Cybersecurity firm reveals Hezbollah-linked hack of hundreds of global companies
ClearSky Cyber Security confirmed that ‘Lebanese Cedar’, the cyber unit of Hezbollah, has been behind hundreds of cloud and hosting provider hacks
The report, which labels Lebanese Cedar as an APT (Advanced Persistent Threat), explains that the terrorist group focussed primarily on telecommunications and ISPs. ClearSky Cyber Security has deduced that the attacks gathered intelligence and stole company databases containing sensitive data. It can also be assumed that the call records and private data of clients from these telecommunications companies were exposed, as well.
“This group successfully worked under the radar for a long time, while getting control of critical databases and stealing valuable information,” explained Boaz Dolev, CEO of ClearSky Cyber Security. “Telecommunication providers worldwide are a prime target for attackers in search for sensitive data.”
The report found 250 servers that were breached by Lebanese Cedar, with the primary victims being Oracle and Atlassian WEB servers. Targeted countries included Israel, the US, the UK, Egypt, Jordan, Lebanon, and the Palestinian Authority.
Lebanese Cedar is a stealth threat actor that ClearSky Cyber Security believes has been active for more than eight years. It identified the recent operations to the organization based on some of the code that overlaps between 2015 variants of the Explosive RAT and Caterpillar WebShell, which were identified at both attacks.
Recent months have highlighted an explosion in cyber attacks that are often attributed to the actions of Iran, North Korea, or Russia. No country or organization is immune, with Israeli insurance companies and American governments all falling victim to cyber-attacks and hacks. It is strongly recommended that users frequently change their passwords and that businesses adopt strict cybersecurity measures to prevent attacks from 3rd parties.
ClearSky Cyber Security was founded in 2010 and offers cyber solutions, specializing in threat intelligence services. Its primary areas of protection include critical infrastructure, the financial sector, the public sector, and pharmaceuticals.