Internet giant Google warned in an article “Countering threats from Iran” this weekend on its blog that Iran is behind the cyberattacks that recently threatened Israel.
Google’s Threat Analysis Group reported that an Iranian government-backed hacking collective – known as APT35, Phosphorous, Charming Kitten and Ajax Security Team – uses a range of tactics to mislead its victims into clicking on malicious links.
“APT35, an Iranian group regularly conducts phishing campaigns targeting high risk users. This is one of the groups we disrupted during the 2020 US election cycle for its targeting of campaign staffers.”
According to the post, the hacking collective has for a long time “hijacked accounts, deployed malware and used novel techniques to conduct espionage aligned with the interests of the Iranian government.”
Thus far this year, Google says it has issued some 50,000 warnings to account holders who were targeted by phishing or malware attempts by the Iran-backed group.
Israeli Hospital Targeted in Ransomware Attack
A major Israeli hospital on the western edge of Hadera became the victim of a ransomware attack last Wednesday which completely crippled information technology at the Hillel Yaffe Medical Center.
The hackers have demanded $10 million to release the data, but it is illegal for the hospital to even contact or negotiate with the cyberterrorists. At present it appears that a large part of the data backup is unrecoverable.
The attack caused disruptions across the institution, resulting in an explicit request from the administration to the Health Ministry and EMT services to refer to them only urgent cases.
The Lahav 433 unit of Israel Police, which specializes in deep investigations, is working with international law enforcement agencies to determine who is behind the cyberattack.
Police have imposed a gag on releasing details of the investigation, including the identities of the hackers.