Yo, hackers! What gives? Apparently, the Iranian hacking group, previously known for its love for reconnaissance, is now targeting critical infrastructure in the United States. Microsoft is spitting out reports left and right, and in their latest one, they note a change in approach in 2021 (coincidentally when Iran suffered cyber attacks). This group, Mint Sandstorm (formerly known as Phosphorus), has a new goal in sight, and that is to launch some seriously destructive cyberattacks.
Advertisement
Microsoft is not here for this switch up, and we can’t blame them. Imagine going from going after activists and defense industrial bases and then suddenly targeting transportation, seaports, and the energy sector. That’s like going from watching your little sister’s dance recital to doing the moonwalk at a Michael Jackson tribute concert. It’s a serious upgrade.
John Lambert, Microsoft’s top dog leading the consolidated intelligence and research team, thinks that the move might be pre-positioning for access to U.S. critical infrastructure “to be ready for some retaliatory action should the order be given.” Let’s hope that doesn’t happen, folks.
But wait, there’s more! We can’t forget to mention the other subgroups that are part of Mint Sandstorm and are playing their part in this newfound aggression. They’re all less bounded in their operations and working with Iran’s new national security apparatus. Yikes.
Proofpoint’s report highlights the group’s uptick in aggression and expansion of its target list to politicians, government officials, and medical researchers. On the plus side, the group’s sophisticated operational flexibility is impressive, as they’ve advanced to creating their own hacking tools instead of relying on others. No more hand-me-downs for this group.
Advertisement
Microsoft is switching up how they’re naming hacking groups, moving away from elements and opting for weather. Sandstorm will indicate an Iranian group, Blizzard for Russia, and Flood for…influence operations? Okay, we’ll go with it. Customers were complaining that the old names were hard to search, and Microsoft listened. Now, Zinc won’t just bring up sunscreen results when searched.
In other news, the U.S. eavesdropped on U.N. Secretary General, António Guterres’s accounts. As if surveillance wasn’t enough for us to worry about, now this news comes to light. Four classified reports show intercepted conversations that reveal Guterres’s frustrations with U.N. officials and world leaders over being denied a visit to a war-torn region in Ethiopia. The United States claims Foreign Intelligence Surveillance Act facilitated the operation. The fear of the law not being reauthorized is causing some pushback in Congress.
Advertisement
Oh, China, when will you learn? Federal law enforcement officials charged 34 officers from China’s national police force for harassing dissidents and spreading propaganda on social media. Ten others were charged with targeting and intimidating users of Zoom Video Communications. It’s said that more than 100 China-linked police operations have been set up to harass Chinese dissidents abroad. Yet, China has denied carrying out any cyber attacks.
Hundreds of U.S. Immigration and Customs Enforcement employees have been investigated for misusing confidential law enforcement data. That’s hundreds, folks. A database obtained through a public records request shows that ICE agents were found guilty of sharing login information, looking up info about ex-partners and querying sensitive databases on behalf of their home girls and homeboys. Snoop Dogg warned us about this: “Why me and my homies? ‘Cause we tight like that.”
That’s all for today’s cybersecurity news! Thanks for tuning in, folks.
Serious News: washingtonpost