Coordinated attacks by Iran-based hackers have been directed at major airlines, energy firms and defence companies worldwide according to a report released by a US cyber-security firm.
The report, ‘Operation Cleaver’, exposed cyber-attacks affecting more than 50 businesses, facilities and organisations in 16 countries over a period of two years. The findings were a result of an ongoing investigation by the California-based company into Iran’s cyber capabilities and multiple security breaches.
“We hope the information we share can reveal the techniques and tools of this group, drawing global attention to attacks on critical infrastructure and preventing attacks which could endanger human lives,” said Stuart McClure, CEO of Cylance.
Cylance uncovered previously undetected malware tied to the Tehran-based group, with most attacks on airlines, airports, energy firms, universities, hospitals and telecommunication operators, in the United States, Israel, China, Saudi Arabia, India, Germany, France, England and others.
“Global critical infrastructure organisations need to take this threat seriously. The Iranian adversary is real and they’re coming, if not already here,” said Mark Weatherford, former Deputy Under Secretary for Cybersecurity at the US Department of Homeland Security, in the 87-page report.
The hackers harvested significant data ranging from sensitive employee information, critical infrastructure documents from educational institutions and logistics material of major airline and transport operators.
"We believe that if the operation is left to continue unabated, it is only a matter of time before the team impacts the world's physical safety," stated the report.