Blog Articles

Cyberattacks targeting Middle Eastern countries attributed to Iran

In mid-June, it was reported that Iran had been responsible for a series of cyber attacks that targeted Israel, Saudi Arabia and Yemen. 

According to ClearSky, an Israeli cybersecurity company, hackers had 40 targets in Israel, and 500 among other parts of the world, they targeted with phishing techniques. According to Breaking Israel News, the hackers targeted retired IDF generals, researchers and employees from the security sector. Journalists, activists and sites that worked in counter-terrorism and other forms of international relations were also attacked.

ClearSky told The Times of Israel  this recent cyberattack is one of the most durable ones they've come across, specifically in regard to the amount of time it was active and how difficult it is to remove. 

The attacks have been occurring in waves since last year at least, with the motivations of  "espionage or other nation-state interests," ClearSky said. Representatives from the cybersecurity company said some of the other victims of the attacks included high-profile Middle Eastern targets such as Qatar's British embassy, the finance minister of an unnamed Middle Eastern country and many more.

Dr. Thamar E. Gindin, an Iranian linguistic and pre-Islamic Iran professor, was one of the targets of the cyberattacks and assisted authorities with the investigation. 

"Hackers had access to the hotel's security cameras and room numbers of political figures."


Israel was reportedly conducting some of its own cyber attacks targeting Iran. It was found that the computer systems of three luxury hotels that hosted Iran's nuclear negotiations had been compromised by an upgraded version of Israel's Dugu virus. The virus reportedly gave hackers access to the hotels' security cameras for video and audio recordings and could even be used to find out the hotel rooms of political figures.

Why Iran is suspected
"The context of the attacks and cover stories all revolve around Iran," the report said. "The attackers speak and write in native Iranian Persian and make mistakes characteristic of Persian speakers. In one of the hacked accounts, when retrieved, the interface language had been changed to Persian."

As of now, there's no evidence to directly cite Iran as the source of the attack, but all signs appear to point in that direction. ClearSky representatives claim that the attack was either conducted by the Iranian regime or supported by it.

Revealing cybersecurity vulnerabilities 
While these attacks both occurred across the globe and focused countries in the Middle East, they serve as an example of how often and easily entire countries can become the target of cyberattacks. The same can be said for businesses and organizations in the U.S., including public, private and government agencies. It's important for them all to take these risks into account and develop cybersecurity measures capable of defending against malicious intrusions, phishing expeditions and many other types of attacks.


Back to Cyber Security | Back to All Categories