chg: [threat-actor] IRIDIUM added

Ref: https://resecurity.com/blog/parliament_races/
2019-03-10 10:47:34 +01:00 · 2019-03-10 10:47:34 +01:00 · 6fb1303570
parent 769e0002ef
commit 6fb1303570
1 changed files with 13 additions and 1 deletions
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@ -6402,7 +6402,19 @@
      },
      "uuid": "ae1c64ff-5a37-4291-97f8-ea402c63efd0",
      "value": "APT-C-36"
+    },
+    {
+      "value": "IRIDIUM",
+      "uuid": "29cfe970-5446-4cfc-a2da-00e9f49e02ba",
+      "description": "Resecurity’s research indicates that the attack on Parliament is a part of a multi-year cyberespionage campaign orchestrated by a nation-state actor whom we are calling IRIDIUM. This actor targets sensitive government, diplomatic, and military resources in the countries comprising the Five Eyes intelligence alliance (which includes Australia, Canada, New Zealand, the United Kingdom and the United States)",
+      "meta": {
+        "refs": [
+          "https://resecurity.com/blog/parliament_races/",
+          "https://www.nbcnews.com/politics/national-security/iranian-backed-hackers-stole-data-major-u-s-government-contractor-n980986"
+        ],
+        "country": "IR"
+      }
    }
  ],
-  "version": 94
+  "version": 95
 }