19
Jun/13

Qassam Cyber Fighters DDoS Campaign Against U.S. Banks Slows

by under Cyber Security

The excellent Krebs on Security blog, by former Washington Post writer Brian Krebs, reported last week that the long running campaign of cyber attacks against U.S. banks went quiet ahead of Iran’s recent presidential election. We thought it would be useful to add a visual component to the reporting by Krebs and confirm a slowdown in reported cyber attacks against banks.

The timeline below was generated using Recorded Future to display reported cyber attacks against companies in banking or financial services between January and June. The dip in reported issues during late May and early June is clear.

Timeline of Bank Cyber Attacks

Click for interactive view

The Iranian government, believed by many to be behind the DDoS attacks by the Izz ad-Din al-Qassam Cyber Fighters that began in mid-September 2012, has denied responsibility. But in his blog post, Krebs furthers connects the dots by citing findings published at Google’s Online Security Blog of increased phishing activity leading up to the Iranian election that sought to compromise Google account users in Iran. The suggestion is that energy and resources used for the bank attacks were, at least temporarily, diverted to domestic political operations such as the phishing campaign.

If you’ve followed this issue, you’ll remember that the purported goal of the cyber campaign was to get the Innocence of Muslims removed from YouTube. Nothing has changed on that front, so we’ll now wait and see if the attacks against U.S. banks resume in their previous form or if a differently styled campaign begins.

You can monitor the latest cyber threats reported against banks by visiting a Recorded Future feed on the subject here or see our expanded Web Intelligence tools for information security analysts.

, , Leave a Comment more...

13
Jun/13

SEA and Anonymous, Allies by Convenience in Attacks on Turkey

by under Cyber Security
SEA Anon Network

Click for interactive view

War sometimes makes strange bedfellows, and the cyber battlefield is proving to be no different. Two prominent hacker collectives (or government organizations depending on who you ask) – the Syrian Electronic Army (SEA) and Anonymous – jointly promoted and carried out recent attacks against the Turkish government despite having long been at odds.

This is an interesting development in the hacktivist landscape given that the SEA has targeted Anonymous properties on and off since the early days of Syria’s civil war when factions of Anonymous supported rebel efforts against Bashar al-Assad. But the surge of protests across Turkey during recent weeks brought the two hacker factions together over a common target: the Turkish government headed by Prime Minister Recep Tayyip Erdogan.

The campaign, dubbed #OpTurkey by Anonymous, so far includes the two groups shutting down and defacing official Turkish websites in addition to claiming hacks against the Turkish Prime Ministry’s network to gain access to personal information on Erdogan’s staff. Information allegedly procured by the attack on the government network was then publicly posted by both organizations independently.

This operation, jointly promoted and acted on by the SEA and Anonymous, provides another example of kinetic events serving as a leading indicator of cyber campaigns. Explicit signals for a new cyber campaign may not be openly available, but clues can be found in the history of hacktivist organizations and their typical causes for operation. In this case, it’s unsurprising to see Anonymous get behind a popular anti-government uprising while also serving as a platform for the SEA to strike against the Turkish government that formally recognized and supported the anti-Assad movement last November.

You can follow the latest developments related to #OpTurkey here.

, , Leave a Comment more...

7
Jun/13

Contrast in US, Iran Media Coverage of Iranian Presidential Candidates

by under Politics and Elections

Our previous post on the Iranian election sought to reveal clues about which Iranian presidential candidate should be considered Supreme Leader Ali Khamenei’s favorite to succeed Ahmadinejad. Another interesting signal derived from Recorded Future’s Web Intelligence is the coverage of each candidate from Iranian sources, including which sources cover which candidate, compared to the coverage of each candidate from sources published elsewhere. In this case, we’ll use the United States media coverage as our comparison.

Iranian Media Coverage of Candidates

All three Iranian presidential debates took place during the past week making media coverage from this period especially interesting to analyze. Below is a timeline describing the volume of mentions for each candidate between May 31 and June 7. Click here to view live.

Iran Candidates in Iranian Media

The vertical axis is ordered according to total number of references, so you can see that from the Iranian sources collected by Recorded Future, the top three most mentioned candidates in order of volume are: Mohsen Rezaee, Hassan Rowhani, and Mohammad Reza Aref.

Two points of interest stand out from the data:

Volume of mentions is one metric worth investigating, but there’s another step to consider: what sources are most prominently covering each candidate? Identifying the top media sources for each candidate may also be helpful in determining the audience to which each has the most exposure.

Below is a breakdown of the same data shown in the above timeline, but described by boxes sized according to which source provided the most coverage for each candidate. You can also see a live view.

Iranian Sources by Candidate

A few highlights to call out:

  • Mohammed Bagher Ghalibaf, current mayor of Tehran, saw the greatest amount of his coverage come from local Tehran Times.
  • Mohammad Reza Aref, generally considered to be one of the election’s moderate options, has received much attention from the community driven news site Balatarin.

United States Media Coverage of Candidates

Now that we’ve got a grasp on Iranian coverage, let’s look at United States media in comparison. Take a look at how the timeline of Iranian coverage during the past seven days lines up against coverage from US media. A live view can be found here.

Iranian Candidates in US Media

Most interesting on first glance is the absence from the “top 8″ of Mohsen Rezaee, who was most mentioned in Iranian media during the past week. He’s received minimal attention from Western media, which if he were elected seems that it would lead to a categorization of the result as a “surprise” by the American press.

The most mentioned candidate in US media during the past week  is Hasan Rowhani, the only cleric in the race. The dominance in coverage was largely due to arrests of his supporters during a campaign speech along with hints of a partnership with fellow moderate Mohammad Reza Aref to create a more formidable centrist presence come election day.

Additional Questions

We here at Analysis Intelligence are not Iran experts, but instead are looking to media data for clues and signals about the presidential campaign and individual candidates. What else do you see in the data?

Is it surprising to the see the attention from US media given to Rowhani and infringements on his campaign by police? Do you think that the coverage of Rezaee suggests he might be frontrunner? What other questions could we ask using Web Intelligence related to this or other elections?

Leave us your thoughts in the comments.

, , Leave a Comment more...

5
Jun/13

Must Read: Recorded Future’s Web Intelligence Interview Series

by under Intelligence Analysis

The blogging team here at Analysis Intelligence is inspired by the potential for open source information to reveal intelligence insights. This inspiration is born out of Recorded Future’s belief in Web Intelligence as a massively important emerging capability that draws on the flood of rich, real-time reporting being generated on the Web to reveal risk insights. (continue reading…)

No tags Leave a Comment more...

4
Jun/13

Mapping Turkey’s Anti-Government Protests in Real-Time

by under Geopolitics

Police attacks on environmental protesters in Istanbul last Friday sparked anti-government demonstrations across Turkey over the weekend. The violence set alight long simmering public tensions with a government tilting more toward Islamism and regularly infringing on personal freedoms expected in modern democracy.

The map below from Recorded Future shows spreading unrest during the last seven days, and clicking through to the live visualization will keep you updated as reports continue to stream in via news and social media about events in a particular city or state.

Turkish Protests By City – Last Seven Days

Turkish Protests Map OccupyGezi

Click for Interactive View

The latest unrest, which began peacefully over government proposed development of a city park that would include demolition of the Ataturk Cultural Center that serves as a prominent secular symbol, has since evolved into dissent over a range of social issues and government impositions. It caps a troublesome month for the Turkish government that also included controversial handling of a freedom of speech case and shows of force against student protests.

The protests show few signs of abating as of this post, and they may grow in strength as the Public Workers Unions Confederation (KESK), one of four national trade unions, plans to hold a “‘warning strike’ on June 4-5 to protest… crackdown on anti-government protests over the last four days.”

Follow the latest below:

, , Leave a Comment more...

31
May/13

Finding Khamenei’s Favorite to Succeed Ahmadinejad

by under Geopolitics

The election field for Iran’s next president initially stood 686 hopeful candidates wide. The country’s Guardian Council last week narrowed that field down to just 8 final candidates in preparation for the June 14 election that will determine current President Mahmoud Ahmadinejad’s successor.

The term “hardliners” has been pervasive in much mainstream Western coverage describing the candidates although anticipating a winner (or even a frontrunner) appears to be difficult at this stage. Some have recently called Saeed Jalili, Secretary of Supreme National Security Council, the leading candidate, but we want to scour the broader media discussion for any patterns. In particular, we’ll use data captured and organized from around the web by Recorded Future to answer:

  • Which candidate has been most frequently mentioned with Supreme Leader Ali Khamenei in global media?
  • Which candidate has been most frequently mentioned with President Mahmoud Ahmadinejad in global media?

Finding Khamenei’s Favorite

Iran Presidential Candidates and Khamenei

Click for interactive view

Despite claiming to have no preferred candidate, Khamenei was influential in selecting the field and claims close ties to several of the individuals running for president. One approach to spot a potential favorite would be to see which of the eight candidates has been most frequently mentioned with the current Supreme Leader in online media. We used web intelligence to generate the above timeline of March 1 – June 14 (election day) to determine the top three most mentioned candidates as:

  • Ali Akbar Velayati - current senior advisor on international affairs to Khamenei. His call for ‘reconciliation with the world‘ in the first debate today will likely contrast with more standoffish positions as the campaigns proceed.
  • Mohammed Bagher Ghalibaf - Tehran’s current mayor, and occasionally described as a more ‘moderate’ candidate while simultaneously taking credit for crackdowns on student protests.
  • Gholam Ali Haddad-Adel - top advisor to Khamenei whose daughter is also married to one Khamenei’s sons.

This “top” list perhaps illustrates why it’s difficult to call out one candidate as Khamenei’s favorite; the ties are deep across the board. And we can note that Saeed Jalili only recently started to bubble up in comparison to the top three.

Interestingly, the top three candidates most frequently referred to alongside Khamenei months ago formed what is called the 2+1 Coalition with the expectation that only the frontrunner will be on the ballot come election day. Whoever comes out on top, Khamenei wins, but rumors are already having to be squashed that Velayati, who is most linked to Khamenei by the media, will represent the coalition.

A Quick Comparison to Ahmadinejad

This perspective is interesting given our understanding of the deep ties between Khamenei and certain candidates, the Guardian Council’s role in selecting final participants, and the falling out between Ahmadinejad and Guardian Council that culminated with the president’s recent criticism.

Timeline Candidate Ties To Ahmadinejad

Click for interactive view

The first thing that stands out is a much lower volume of references to the candidates in relationship to Ahmadinejad versus those to Khamenei. Perhaps not surprising. And many of these references are simply noting the candidates as potential successors to the current president. The top name related to Ahmadinejad:

  • Hassan Rowhani – former nuclear negotiator and widely describe as the most moderate candidate in the field. The broad set of mentions alongside the exiting president are largely related to Rowhani’s criticism of Ahmadinejad. In 2009, Rowhani publicly labeled Ahmadinejad a ‘demagogue‘ and consistently hit out against the president since he took office in 2005.

The approval of Rowhani as one of the final eight candidates given his relatively distant connection to Khamenei and less “hardline” stance  is interesting. One take: Khamenei may not view Rowhani as a serious contender but instead see a PR opportunity with the expectation that his campaign will unload a full clip of criticism against the exiting Ahmadinejad.

Next Steps

We’re currently two weeks away from election day in Iran. We’ll follow up this analysis with a media comparison of how the candidates are being discussed in US, UK, and Iranian media respectively. We’ll be pushing these findings early next week after commentators have several days to digest and respond to the first public debate from today. Get a teaser of the Iranian media coverage via Recorded Future.

, , Leave a Comment more...

Copyright © 1996-2010 Analysis Intelligence. All rights reserved.
iDream theme by Templates Next | Powered by WordPress