ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Home > List all groups > Indra

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link APT group: Indra

NamesIndra (self given)
MotivationSabotage and destruction
First seen2019
Description(Check Point) Check Point Research (CPR) warns governments everywhere of the importance of protecting critical infrastructure, as it learns that the July 9 cyber attack on Iran’s train system was carried out by Indra, a group that identifies itself as regime opposition and has the capability to wipe out data without direct means for recovery.

• CPR analyzed artifacts left by the July 9 cyber attack on Iran’s train system, attributing the attacks to a group that self-identifies as Indra
• CPR confirms that Indra was also responsible for cyber attacks against multiple companies in Syria in 2019 and 2020
• CPR cites cyber attack on Iran’s train system as an example for governments around the world of how a single group can create disruption on critical infrastructure
ObservedSectors: Energy, Transportation.
Countries: Iran, Syria.
Tools usedComet.

Last change to this card: 01 November 2021

Download this actor card in PDF or JSON format

Previous: IndigoZebra
Next: Indrik Spider

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]