A group of Iranian hackers named OilRig recently piggybacked on by a Russian hacker group Turla to steal official information of several countries including the UK and Middle East countries.
The NCSC, National Cyber Security Centre, was first set up in 2017 to investigate the attack on a UK academic institution.
It was then disclosed that the attack on the institute was pulled off by the Russia based cyber-hacker group Turla which used Iranian infrastructure and tools in a ‘crowded space’, masquerading as Iranian attackers OilRig. Russian group of hackers hijacked into the system of Iranian based group OilRig and used their tools to assemble legal data and security information against 35 countries mainly making victims the countries of the Middle East. They hacked into at least 20 countries and accessed confidential government records.
According to the intelligence agencies, Turla was cunningly scanning information and executing their own operations by piggybacking on the Iranian group OilRig, smoothly covering their tracks.
The Russian group was able to successfully masquerade as the Iranian based group and initially, it was assumed that all these cyber stealing and attacks were done by Iranian group when the real guilty party was Russian hackers.
Iran’s government stated that they were completely unaware of the whole situation, Russians using their system and tools to espionage in different countries. This activity was surely not an act to stir up conflicts among countries but a sheer example of complicated cybercrimes of the modern world.
Paul Chichester, director of operations for the NCSC, the protective arm of the intelligence agency GCHQ, states that it is becoming a very crowded space.
This attack itself has novelty in nature that carries some similar capabilities with the US and UK.
Mr. Chichester denies pulling the Russian cyberattacks off to be false flag as it did not frame anyone directly. The Russians and the Iranians are not accredited directly for these hack attacks by the NCSC but the particular group Turla has been linked many times before to Russia’s Security Service, the FSB, and OilRig to the Iranian state.
The investigation was mainly carried out by the UK but all the details have been arranged cumulatively by the NCSC and America’s NSA. A report was made of Turla with another hacking group that was revealed by the private security company Symantec in June. The sole purpose of this discloser was to aware other people from getting tricked and detect the activity before it’s too late.
Mr. Chichester says that no matter how cleverly the hackers try to hide their identity; their capabilities will unmask them with time.
However, the reactions of the two groups to this exposure are still up in the air, according to the officials.
Related Posts :