{"id":10695,"date":"2021-12-15T00:00:00","date_gmt":"2021-12-15T00:00:00","guid":{"rendered":"http:\/\/localhost\/cyber-operations\/targeting-of-asian-airline\/"},"modified":"2021-12-15T00:00:00","modified_gmt":"2021-12-15T00:00:00","slug":"targeting-of-asian-airline","status":"publish","type":"post","link":"https:\/\/www.cfr.org\/cyber-operations\/targeting-of-asian-airline","title":{"rendered":"Targeting of Asian airline"},"content":{"rendered":"<p>An Iranian threat actor was found using a backdoor against an Asian airline in the summer of 2021. The attackers used Slack as the command and control hub for the backdoor they had inserted, the first observation of the use of the workplace messaging application in such a way by a state-sponsored actor.&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>An Iranian threat actor was found using a backdoor against an Asian airline in the summer of 2021. The attackers used Slack as the command and control hub for the backdoor they had inserted, the first observation of the use of the workplace messaging application in such a way by a state-sponsored actor.&nbsp;<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_cloudinary_featured_overwrite":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_post_was_ever_published":false},"categories":[2],"tags":[],"cyber_operation":[49],"state_sponsor":[76],"victim_category":[138],"victim_government_response":[186],"victim":[],"class_list":["post-10695","post","type-post","status-publish","format-standard","hentry","category-incident","cyber_operation-espionage","state_sponsor-iran-islamic-republic-of","victim_category-private-sector","victim_government_response-unknown"],"acf":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/posts\/10695","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/comments?post=10695"}],"version-history":[{"count":0,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/posts\/10695\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/media?parent=10695"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/categories?post=10695"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/tags?post=10695"},{"taxonomy":"cyber_operation","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/cyber_operation?post=10695"},{"taxonomy":"state_sponsor","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/state_sponsor?post=10695"},{"taxonomy":"victim_category","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/victim_category?post=10695"},{"taxonomy":"victim_government_response","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/victim_government_response?post=10695"},{"taxonomy":"victim","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/victim?post=10695"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}