1 Several Pazhooheshgaran employees hold additional positions at organizations that have been previously sanctioned by the U.S. The IRGC-CF has likewise been linked to an Iranian IT company called Pazhooheshgaran Pooya Electronic Pardis Engineering Company (henceforth “Pazhooheshgaran”). elections, there is reason to believe it is also likely involved in other high-profile external-facing IRGC cyber operations. Because Emennet Pasargad maintains multiple points of contact with the IRGC and was entrusted with a highly sensitive role in the 2020 U.S. The second is via the IRGC Electronic Warfare Cyber Defense Organization (IRGC-EWCD). The company is connected to the IRGC through at least two different avenues: The first is through the IRGC’s Bonyad Taavon Sepah-also known as the IRGC Cooperative Foundation (IRGC-CF). Miburo has examined a loosely connected professional and social network that emcompasses subsets of the Iran’s Islamic Revolutionary Guard Corps (IRGC), its subsidiaries, Emennet Pasargad, and the company’s possible cyber accomplices APT35 and TA456 ( Tortoiseshell ). Emennet Pasargad’s Longstanding Connections to Iranian Hackers and the IRGCįigure 4: Organizational diagram of Emennnet Pasargad, the IRGC and its sub-units in question, and known Iran-linked hacking groups. If this is indeed the case, a slew of prior operations previously linked to APT35 may in fact have been the work of Net Peygard Samavat, or-as we know the company now-Emennet Pasargad. Multiple cybersecurity research firms have postulated that Mesri was, and may still be, linked to the hacking group APT35 ( Charming Kitten or Phosphorus ). In 2017, the Southern District of New York announced Mesri (or those working on his behalf) had hacked HBO, stole unreleased episodes of “Game of Thrones,” and demanded $6 million worth of Bitcoin as ransom. ![]() Net Peygard Samavat’s CEO Behzad Mesri also appears to have a history of freelancing. Witt herself was indicted in 2019 for her role in assisting the company, then operating under its previous name. Also sanctioned were Net Peygard Samavat senior manager Mohammad Bagher Shirinkar and the company’s CEO Behzad Mesri, both in connection with hacks that targeted the coworkers of ex-Air Force intelligence officer-and defector to Iran-Monica Witt. sanctioned Emennet Pasargad under its old name, Net Peygard Samavat. While Emennet Pasargad’s 2020 foray was a major escalation in Iranian influence operations, there are some indications the company has been actively targeting the U.S. And by those metrics, Iran’s efforts didn’t fare too badly. More than anything, Tehran sought to create panic, sow division, and broadly undermine Americans’ faith in their institutions. Directorate of National Intelligence (DNI), Iran didn’t necessarily have a preferred candidate in 2020, but was rhetorically opposed to former President Trump, likely because of his strident opposition to the Joint Comprehensive Plan of Action (JCPOA) nuclear deal and his “ maximum pressure ” sanctions against Iran. government officials, illustrating a level of technical sophistication we hadn’t previously seen from Tehran. In the run-up to that election, the Iranians hacked voting records, ran disinformation campaigns, and directly targeted U.S. ![]() Iran has largely managed to evade international attention for its attempted interference in the 2020 election. Because of this, whenever the words “election” and “disinformation” are used in the same sentence, only the Russians seem to come to mind. First in 2016 and then in 2020, the Russians used hack-and-leaks and social media manipulation to support candidates favorable to the Kremlin’s interests. Whether you watched the news or not, you probably heard that state-backed actors were yet again trying to influence who would become president. Think back to the run-up to the 2020 U.S.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |