A False Flag is the pretending to be one hacking entity when you are in fact another. False flag operations make investigations significantly more difficult. They are commonly used by nation-state hackers who seek to hide their attacks behind other well know entities in the hacking world.
Late last year the NSA released a warning that hacks in 35 countries appeared at first glance to come from Iran, but the intruders were in fact Russians who took over the other (Iran’s) country’s servers to spy in disguise. These false flag operations can be significant if a cyber attack by Russia on the United States is blamed on Iran, causing the U.S. to retaliate against Iran.
Related Terms: Attribution, Nation-State Hackers
Source: The Washington Post
For a deep dive into False Flags, here is a 45 min security researcher presentation: (you've been warned)
CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like:
- Cybrary (Cyber Library)
- Press Releases
- Instructional Videos (HowTo) – very helpful for our SuperUsers!
Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’.