2 min read

FBI warns firms of sophisticated Iranian hacker threat

Graham CLULEY

December 16, 2014

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
FBI warns firms of sophisticated Iranian hacker threat

The FBI has reportedly privately warned US energy and defence firms to be on the lookout for a sophisticated attack against their computer systems by sophisticated Iranian hackers.

That’s the claim made by Reuters which says it has seen a confidential “Flash” report issued by the US authorities on Friday, detailing methods used by the attackers and methods to thwart being hit by the malware.

Although the finger is most definitely being pointed at Iran – with the FBI’s advisory document identifying two IP addresses based in Iran that are used to launch attacks – the report does not go as far as to apportion blame to the Iranian authorities.

And, of course, it should be remembered that attributing attacks to a particular country is notoriously difficult, as it is so easy for hackers to hide their tracks, or use compromised computers in another nation to act as a proxy when launching their attacks if they so choose.

But, if accurate, the threat would appear to tie in with research issued earlier this month by Cylance of “Operation Cleaver”, a hacking campaign orchestrated by an Iranian team that the firm dubbed “Tarh Andishan”.

Operation Cleaver is said to have targeted critical infrastructure organisations around the world, including defence contractors, oil and gas energy producers, telecom firms, chemical companies and governments.

cleaver-targets

Cylance reported that it knew of some 50 targets and compromised victims, but believed that the FBI warning showed that the scale of the operation may be larger than its own research had revealed.

For its part, the government in Tehran is said to have vehemently denied any connection with the attacks.

Of course, Iran is no stranger to attacks on critical infrastructure – albeit most notoriously it was Iran that was on the receiving end of such an attack when the Stuxnet malware (probably built by the Americans with assistance from Israel) managed to infect the uranium enrichment facility at the city of Natanz.

Would it really be any surprise to hear that that incident had spurred Iran to invest more deeply in its own hacking attempts against critical infrastructure in countries it perceived to be its enemies?

It was recently revealed that in 2012 Iranian hackers had managed to break into a US Navy network for four months, exploiting a vulnerability in a poorly-secured public-facing website.

Regardless of whoever might be behind the latest attack that the FBI is warning about, it would be sensible for organisations to take it seriously and continue to assess the security of their systems to reduce the chances of a breach.

tags


Author



Right now

Top posts

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

April 15, 2022

3 min read
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

April 14, 2022

3 min read
Why and how to hide your IP address while traveling

Why and how to hide your IP address while traveling

April 13, 2022

2 min read
How Bitdefender Can Help Restore Your Privacy in the Digital Age

How Bitdefender Can Help Restore Your Privacy in the Digital Age

April 04, 2022

3 min read
How Strong is VPN Encryption?

How Strong is VPN Encryption?

February 28, 2022

3 min read
Top Three Ways Internet Users Unknowingly Help Cybercriminals

Top Three Ways Internet Users Unknowingly Help Cybercriminals

February 25, 2022

4 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Malware and PUA Campaigns Abuse Existing Apps, Here’s a Top 10 to Watch Out For Malware and PUA Campaigns Abuse Existing Apps, Here’s a Top 10 to Watch Out For
Silviu STAHIE

May 19, 2022

3 min read
Researchers Find Thousands of Websites that Record Everything You Type Researchers Find Thousands of Websites that Record Everything You Type
Radu CRAHMALIUC

May 16, 2022

2 min read
Ukrainian Citizen Sentenced to Prison for Brute-Forcing Credentials and Selling them Online Ukrainian Citizen Sentenced to Prison for Brute-Forcing Credentials and Selling them Online
Silviu STAHIE

May 13, 2022

2 min read