This article originally appeared at The WHIR
The FBI warns that an Iranian hacker group may be ready to target US businesses that deal with defense contractors, energy firms and educational institutions.
In an exclusive report on Saturday, Reuters said the FBI confidential “Flash” report provided details about the techniques and software that may be used and gave advice on stopping a data breach. The document asked businesses to report suspicious activity to the FBI.
Cylance released a report earlier this month that identified victim infrastructure organizations worldwide, naming it Operation Cleaver. “…[D]etailing coordinated attacks by hackers with ties to Iran on more than 50 targets in 16 countries around the globe,” according to the report. “Victim organizations were found in a variety of critical industries, with most attacks on airlines and airports, energy, oil and gas, telecommunications companies, government agencies and universities.”
Attacks are launched from two IP addresses in Iran, according to the FBI. Although no further details are available at this time the official speaking to Reuters said the agency often provides intel to the private industry to defend against cyber attacks.
The NSA and Pentagon had no comment.
Cylance’s CEO said the fact that the FBI is issuing warnings against the attacks indicates an even bigger threat than their research showed. While the FBI was reluctant to identify attacks as the Tehran government, simply stating that attacks originate from IP address in Iran, Cylance was more adamant that Iran’s government is behind the campaign. Iran denies this allegation.
Since Tehran was hit in 2010 by a computer virus targeting its nuclear program, it has been increasing its investment in cybersecurity capabilities. Professionals investigating attacks see that Iran’s investment is beginning to pay off.
“They are good and have a lot of talent in the country,” Dave Kennedy, CEO of TrustedSEC LLC told Reuters. “They are definitely a serious threat, no question.”
“Iranian hacker activists were responsible for a devastating February 2014 attack on casino operator Las Vegas Sands Corp, which crippled thousands of servers by wiping them with destructive malware,” reported Bloomberg Businessweek on Thursday. “It said the hackers sought to punish Sands CEO Sheldon Adelson for comments he made about detonating a nuclear bomb in Iran.”
Cybersecurity companies are having success lately identifying significant threats. Earlier this month, Fireye identified hackers targeting Wall Street to gain insider information and now Cylance with the threat it calls Operation Cleaver.
Iran targeting the US is not new; it attacked US banks two years ago, inspiring CloudFlare to come up with new technology.
Despite the success of these security companies in identifying potential risk factors and behaviours, hacks have been a significant problem this year and perhaps the final quarter of 2014 is shaping up to be even bigger than the third quarter. DDoS attacks of greater than 10Gbps rose in the third quarter. The Lizard Squad hacker group took credit for DDoS attacks at Sony Playstation and Xbox. German host 1&1 suffered an attack as well on the same days the company was attacked in October.
This article originally appeared at: http://www.thewhir.com/web-hosting-news/sophisticated-iranian-hacker-group-targeting-us-businesses