In recent days there have been reports that attacks were launched against Iranian computer networks that support that country’s air bases, likely in response to the June 20th attack by Iran’s Islamic Revolutionary Guard Corps on a U.S. military drone in the Persian Gulf.
And now there are reports that hackers working for an alliance of intelligence agencies broke into Yandex, the large Russian-based search engine, in an attempt to find technical information that reveals how Yandex authenticates user accounts. The hackers used Regin (QWERTY), a malware toolkit associated with intelligence sharing that has often been utilized by the intelligence alliance (made up of the USA, Canada, UK, Australia and New Zealand).
Interestingly, Yandex acknowledges the hack, which happened back in 2018. But whereas it claims the attack was detected by the company’s security team before any damage could be done or data lost, outside observers believe that the hackers were able to maintain their access to Yandex for several weeks or longer before being detected.
Reportedly, the information being sought could help spy agencies impersonate Yandex users, thereby gaining access to their private messages. The purpose? To focus on espionage rather than the theft of intellectual property.
These actions, which are coming to light only now even though the events in question happened last year, underscore how much much future “warfare” between nations will be conducted in cyberspace rather than via boots on the ground.
Welcome to Cold War II — 21st century style.