New Report Casts Blame for Widespread Cyberattacks on Iranian Hackers

A new report contends Iranian hackers stole confidential information from government agencies and major companies in 16 countries during at least the last two years. Security vendor Cylance says the ongoing attacks, which it calls  “Operation Cleaver," stole documents and wrested control of computer networks of organizations located in nations including Canada, China, India, Israel, Mexico, Pakistan, South Korea, Turkey, the United Arab Emirates, and the US. The organizations were in the military, energy, transportation, telecommunications, technology, and other industry sectors. Cylance says it has evidence these intrusions were made by the same Iran-based group responsible for a 2013 attack on the US Navy computer network. Hamid Babaei, spokesperson for Iran's mission to the United Nations, said these claims are “a baseless and unfounded allegation fabricated to tarnish the Iranian government image, particularly aimed at hampering current nuclear talks.”. According to Cylance’s report, the hackers used a combination of off-the-shelf and custom tools to infiltrate target computer systems. “We discovered the scope and damage of these operations during investigations of what we thought were separate cases,” said company CEO Stuart McClure. “Due to the choice of critical infrastructure victims and the Iranian team’s quickly improving skillset, we are compelled to publish this report.” Although based in Tehran, the company said, the hackers receive help from people in Canada, the Netherlands, and the UK. Cylance said it has traced the attacks to June 2012, although they may have begun as early as 2010. Cylance shared its findings with the victims and the US Federal Bureau of Investigation. (PC Mag)(USA Today)(Reuters)