Iranian hackers hit airlines, telcos & energy firms
Details of attacks against airlines, energy companies, telecommunications firms and government agencies have begun to emerge
Iranian hackers have broken into the systems of airlines, hospitals, universities, defence contractors, energy companies, telecommunications firms and government agencies around the world over the last two years, stealing confidential security documents in the process.
Researchers at cybersecurity firm Cylance revealed other types of compromised information included employee details - such as schedules and ID card data - plus PDFs of airport security systems and measures.
Systems in as many as 50 companies in 16 countries were infiltrated in the attacks, and it's fear they could have compromised national security in countries including Canada, China, England, France, Germany, India, Israel, Kuwait, Mexico, Pakistan, Qatar, Saudi Arabia, South Korea, Turkey, United Arab Emirates and the United States.
"Ten of these victims are headquartered in the US and include a major airline, a medical university, an energy company specialising in natural gas production, an automobile manufacturer, a large defense contractor, and a major military installation," Cylance said in its report, entitled Operation Cleaver.
"We believe that if the operation is left to continue unabated, it is only a matter of time before the team impacts the world's physical safety."
It's thought the hackers were part of a Tehran-based group that performed a cyber attack on the US Navy's network last year, but Iranian officials denied the country was responsible for the hacks.
Hamid Babaei, head of the press office in the Mission of the Islamic Republic of Iran to the United Nations told Reuters: "This is a baseless and unfounded allegation fabricated to tarnish the Iranian government image, particularly aimed at hampering current nuclear talks."
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Cylance didn't reveal how the attackers managed to hack into systems, but it's thought they used malware to get access to employee records and then used these identities to siphon off other confidential documents.
Clare is the founder of Blue Cactus Digital, a digital marketing company that helps ethical and sustainability-focused businesses grow their customer base.
Prior to becoming a marketer, Clare was a journalist, working at a range of mobile device-focused outlets including Know Your Mobile before moving into freelance life.
As a freelance writer, she drew on her expertise in mobility to write features and guides for ITPro, as well as regularly writing news stories on a wide range of topics.