Already a subscriber? Make sure to log into your account before viewing this content. You can access your account by hitting the “login” button on the top right corner. Still unable to see the content after signing in? Make sure your card on file is up-to-date.
Google has issued a warning that an Iranian-backed cyber group is ramping up its efforts to target the US and Israel.
What’s the deal: In a report released by Google, cybersecurity experts with the company said the Iranian-backed cyber group APT42, affiliated with Iran’s Islamic Revolutionary Guard Corps, is intensifying a “multi-pronged” campaign against the US and Israel. According to Google, over the past six months, approximately 60% of APT42’s operations have targeted high-ranking officials in both nations, including current and former government figures and individuals connected to the US presidential campaigns.
How are they doing it?: Iran is conducting cyberattacks mainly through phishing campaigns. In these campaigns, an Iranian-backed group sends emails posing as legitimate organizations to trick targets into clicking on malicious links. These links allow the group to gain unauthorized access to accounts and steal sensitive information. Although Google has blocked over 50 such phishing attempts in recent months, some attacks have still managed to bypass its defenses.
A warning from Google: In its report, Google said, “APT42 is a sophisticated, persistent threat actor and they show no signs of stopping their attempts to target users and deploy novel tactics. This spring and summer, they have shown the ability to run numerous simultaneous phishing campaigns, particularly focused on Israel and the US. As hostilities between Iran and Israel intensify, we can expect to see increased campaigns there from APT42.”
FBI investigating: The FBI is actively investigating Iran’s cyber activities, focusing on allegations that Iranian operatives stole documents from former President Trump’s campaign and leaked them to the media. The investigation also covers attempts by Iran to access Vice President Harris’s campaign and phishing attacks targeting three staffers from President Biden’s former campaign.
