Iranian hacking group APT33, well known for the Shamoon attack on Saudi Aramco, has made headlines again for aggressive attacks on civilians and critical infrastructure. Trend Micro recently reported that APT33 has developed its methods to attack the oil and gas industry, creating more a higher risk to companies in the oil industry through the use of destructive malware. Trend Micro reported that APT33 has set up its own VPN, a tactic often used by nation-state threat actors. Trend Micro allegedly detected reconnaissance of networks related to the oil industry, an oil exploration company and hospitals in the Middle East as well as a U.S. oil company.
The U.S. government warned of an increasing threat of cyberattacks from Iran while tensions continue to rise in the Gulf. APT33 has been carefully masking activities through the aforementioned private VPN and hiding in plain sight by taking advantage of the way the web is used by legitimate organizations.
Read More: Secret Iranian Network Behind ‘Aggressive’ U.S. Cyberattacks Exposed In New Report