Iranian hackers have reportedly resumed attacks against targets in the U.S. State Department, but only after first taking a break from their campaign as the terms of an agreement concerning the country’s nuclear program were worked out with Washington.
Diplomatic and law enforcement officials told The New York Times this week that Iranian hackers are thought to have set their sights in recent weeks on the email accounts and social media profiles of State Department staffers, and successfully compromised an undisclosed number of targets.
While government-administered email accounts are no doubt juicy targets for state-sponsored hackers, an attack carried out over social media or an unsolicited but seemingly legitimate email could, if successful, could allow a perpetrator to have full access over a victim’s computer and all the information within.
Sources familiar with the campaign told the newspaper that the hackers have specifically sought out individuals who work closely with U.S. efforts in Iran and the Middle East, but only after working out the nuclear pact agreed upon this summer.
Attempts to hack into online accounts had been rampant before negotiations began in June, the Times reported, with Texas-based cyber firm iSight Partners alleging Iran had waged more than 1,500 attacks in the month of May.
As talks between countries began to take hold, however, the assaults briefly subsided. In August, “just two weeks after the nuclear accord was reached, the trickle of cyberattacks against the group’s usual targets resumed,” the paper reported.
A senior U.S. official familiar with the campaign told The Times that the Iranian hackers acted subtly with regards to rekindling attacks, and that their campaign “was very carefully designed and showed the degree to which they understood which of our staff was working on Iran issues now that the nuclear deal is done.”
Earlier this month, the Wall Street Journal reported that U.S. officials believe Iranian hackers had began targeting State Department employees and other members of the Obama administration after compromising the personal computer of Siamak Namazi, an Iranian-American businessman who was arrested overseas in September.
The State Department only became aware that its employees’ social media accounts were being targeted, however, as a result of a feature implemented last month by Facebook, The New York Times reported.
Indeed, Facebook announced in October that it would begin sending notifications to users if it’s believed their account was “targeted or compromised by an attacker suspected of working on behalf of a nation-state.”
“We do this because these types of attacks tend to be more advanced and dangerous than others, and we strongly encourage affected people to take the actions necessary to secure all of their online accounts,” Facebook’s chief security officer, Alex Stamos, explained at the time.
• Andrew Blake can be reached at ablake@washingtontimes.com.
Please read our comment policy before commenting.