The FBI has warned US firms to prepare for the worst, following fresh cyber threats from Iranian hackers targeting US companies including, Telecommunication companies, Education Institutions, defense contractors and Energy firms. Iranian government has rubbished claims of its involvement in the attacks, saying the accusations are a tactic to divert the ongoing nuclear talks.
US is increasingly growing wary of Iranian hackers, with the latest security heads up from the FBI warning US firms against fresh cyber threats from Iranian hackers, just days after another US cyber security firm linked the Tehran government to cyber assault against US energy companies.
A confidential FBI report intercepted by Reuters reveals Iranians are targeting top US companies, including, defense contractors, energy firms and Education institutions. The report concurs with another report by Cylance Security firm which unearthed an operation Cleaver targeting at least 50 organization and government agencies in the last two year.
Commercial airlines, telecommunication companies and energy firms were the high priority targets for Iranian hackers according to Cylance. Sources privy to the matter reveals Iranian hackers had infiltrated US power generation company Calpine Corp, and state owed energy companies such as Saudi Armac and Petroleos Mexicanos (Pemex) in their two year clandestine operation.
Apparently, the FBI’s technical document obtained by Reuters shows a wide hacking campaign employing sophisticated malwares that may have targeted more companies than Cylance had earlier estimated. The Feds also identifies two Iranian IP address used by attackers, but FBI did not link the Iranian government to the Cyber Attack.
Unlike the Feds, Cylance did not hesitate to point fingers at the Tehran government for sponsoring the numerous cyber-attacks, claims Tehran has continuously refuted. Hamid Babaei, a spokesman for Iran’s mission to the United Nations, dismissed Cylance report as a “baseless and unfounded allegation fabricated to tarnish the Iranian government image, particularly aimed at hampering current nuclear talks.”
Over the years, US has considered Iran as a lesser threat to its cyberspace compared to china and Russia but not anymore. Recently attacks on US companies clearly indicates that Iran has rebuilt its cyber capabilities and poses a greater threat to critical infrastructure, more than the traditional aggressors, China and Russia.
“Russians are the most sophisticated and most capable outside the U.S. The Chinese bring to bear staggering numbers of people and computers. Iran is probably between those two,” said retired Admiral William Fallon, head of the U.S. Central Command until 2008. “They are definitely a serious threat, no question,” added Dave Kennedy, CEO of TrustedSEC LLC.
Iran possibly started rebuilding its cyber capabilities in response to a joint cyberattack by US and Israel that crumbled its nuclear plant. US and its western allies have for long time opposed Iran’s nuclear programs citing a need to demilitarize the world. In 2010 US, in a joint operation with Israel allegedly used complex Stuxnet malware to cripple Iran nuclear plants, more reason for the bad blood between the two countries.
In the past Iran state backed hackers, have been linked to an array high profile attacks in US. In 2013 Tehran hackers infiltrated unclassified computer network of the US Navy prompting a shutdown. In February this year, they were allegedly behind a cyber-assault against a casino, Las Vegas Sands Corp, causing massive outage according to a story by Bloomberg earlier this week.
Top/Featured Image: By tworlen / Pixabay (https://pixabay.com/en/usa-american-flag-us-patriotic-389445/)