Anomali Threat Research Detected Campaign Utilizing Israeli Themed Lures
REDWOOD CITY, Calif., Feb. 10, 2021 -- Anomali, the leader in intelligence-driven cybersecurity solutions, today announced availability of a new Anomali Threat Research report that details how Iran-backed cyberespionage group Static Kitten is currently conducting a campaign against government agencies in Kuwait, the United Arab Emirates (UAE), and likely the broader Middle East. Among the key findings:
Anomali assesses that the Iran-nexus cyberespionage group Static Kitten is likely the threat actor, based on the combination of Israeli geopolitical-themed lures, Ministry of Foreign Affairs (MOFA) references, and the use of specific tactics and techniques in the campaign.
Government agencies in the United Arab Emirates (UAE), Kuwait, and likely the broader Middle East are being targeted.
Static Kitten is attempting to install a remote management tool called ScreenConnect (acquired by ConnectWise 2015) in target computers.
“The Middle East has long been a flashpoint for cyber and kinetic espionage activities. Organizations that call this part of the world home need to be especially vigilant, as things like growing remote workforces, 5G deployment, and cloud adoption continually expand attack surfaces,” said AJ Nash, Sr. Director of Cyber Intelligence Strategy, Anomali. “To remain protected while conducting business in today’s cyber landscape, organizations need to have access to intelligence that enables threat analysts to conduct efficient investigations, detect threats, and drive fast response efforts.”
For complete research details including IOCs, read the blog: Probable Iranian Cyber Actors (Static Kitten) Conducting Cyberespionage Campaign Targeting UAE and Kuwait Government Agencies
For more information about Iran-backed threat actors, download: Islamic Republic of Iran Cybersecurity Profile from Anomali Threat Research
Anomali is the leader in intelligence-driven cybersecurity. More than 1,500 public and private sector organizations rely on Anomali to see and detect threats more quickly, reduce the risk of security breaches, and improve security operations productivity. Anomali solutions serve customers around the world in nearly every major industry vertical, including many of the Global 2000. As an early threat intelligence innovator, Anomali was founded in 2013 and is backed by leading venture firms including GV, Paladin Capital Group, In-Q-Tel, Institutional Venture Partners, and General Catalyst. Learn more at www.anomali.com.