Anomali highlights Iran’s Static Kitten cyberespionage group attacks on Kuwait and UAE

Anomali, the leader in intelligence-driven cybersecurity solutions, announced the availability of a new Anomali Threat Research report that details how Iran-backed cyberespionage group Static Kitten is currently conducting a campaign against government agencies in Kuwait, UAE, and likely the broader Middle East. Among the key findings:

  • Anomali assesses that the Iran-nexus cyberespionage group Static Kitten is likely the threat actor, based on the combination of Israeli geopolitical-themed lures, Ministry of Foreign Affairs (MOFA) references, and the use of specific tactics and techniques in the campaign.
  • Government agencies in the UAE, Kuwait, and likely the broader Middle East are being targeted.
  • Static Kitten is attempting to install a remote management tool called ScreenConnect (acquired by ConnectWise 2015) in target computers.

“The Middle East has long been a flashpoint for cyber and kinetic espionage activities. Organizations that call this part of the world home need to be especially vigilant, as things like growing remote workforces, 5G deployment, and cloud adoption continually expand attack surfaces,” said AJ Nash, Sr. Director of Cyber Intelligence Strategy, Anomali. “To remain protected while conducting business in today’s cyber landscape, organizations need to have access to intelligence that enables threat analysts to conduct efficient investigations, detect threats, and drive fast response efforts.”