Israeli security group blames Lebanon for major spying campaign

Personnel of the 624th Operations Center, located at Joint Base San Antonio, Texas, conduct cyber operations in support of the command and control of Air Force network operations and the joint requirements of Air Forces Cyber, the Air Force component of U.S. Cyber Command. (William Belcher/U.S. Air Force)

(BEIRUT, LEBANON) — An Israeli security firm is pointing fingers at Lebanon after claiming to have discovered a spying campaign that “likely” originated with a government agency or political group in Lebanon.

Check Point Software Technologies, an IT security corporation based in Tel Aviv, said its researchers discovered that Lebanese spies were targeting telecommunications and networking companies, media organizations, and other institutions in Lebanon, Israel, Turkey, and seven other countries.

They also add that spies have tampered with computers in the United States, United Kingdom, and Canada, according to Reuters news agency.

Researchers, who dubbed the campaign “Volatile Cedar”, claim they found evidence of spyware in Canada, Israel, Turkey, the United Kingdom, and the United States, among others.

U.S. National Security Agency (NSA) Director Michael Rogers says that China and “one or two” other countries have infiltrated U.S. infrastructure networks in previous years, but he did not specify Lebanon.

Researchers say the campaign has been going on for three years, and featured an “unusual method” for installation.

According to Reuters, instead of emailing tainted links or infected attachments, the people behind “Volatile Cedar” hacked into public-facing websites and host computers that contained valuable information.

“They are not ‘script kiddies,’” Check Point researcher Shahar Tal told Reuters. “But we have to say in terms of technical advancement, this is not NSA-grade.”

Researchers said the security campaign was not “cutting edge”, but still had the ability to capture confidential data.

“This is one face of the future of targeted attacks: malware that quietly watches a network, stealing data, and can quickly change if detected by antivirus systems,” Dan Wiley, Head of Incident Response & Threat Intelligence at Check Point. “It’s time for organizations to be more proactive about securing their networks.”

Telecommunications Minister has since told Beirut-based newspaper The Daily Star that he was not aware of any spying, and has since launched an internal investigation into the allegations.

Check Point says they’re not aware of any other major spying campaign attributed to the Lebanese government or faction.

Send this to friend