Since at least 2012, Iranian actors have directly attacked, established persistence in, and extracted highly sensitive materials from the networks of government agencies and major critical infrastructure companies in the following countries:The targets included "Networks and systems targeted in critical industries like energy and utilities, oil and gas, and chemical companies; Assets (both cyber and physical) and logistics information were compromised at major airline operators, airports, and transportation companies; Various global telecommunications, technology, healthcare, aerospace, and defense companies; Confidential critical infrastructure documents were harvested from major educational institutions around the world."
Canada, China, England, France, Germany, India, Israel, Kuwait, Mexico, Pakistan, Qatar, Saudi Arabia, South Korea, Turkey, United Arab Emirates, and the United States.
Iran is the new China. [in cyber warfare - EoZ]
Operation Cleaver has, over the past several years, conducted a significant global surveillance and infiltration campaign. To date it has successfully evaded detection by existing security technologies. The group is believed to work from Tehran, Iran, although auxiliary team members were identified in other locations including the Netherlands, Canada, and the UK. The group successfully leveraged both publicly available, and customized tools to attack and compromise targets around the globe. The targets include military, oil and gas, energy and utilities, transportation, airlines, airports, hospitals, telecommunications, technology, education, aerospace, Defense Industrial Base (DIB), chemical companies, and governments.
During intense intelligence gathering over the last 24 months, we observed the technical capabilities of the Operation Cleaver team rapidly evolve faster than any previously observed Iranian effort. As Iran’s cyber warfare capabilities continue to morph,2 the probability of an attack that could impact the physical world at a national or global level is rapidly increasing.
Their capabilities have advanced beyond simple website defacements, Distributed Denial of Service (DDoS) attacks, and Hacking Exposed style techniques.
With minimal separation between private companies and the Iranian government, their modus operandi seems clear: blur the line between legitimate engineering companies and state sponsored cyber hacking teams to establish a foothold in the world’s critical infrastructure.
Here are the specific industry targets for each country. Not surprisingly, the US is the major target of Iran's cyber-war.
And here's the scariest part - of what we know:
Perhaps the most bone-chilling evidence we collected in this campaign was the targeting and compromise of transportation networks and systems such as airlines and airports in South Korea, Saudi Arabia and Pakistan. The level of access seemed ubiquitous...Fully compromised VPN credentials meant their entire remote access infrastructure and supply chain was under the control of the Cleaver team, allowing permanent persistence under compromised credentials. They achieved complete access to airport gates and their security control systems, potentially allowing them to spoof gate credentials. They gained access to PayPal and Go Daddy credentials allowing them to make fraudulent purchases and allowed unfettered access to the victim’s domains. We were witnessed a shocking amount of access into the deepest parts of these companies and the airports in which they operate.Could the airport information be merely to enhance espionage - or is it meant to support terror attacks?
What is crystal clear is that Iran is already at war with much of the world. The question is whether the world is prepared to react appropriately.
--
Posted By Elder of Ziyon to Elder Of Ziyon - Israel News at 12/04/2014 02:00:00 PM
0 comments:
Post a Comment