Support Our Future Leaders

The Media Line is known for producing truthful, unbiased journalism and we are teaching future journalists to do the same. Through our signature Press and Policy Student Program, The Media Line provides an innovative opportunity for students to globalize their educational experience by connecting to an active news bureau in the Middle East, studying journalism and public policy under the mentorship of veteran journalists while earning academic credit.

These students will reshape how the world sees and understands the Middle East and, in turn, how the Middle East impacts our world. Your contribution will provide the next generation with the skills they need to uphold the highest standards of journalism and, in turn, educate our global society with integrity and respect.

Thank you!

“The Press and Policy Student Program has elevated my global awareness, supported my journalistic efforts, and propelled me on the path of future success within the news industry.”
Press and Policy Student Program Participant
Carla Warren, University of Houston
Thank you and best wishes.
Felice Friedson
Founder, President
ClearSky CEO Explains How it Foiled Iranian Hack of Gilead
Not always enough. A security guard watches over the Gilead Sciences headquarters in Foster City, California, on April 30. (Josh Edelson/AFP via Getty Images)

ClearSky CEO Explains How it Foiled Iranian Hack of Gilead

Though owner of Remdesivir – a hot drug in the coronavirus age – is safe for now, analysts say Tehran is often capable of obtaining what it wants

The Islamic Republic of Iran has been hit hard by COVID-19. It ranks 10th worldwide in coronavirus cases, at 112,725, with 6,783 fatalities, according to Wednesday’s update from the Johns Hopkins coronavirus tracker.

This might have been the motivation behind a recent Iran-linked cyberattack against the California-based pharmaceutical company Gilead Sciences, Boaz Dolev, CEO and co-founder of the Israeli firm ClearSky Cyber Security, told The Media Line.

ClearSky discovered the hacking attempt, as was first reported by the Reuters news agency on Friday.

Gilead’s experimental drug Remdesivir is being rushed into the supply chain as a potential treatment for COVID-19. On May 1, the US Food and Drug Administration granted it emergency use authorization for treating the disease.

Gilead announced on Tuesday that the company had inked a deal with five generic manufacturers to produce the antiviral drug in 127 countries, excluding the United States.

“They maybe wanted to get information about the new medicine… because they have been infected quite badly, and I’m sure that they want to perhaps develop their own medicine or steal medicine IP [intellectual property] from someone else,” Dolev said, referring to the Iranians.

ClearSky has been monitoring the Iran-based hacking group Charming Kitten for the past four or five years, he noted.

According to Dolev, the Iranian hackers usually focus on obtaining information from academic researchers, but the cybersecurity firm noticed a change in January or early February.

“They might have, I would say, changed their modus operandi, and they were asked to get information about the COVID-19… from wherever they can get information about it,” he stated.

In the attempt on Gilead, the hackers used the World Health Organization as their email “phishing bite,” he noted. A suspicious email addressed to someone at the company was sent to ClearSky for examination, and that is when the hacking attempt was discovered.

The Iranians were impersonating a high-ranking official from the WHO.

Cybersecurity experts say this was a low-grade operation that does not reflect the full capabilities of the Iranian regime.

In emailed comments to The Media Line, Robert Pritchard, founder of The Cyber Security Expert, a consultancy and training firm, called the phishing techniques used by these particular hackers “fairly routine.”

Israeli cybersecurity expert Menny Barzilay adds that the operation was unsophisticated.

“If indeed it was the Iranian government, it was definitely not one of their leading offensive cyber units,” he told The Media Line.

Pritchard, however, warns that Iran’s hacking capabilities should not be underestimated.

“Iran has competent hacking specialists and has proven itself capable of running successful espionage campaigns online, as well as launching disruptive attacks on occasion,” he said.

Analysts say the persistence and patience of Charming Kitten does achieve occasional success.

Trevor Logan, a research analyst at the Foundation for Defense of Democracies’ Cyber-Enabled Economic Warfare (CEEW) project, says there have been reports of Iranian groups using social media to build fake profiles that engage with a circle of other fake profiles to appear legitimate.

“This extra effort is what makes Charming Kitten and other Iranian hacking groups particularly good at getting unsuspecting individuals to hand over their login credentials or download malware,” Logan told The Media Line via email.

Adds Dolev: “If you do enough, many times there is somebody in the end who is opening your letter or sending his credentials. So I would estimate that they succeed in getting information. Not from Gilead, but other targets, I’m quite sure.”

Give the Gift of Trusted News!

Dear friends,

The Media Line is always there to report to you the stories and issues of the Middle East – completely and in context: TML is the source you can trust.

Know The Media Line to Know The Middle East!

Please support our ad-free, nonprofit news agency. Our seasoned journalists reporting from the Middle East are working day and night during these challenging, yet defining times; and our student interns are honing their knowledge and skills, preparing to emerge as tomorrow’s journalists.

You rely on us and we’re relying on you! Make your online tax-deductible donation here and contact us regarding donations through appreciated stock, donor advised funds, qualifying IRA distributions and other charitable instruments.

Thank you for confidence in The Media Line.
Felice Friedson
Founder, President

Invest in the
Trusted Mideast
News source.
We are on the
front lines.

Personalize Your News
Upgrade your experience by choosing the categories that matter most to you.
Click on the icon to add the category to your Personalize news
Browse Categories and Topics
Wake up to the Trusted Mideast News source Mideast Daily News Email
By subscribing, you agree to The Media Line terms of use and privacy policy.
Wake up to the Trusted Mideast News source Mideast Daily News Email
By subscribing, you agree to The Media Line terms of use and privacy policy.