Iran-based hackers are believed to have infiltrated some of the world’s “top energy, transport and infrastructure companies” from various countries over the past two years, Reuters says, citing an 87-page report from cyber security company Cylance.
Oil companies such as Saudi Aramaco and Petroleos Mexicanos (Pemex), energy firm Calpine Corp and airlines including Qatar Airlines and Korean Air were among the targets, a person familiar with the report said, though Cylance did not mention any individual companies.
The security firm only mentioned that “aerospace firms, airports and airlines, universities, energy firms, hospitals, and telecommunications operators based in the United States, Israel, China, Saudi Arabia, India, Germany, France, England” have been attacked by Iranian hackers.
“We believe that if the operation is left to continue unabated, it is only a matter of time before the team impacts the world’s physical safety,” Cylance said.
The security firm added that the Iranian hackers group has only focused on gathering intelligence so far (Operation Cleaver), but that the team has the ability of launching attacks on their targets.
Hackers collected plenty of information so far, with researchers who managed to access some of their infrastructure finding “massive databases of user credentials and passwords, diagrams, and screenshots from organizations including energy, transportation, and aerospace companies, as well as universities.”
Iran is said to have heavily invested in its cyber capabilities since 2010, when its nuclear program was hit by the Stuxnet virus, believed to have been deployed by the U.S. and Israel.
An Iranian diplomatic representative denied Cylance’s claims.“”This is a baseless and unfounded allegation fabricated to tarnish the Iranian government image, particularly aimed at hampering current nuclear talks,” Iran’s United Nations spokesperson Hamid Babaei said.