Hackers with ties to Iran have infiltrated companies across the globe including airlines, energy companies, telecommunications firms and government agencies, experts said today.
The attackers took large amounts of data including sensitive employee information and schedules, ID photos, information about airport and airline security and PDFs of diagrams of important infrastructure, the experts said. The data that was stolen likely indicates that the group could have other motives than financial ones, they said.
A hacking team pretending to be a construction company in Tehran broke into as many as 50 companies in 15 countries, cybersecurity firm Cylance said in its report, titled ‘Operation Cleaver’ because ‘cleaver’ was used several times in the custom software that was used in the attacks.
The hackers used a range of tools to break into the companies, the report said.
They tended to target what cybersecurity companies call ‘critical’ companies — ones of structural importance, such as oil and gas firms, government and defense groups, airports and transportation companies, telecommunications and technology companies.
The group also broke into universities, often with an emphasis on medical schools, taking large amounts of data on foreign students, including images of passports and social security cards.
The firm found the attacks when it was contracted to investigate a number of security breaches.
Significant victims were found in Canada, China, England, France, Germany, India, Israel, Kuwait, Mexico, Pakistan, Qatar, Saudi Arabia, South Korea, Turkey, United Arab Emirates and the United States, Cylance said.Reuse content