For the past two years, a Tehran, Iran-based hacker group has breached the computer networks of around 50 of the world’s top energy, transport, and infrastructure companies, including 10 US-based firms
According to cyber security firm Cylance, the campaign dubbed Operation Cleaver has so far only focused on intelligence gathering, although it has the ability to launch attacks. “We believe that if the operation is left to continue unabated, it is only a matter of time before the team impacts the world’s physical safety,” the California-based company said.
The hackers are believed to be part of the same group that hacked unclassified US Navy computers last year. So far they’ve obtained massive databases of user credentials and passwords, diagrams, and screenshots from various organizations including aerospace, energy, transportation, and universities.
Although the report didn’t directly name affected companies, a person familiar with the research said that US-based energy firm Calpine Corp, state-controlled oil companies Saudi Aramco and Petroleos Mexicanos (Pemex), as well as air carriers Qatar Airlines and Korean Air were among the specific targets.
The hacking group has reportedly also targeted firms and agencies in Canada, China, England, France, Germany, India, Israel, Kuwait, Mexico, Pakistan, Qatar, Saudi Arabia, South Korea, Turkey, and the United Arab Emirates.
Terming the 87-page report as “groundless”, Hamid Babaei, spokesman for Iran’s UN mission said, “This is a baseless and unfounded allegation fabricated to tarnish the Iranian government image, particularly aimed at hampering current nuclear talks.” For its part, Cylance said it has reported the hacking incident to some of the victims as well as the FBI.