down a Ukraine International Airlines jet over Tehran amid the confusion caused by a missile attack on two American bases in Iraq just hours before.
At that time, Iran claimed responsibility for the event and has held many rounds of talks with Kyiv, but Ukraine and four other nations that lost individuals on the flight have accused Tehran of refusing to engage in genuine dialogue, promising to pursue the case through international law.
Read all the Latest News, Breaking News and Assembly Elections Live Updates here.
,