US Experts: Iranian Hackers Targeting Airlines and Energy Firms Says

Iranian state-backed hackers have been working on intelligence gathering campaign which targeted companies and Airlines from US and its Western Allies. A report by Cylance security firm indicate Iran’s Cyber capabilities are growing at an alarming rate and could easily surpass traditional Cyber aggressors, Russia and China.

Iran has always ranked low in the pecking order when it comes to countries that poses a threat to global network infrastructure. The paradigm seems to have shifted with latest security heads up by Cylance security firm, indicating that Iranian state backed hackers could easily pull down global infrastructure including commercial airline and weather system in the coming days.

Cylance’s report indicate that an Iranian based hackers’ groups have targeted over 50 companies and government Agencies for the last two years. High priority targets include Commercial airlines, energy firms, telecommunication companies and Aerospace firms in Pakistan, UAE, South Korea, England, Germany and France.

The Silicon Valley security firm declined to reveal the identities of the breached companies, but sources privy to the matter reveals that Pakistan International Airport, Korean Air and Qatar Airlines have been hit hard by the breach. US power generation companies Calpine Corp and other state owns petroleum companies such Saudi Aramco and Petroleos Mexicanos (Pemex) were also not spared either.

The hackers also infiltrated the computer networks of private contractors such suppliers and other firms providing services such are airline maintenance, loading cargo and fueling. Apparently, the group’s primary focus was gathering intelligence, stealing information such workers Passwords, Usernames and Passports which could be used to impersonate airport workers and grant hackers a higher security clearance at airports.

The report pictures Iran as country whose cyber capabilities are growing at an alarming rate, ready to assert its position as a leading cyber-powerhouse in the world. “If the operation is left to continue unabated, it is only a matter of time before they impact the world’s physical safety,” the report said.

Predictably, the Iranian government have rubbished Cylance report terming it as “baseless and unfounded allegation fabricated to tarnish the Iranian government image, particularly aimed at hampering current nuclear talks,” said Hamid Babaei, spokesman for Iran’s mission to the United Nations.

For a long time, US has been blaming Russia and China for targeting its key infrastructure but it’s now clear there is a new kid on the block, who is more determined to crumble America’s private computer networks. The Tehran based group allegedly on a revenge mission on US, was also linked to an attack on US Navy unclassified computer network in 2013.

“Russians are the most sophisticated and most capable outside the U.S. The Chinese bring to bear staggering numbers of people and computers. Iran is probably between those two,” said retired Admiral William Fallon, head of the U.S. Central Command until 2008. “They are pretty good and they are motivated.”

Iran has been in a long tussle with US and its western allies over Iran’s intent to reinvigorate is nuclear programs. In 2010 Iranian nuclear plants were hit by lethal Stuxnet malware allegedly from a joint operation by US and Israel. US and its western Allies are opposed to Iran’s nuclear programs, citing the need to DE-militarize world and promote global peace. Iran says it intends to use its nuclear plants only for generation of electricity and not for production of nuclear bombs as alleged by Washington.

Cylance researchers managed to hack into the group’s computer networks and found massive private data such as passwords and usernames stolen from US private entities organizations including Aerospace companies, transportation, Energy companies and Universities. Cylance also found crucial digital footprints that link the Iranian group with a 2013 hack at US Navy’s intranet (NMCI) which took almost a month to clean up. The FBI is currently investigating the matter.

The report by Cylance security affirms previous findings by another US security firm, FireEye, linking Iranian hackers to a string of security breached on US companies. Earlier in May, Isight Partners also linked Iran to cyber-espionage campaigns on US and Israel government officials.

Top/Featured Image: By Frank Bennett / Wikipedia (

Lawrence Mwangi Lawrence is a technology and business reporter. He has freelanced for a number of tech sites and magazines. He is a web-enthusiast, with a special interest in Online security, Entrepreneurship and Innovation. When not writing about tech he can be found in a Tennis court or on a chess board.
Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.