Sign up to our newsletter
A group of Iranian hackers has been breaching computer networks of 50 of the world’s biggest energy, transport and infrastructure groups for the last two years, reports Reuters.
Security firm Cylance published the findings in a report called ‘Operation Cleaver’, where they reported that as many as 50 companies had been targeted by Iranian hackers, potentially harming national security in the United States, England, China, France, Germany, Canada, India, Israel, Mexico, Turkey, South Korea, Kuwait, Pakistan, Qatar, Saudi Arabia and the United Arab Emirates.
“Ten of these victims are headquartered in the US and include a major airline, a medical university, an energy company specializing in natural gas production, an automobile manufacturer, a large defense contractor, and a major military installation,” the report reads. “We believe that if the operation is left to continue unabated, it is only a matter of time before the team impacts the world’s physical safety.”
The report revealed that confidential security documents had been stolen over the last two years, including employee details, ID card data and PDFs of airport security systems.
IT Pro states that the security company have not revealed how the hackers gained access to the companies’ records, but that it is “thought they used malware to get access to employee records and used these identities to siphon off other confidential documents.” Forbes delves deeper into techniques used, claiming that they include a touch of social engineering: in on instance registering a website – “a direct copy of a legitimate website at winresume.com, and launched attacks from there.”
Iran has hit back at the 87-page report, with the spokesman for the country’s UN mission Hamid Babaei dismissing the claims, stating, “This is a baseless and unfounded allegation fabricated to tarnish the Iranian government image, particularly aimed at hampering current nuclear talks.”
Author Alan Martin, ESET