A new hacktivist collective calling itself Parastoo took responsibility for compromising the UN’s nuclear watchdog agency, but the IAEA hasn’t confirmed who the culprits actually may be. Parastoo has posted a manifesto filled with shout-outs to other hacktivist groups like Lulz and Anonymous, along with allusions to various Middle East cyberwar touchpoints like the Stuxnet worm. It demands that that the IAEA look into Israel’s nuclear activities: specifically, it wants to know the purpose of a facility at Dimona that is widely assumed to be a nuclear weapons manufacturing plant. Israel has neither confirmed nor denied this, and calls for investigation into the plant are common from Arab states.
The information posted online contains a list of email addresses of people working in or with the IAEA. The agency is taking measures to lock down the vulnerability and prevent further information leakage, it said.
"The IAEA deeply regrets this publication of information stolen from an old server that was shut down some time ago," agency spokeswoman Gill Tudor told Reuters. "The IAEA's technical and security teams are continuing to analyze the situation and do everything possible to help ensure that no further information is vulnerable.”
For its part, Parastoo said that the hack was its debut, but promised “game-changing news” from now on. More chillingly, it said that it took a “total backup” of the server and that it will release more sensitive information, along with the whereabouts of the individuals whose emails are posted and personal details by which they can be recognized. “We are reassuring the IAEA that their critical information is safe with us as we are brothers,” it wrote. “However, we can not [sic] guarantee the same if a western-favored element entertains another sip of motorbike&magnetbomb [sic] cocktail.”