Sign up for our daily briefing
Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.
Stay on top of the latest market trends
Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.
Sports news worthy of your time
Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.
Tech news worthy of your time
Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.
Get the inside stories
Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Want a daily digest of the top Denver news?
Get a daily digest of the most important stories affecting your hometown with Axios Denver
Want a daily digest of the top Des Moines news?
Get a daily digest of the most important stories affecting your hometown with Axios Des Moines
Want a daily digest of the top Twin Cities news?
Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities
Want a daily digest of the top Tampa Bay news?
Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay
Want a daily digest of the top Charlotte news?
Get a daily digest of the most important stories affecting your hometown with Axios Charlotte
An Iranian flag in Tehran. Photo: Kaveh Kazemi / Getty Images
The U.S. recently indicted members of an Iranian government contractor for hacking universities and companies to steal research. Cybersecurity firm Mandiant, which highlighted Iran as a growing force in 2017 in an annual report released today, has seen an uptick in believed government affiliated Iranian hackers stealing intellectual property from businesses.
Why it matters: Once among the world's most amateurish cyber-powers, Iran has become a mature, aggressive player in digital espionage.
"It seemed like we were investigating attacks from Iran more than anything else,"— Charles Carmakal, Vice President of Mandiant, tells Axios.
Carmakal also speculates that IP may be being used to help Iranian companies create more impressive products.
The current status: Mandiant and it's parent company, FireEye, named three new advanced persistent threats (APTs) from Iran in 2017. APTs are campaigns that target specific victims with consistent, sophisticated, and patient attacks rather than the one-off victims or victims of opportunity chosen by most hackers.
The background: "We used to joke around 2010 that Iran looked a lot like Anonymous," said Carmakal. Around that point the Iranian threat was limited to denial of service attacks.
- Later, as Iran began to develop its own tools, researchers noted that Iranian agents would place hacker pseudonyms in source code or claim credit for defacing websites — not the secure, quiet, unattributable hacking used by most nations.
- "We saw some nations that needed to mature, but nothing as bad as Iran," said Carmakal, thought he says Iranian attacks have shown drastic improvement.
Important note: These believed to be Iranian groups are known for destructive cyber attacks within the Middle East, but they do not appear to be conducting destructive attacks in the United States.