Iranian Hackers Indicted for DDoS Campaign, New York Dam Cyber-Attack
Today's topics include the DOJ's charges against seven Iranian hackers for cyber-attacks on the U.S. financial services sector and a New York dam; how hackers infiltrated the Ukrainian power grid months before, causing massive service outages; how Microsoft Office 2016 blocks malicious macros; and AT&T, Sprint, T-Mobile and Verizon are now taking iPhone SE preorders.
The U.S Department of Justice has again demonstrated that it is prepared to identify and prosecute cyber-attackers no matter where in the world they operate.
The DOJ announced March 24 that a federal grand jury indicted seven Iranian nationals for a 176-day distributed denial-of-service campaign against the U.S. financial sector, as well as an attack against the Bowman Dam in New York state.
The seven individuals charged by the DOJ were employed by the Iran-based ITSecTeam and Mersad Company, both of which have direct ties to Iran's Islamic Revolutionary Guard Corps and the Iranian government.
In May 2014, the DOJ filed an indictment against Chinese Army officials alleging they carried out cyber-attacks to steal intellectual property from U.S. firms.
Cyber-attackers that targeted Ukraine's energy distribution infrastructure in December were "highly structured and resourced," taking down 27 substations in an attack against that nation's power companies, according to a report released by the Electricity Information Sharing and Analysis Center on March 21.
Three separate energy companies all came under attack on Dec. 23, 2015, blacking out power to 225,000 customers. While the companies restored power within a few hours, destructive malware also erased much of the companies' operational data, which slowed efforts to investigate the attacks.
Microsoft is making it tougher for enterprises to fall victim to macro-based attacks that prey on Office users. A new policy-setting feature in Office 2016 allows administrators to block macros from untrusted sources.
Office macros are sharable bits of code that are meant to automate mundane and repetitive tasks, allowing users to save time while working on Microsoft Word, Excel and PowerPoint files.
Cyber-attackers often write and distribute malware-infected macros to help them steal passwords and break into corporate networks.
Apple iPhone SE preorders are now being taken by all four major U.S. mobile carriers—AT&T, Sprint, T-Mobile and Verizon—as Apple prepares to begin selling its latest iPhone on March 31.
The carriers are also accepting preorders for Apple's latest iPad Pro device, its smaller 9.7-inch model. The iPhone SE, Apple's latest iPhone, has a 4-inch display, a 12-megapixel camera, an improved battery, and a powerful 64-bit A9 processor and M9 motion coprocessor.