Exclusive:
Iran hackers may target U.S. energy, defense firms, FBI warns
Send a link to a friend
[December 13, 2014]
By Jim Finkle
BOSTON (Reuters) - The Federal Bureau of
Investigation has warned U.S. businesses to be on the alert for a
sophisticated Iranian hacking operation whose targets include defense
contractors, energy firms and educational institutions, according to a
confidential agency document.
|
The operation is the same as one flagged last week by cyber
security firm Cylance Inc as targeting critical infrastructure
organizations worldwide, cyber security experts said. Cylance has
said it uncovered more than 50 victims from what it dubbed Operation
Cleaver, in 16 countries, including the United States.
The FBI's confidential "Flash" report, seen by Reuters on Friday,
provides technical details about malicious software and techniques
used in the attacks, along with advice on thwarting the hackers. It
asked businesses to contact the FBI if they believed they were
victims.
Cylance Chief Executive Stuart McClure said the FBI warning
suggested that the Iranian hacking campaign may have been larger
than its own research revealed. "It underscores Iran's determination
and fixation on large-scale compromise of critical infrastructure,"
he said.
The FBI's technical document said the hackers typically launch their
attacks from two IP addresses that are in Iran, but did not
attribute the attacks to the Tehran government. Cylance has said it
believes Iran's government is behind the campaign, a claim Iran has
vehemently denied.
An FBI official did not provide further details, but said the agency
routinely provides private industry with advisories to help it fend
off cyber threats.
The Pentagon and National Security Agency had no immediate comment.
Tehran has been substantially increasing investment in its cyber
capabilities since 2010, when its nuclear program was hit by the
Stuxnet computer virus, widely believed to have been launched by the
United States and Israel.
Cyber security professionals who investigate cyber attacks said that
they are seeing evidence that Iran's investment is paying off.
[to top of second column] |
"They are good and have a lot of talent in the country," said Dave
Kennedy, CEO of TrustedSEC LLC. "They are definitely a serious
threat, no question."
Iranian hackers are increasingly being blamed for sophisticated
cyberattacks.
Bloomberg Businessweek on Thursday reported that Iranian hacker
activists were responsible for a devastating February 2014 attack on
casino operator Las Vegas Sands Corp, which crippled thousands of
servers by wiping them with destructive malware. It said the hackers
sought to punish Sands CEO Sheldon Adelson for comments he made
about detonating a nuclear bomb in Iran.
(Reporting by Jim Finkle. Additional reporting by Mark Hosenball and
Andrea Shalal in Washington; Editing by Christian Plumb)
[© 2014 Thomson Reuters. All rights
reserved.] Copyright 2014 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
|