Related Stories

  • US considers preemptive action to prevent 'Cyber Pearl Harbor'
    Iran may have been the culprit behind the recent rash of cyber-attacks on oil and gas giants in the Middle East, said US Defense Secretary Leon Panetta, who recently warned that the US was facing the possibility of a “cyber-Pearl Harbor” as politically motivated hackers target the nation’s power grid, transportation systems, financial networks and government entities.
  • Second Middle East energy company hit by malware
    Qatari liquified natural gas company RasGas has suffered a malware attack reminiscent of the attack against the Saudi Aramco oil company last week. It is not known if either the attackers or the malware used are the same.
  • Cyber-espionage Mahdi virus spreads further in Middle East
    The Mahdi trojan cyber-espionage attack continues to expand in the Middle East, and especially Iran, despite its detection last month.
  • Middle East war: Israeli, Arab hacking battle escalates
    Credit card numbers and expiration dates of hundreds of Saudi, Egyptian, and Syrian citizens were posted online by an Israeli hacker in apparent retaliation for the posting of Israeli credit card information by Saudi hackers.
  • Israeli-Hamas battle escalates to botnets
    The ongoing conflict between Israel and Hamas in the Middle East has escalated beyond a spat of hacker Web site attacks plus defacements and into the realms of botware.

Top 5 Stories


UN nuclear agency compromised by anti-Israel hacktivists

27 November 2012

Another Middle East-focused cyber-attack has been launched, but it’s a piece of news that would not be out of place in the Cold War era: the International Atomic Energy Agency has been hacked. Information from an out-of-use server has been stolen and posted online.

A new hacktivist collective calling itself Parastoo took responsibility for compromising the UN’s nuclear watchdog agency, but the IAEA hasn’t confirmed who the culprits actually may be. Parastoo has posted a manifesto filled with shout-outs to other hacktivist groups like Lulz and Anonymous, along with allusions to various Middle East cyberwar touchpoints like the Stuxnet worm. It demands that that the IAEA look into Israel’s nuclear activities: specifically, it wants to know the purpose of a facility at Dimona that is widely assumed to be a nuclear weapons manufacturing plant. Israel has neither confirmed nor denied this, and calls for investigation into the plant are common from Arab states.

The information posted online contains a list of email addresses of people working in or with the IAEA. The agency is taking measures to lock down the vulnerability and prevent further information leakage, it said.

"The IAEA deeply regrets this publication of information stolen from an old server that was shut down some time ago," agency spokeswoman Gill Tudor told Reuters. "The IAEA's technical and security teams are continuing to analyze the situation and do everything possible to help ensure that no further information is vulnerable.”

For its part, Parastoo said that the hack was its debut, but promised “game-changing news” from now on. More chillingly, it said that it took a “total backup” of the server and that it will release more sensitive information, along with the whereabouts of the individuals whose emails are posted and personal details by which they can be recognized. “We are reassuring the IAEA that their critical information is safe with us as we are brothers,” it wrote. “However, we can not [sic] guarantee the same if a western-favored element entertains another sip of motorbike&magnetbomb [sic] cocktail.”

This article is featured in:
Data Loss  •  Identity and Access Management  •  Internet and Network Security  •  Malware and Hardware Security  •  Public Sector


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×