Hezbollah-linked cyber unit has been hacking internet companies for years

A cyber unit believed to be associated with the Shiite militant group Hezbollah has carried out stealth spy missions around the world, hacking into internet and telecommunications service providers to collect data.

The group of threats that researchers call “the Lebanese cedar” would have formed around 2012 and are primarily motivated by “political and ideological” rather than financial incentives, he says. a new report from security firm ClearSky

. “Cedar” uses its intrusion campaigns to silently go through government and corporate systems and gather intelligence, the report said.

The group was first discovered by security companies Kaspersky Labs and Checkpoint in 2015 (at the time it was called “Volatile Cedar”), at that time, investigators said it had the fingerprints of the Lebanese government. ClearSky agrees with this assessment.

“We support the strong case of Check Point by attributing the Lebanese cedar APT to the Lebanese government or to a political group in Lebanon. In addition, there are several clues linking the Lebanese Cedar APT to Hezbollah’s cyberunit, ”the researchers write.

Hezbollah, which the US government has designated as a terrorist organization, is notorious for your use of cyber attacks

in its conflicts with Israel, as well as its prolific use of information operations and manipulation of social networks.

“Cedar” has apparently kept a low profile since its initial sighting half a decade ago. Through its silent maneuvers, the group has managed to compromise around 250 servers in countries around the world including the United States, Israel, the United Kingdom and several Middle Eastern countries such as Egypt, Jordan and the Palestinian Authority.

In the United States, “Cedar” has successfully entered the networks of entities such as Frontier Communications, a Connecticut telecommunications company, as well as the Oklahoma Office of Management and Enterprise Service, state Senior IT agency, the report says.

The researchers emphasize the group’s ability to carry out missions without drawing too much attention to itself or its activities:

Lebanese Cedar APT has been organizing sophisticated and well-designed attacks using custom attack tools since 2012, often without disruption to the global security community for long consecutive periods. The group’s ability to stay under the radar is no coincidence, it is the result of intelligent selection of targets, tools and attack vectors.