Security researchers at FireEye have reported that Iranian hackers are targeting businesses in the telecommunications and travel industries as part of an international surveillance campaign.
Whilst the group has primarily been active in the Middle East, individuals in nations such as the US, Australia, Norway and Spain are also known to have been targeted, according to FireEye. They have named the group APT39.
Researchers posit that the group is attempting to gain access to these industries so it can monitor and track specific individuals for operations believed to serve Iran’s national security strategic objectives. This includes collecting individual’s location details through travel itineraries and telecommunications metadata.
According to FireEye: “APT39’s focus on the widespread theft of personal information sets it apart from other Iranian groups… which have been linked to influence operations, disruptive attacks, and other threats.”
Any organisation that deals with sensitive personal information is at a higher risk of being targeted by malicious actors.
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.