The operation, known within the cyber research community as “SeaTurtle,” exploited weaknesses in DNS to hack hundreds of high profile victims, including entire foreign intelligence agencies. Notable victims also included a human rights group negotiating a ceasefire in Syria.
-
-
Prikaži ovu nit
-
We first began hearing word about how big a deal this hack was from our sources after a great report by
@TalosSecurity. Our sources told us the hackers had gained access giving them the ability to intercept ALL INTERNET TRAFFIC going to several countries in the Middle EastPrikaži ovu nit -
Other high profile
victims included: the email services for the entire government of Cyprus, the Freemason group in Turkey, a key undersea cable provider situated in Cyprus which routes large portions of the internet throughout the Middle EastPrikaži ovu nit -
We try to be very transparent about how we know what we know since this is an arena ripe for misdirection and confusion. (If you’re interested in learning more about Turkish hacking ops I would suggest checking our their MIT) https://www.reuters.com/article/us-cyber-attack-hijack-exclusive-idUSKBN1ZQ10X …pic.twitter.com/rdYnC9y4Nt
Prikaži ovu nit -
The hijacking was aimed at huge amounts of traffic flowing through Albania, Greece, Iraq, and Cyprus.. all countries which are of high geopolitical interest to Turkey for various reasons.
occurred at a time when Turkey was launching numerous kinetic military strikes in SyriaPrikaži ovu nit -
There was a lot of detail I wish we could have jammed into this story, but alas... if you want to talk about SeaTurtle or have any additional info let me know (full contact info in bio)
Prikaži ovu nit -
I believe this is the first story that really highlights a Turkish cyber espionage operation (beside this great CL research which is more domestic surveillance-focused)https://citizenlab.ca/2018/03/bad-traffic-sandvines-packetlogic-devices-deploy-government-spyware-turkey-syria/ …
Prikaži ovu nit -
And Yes - I am aware that there is at least two examples of a publicly available cyber threat intel report/blog from the private sector which is describing a Turkish APT. But the company did not attribute directly.
Prikaži ovu nit
Kraj razgovora
Novi razgovor -
-
-
I love how you covered this, respected the firm’s focus on not doing attribution, and used proper wording like “aligned” with. Just well done Chris
-
Thanks Rob - it’s a narrow road to navigate. We try to be highly accurate while simplifying the subject to a general audience and incorporating all the intel we’ve got.
Kraj razgovora
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
email: