chg: [threat-actor] IRIDIUM added

Ref: https://resecurity.com/blog/parliament_races/
This commit is contained in:
Alexandre Dulaunoy 2019-03-10 10:47:34 +01:00
parent 769e0002ef
commit 6fb1303570
Signed by: adulau
GPG key ID: 09E2CD4944E6CBCD

View file

@ -6402,7 +6402,19 @@
}, },
"uuid": "ae1c64ff-5a37-4291-97f8-ea402c63efd0", "uuid": "ae1c64ff-5a37-4291-97f8-ea402c63efd0",
"value": "APT-C-36" "value": "APT-C-36"
},
{
"value": "IRIDIUM",
"uuid": "29cfe970-5446-4cfc-a2da-00e9f49e02ba",
"description": "Resecuritys research indicates that the attack on Parliament is a part of a multi-year cyberespionage campaign orchestrated by a nation-state actor whom we are calling IRIDIUM. This actor targets sensitive government, diplomatic, and military resources in the countries comprising the Five Eyes intelligence alliance (which includes Australia, Canada, New Zealand, the United Kingdom and the United States)",
"meta": {
"refs": [
"https://resecurity.com/blog/parliament_races/",
"https://www.nbcnews.com/politics/national-security/iranian-backed-hackers-stole-data-major-u-s-government-contractor-n980986"
],
"country": "IR"
}
} }
], ],
"version": 94 "version": 95
} }