Iran courted US security expert for years, seeking industrial hacking training
Iran has over the past decade built up its own organic hacking and cyberwarfare capabilities. But the groups associated with orchestrating Iran's various cyberwarfare and cyber-espionage activities have also relied significantly on mining the work of others—and in at least one case, they have tried to bring in outside help for the ostensible purpose of training would-be hackers.
According to Chris Kubecka—a security researcher who played a prominent role in Saudi Aramco's response to the Iran-attributed Shamoon "wiper" malware—officials with the Telecommunication Company of Iran emailed and messaged her on behalf of the Iranian government, attempting "to recruit me to teach hacking in country against critical Infrastructure with focus on nuclear facilities," she told Ars.
These efforts, which Kubecka alluded to briefly in a presentation at AppSec California in 2018, spanned over 2.5 years—during which Kubecka informed the FBI. "I was collecting evidence and communicating with them directly until last January when the FBI stepped in," she said. "The last contact we had, the Iranians wanted my home address to send me 'a gift'."