Company Confidential
THIS IS A COVER SHEET FOR TRAFFIC LIGHT PROTOCOL: GREEN INFORMATION
When Should It Be Used: Sources may use TLP:GREEN when information is useful for the awareness of all participating organizations as well as with peers within the broader community or sector.
How Should It Be Shared: Recipients may share TLP: GREEN information with
peers and partner organizations within their sector or community, but not via publicly accessible channels.
For more information: https://www.us-cert.gov/tlp
Copyright © 2014, CTP & Norse– All Rights Reserved Page 1 of 12 TLP: GREEN Cyber Intelligence Bulletin: Iran Cyber Threat Increasing
Cyber Intelligence Bulletin:
Malicious cyber activity originating from the Islamic Republic of Iran is increasing in intensity January 27, 2015
Copyright © 2015, Norse Corporation – All Rights Reserved NOT FOR GENERAL DISTRIBUTION Page 2 of 12 TLP: GREEN Cyber Intelligence Bulletin: Iran Cyber Threat Increasing
Scope:
This Cyber Intelligence Bulletin (CIB) describes Indication & Warning (I&W) data collected by the global Norse DarkMatterTM intelligence network and analyzed by the Norse Fusion Intelligence team. While this report includes some new intelligence regarding attacks on industrial control systems, it is not a comprehensive survey. Later this year, Norse will publish a separate bulletin, code-named #opICS, detailing more than 500,000 attacks on Industrial Control systems over the last 24 months. Norse provides live attack intelligence to the victims in this report through our responsible disclosure policy.
Overview of Indications and Observables:
Malicious Cyber Activity from Iran is increasing in intensity