FBI: Iranian Hackers Target US Businesses, Defense Contractors, Energy Firms, Other Institutions

Menchie Mendoza, Tech Times 13 December 2014, 10:12 am

The Federal Bureau of Investigation has sent out a confidential "flash" report revealing technical details about Iranian hackers allegedly carrying out attacks through malicious software and techniques. The warning also gave advice on the best thing to do in order to thwart the hackers.

The businesses that are believed to be targeted by the hackers include educational institutions, energy companies, airlines and defense contractors. They were advised by the FBI to contact the bureau if they believe that they have become victims of malicious campaigns.

Cylance Inc, a cyber security firm, said that the Iranian hacking operation revealed by the FBI is similar to the operation that the firm had flagged last week. Cyber security experts from the firm said that such operation had targeted critical infrastructure organizations that have locations worldwide.

"Operation Cleaver" has, for the past two years, attacked over 50 victims in 16 countries, which include the U.S., Pakistan, Israel and South Korea.

Cylance suggested that Iran's military hacking program may have capabilities that are far beyond what everyone expected. It also believes that the government of Iran is behind the hacking, something that Iran has strongly denied.

Since 2010, Tehran has been investing heavily on its cyber capacities following the attack on its nuclear program by the Stuxnet computer virus. It was widely believed that the attack was launched by the U.S. and Israel.

According to cyber security professionals who are investigating the cyber attacks, Iran's investment effort seems to be paying off.

"They are good and have a lot of talent in the country," said Dave Kennedy, CEO of TrustedSEC. "They are definitely a serious threat, no question."

The FBI report indicated that the hackers would normally launch their attacks using two IP addresses in Iran. However, the report did not attribute the attacks to the Tehran government.

The Iranian hackers have so far been blamed for other sophisticated cyber attacks.

In February, the group was believed to be responsible for the devastating attack on Las Vegas Sands Corp, a casino operating business. The attack shut down thousands of servers, which had been wiped with destructive malware. The hackers later admitted that the attack was meant to punish Sheldon Adelson, Sands CEO, after he made comments about a plan to detonate a nuclear bomb in Iran.