Iranian hackers have been identified as the source of coordinated attacks against more than 50 targets in 16 countries, many of them corporate and government entities that manage critical energy, transportation and medical services.
According to Cylance, a security firm based in California in USA, over the course of two years Iranian hackers managed to steal confidential data from a long list of targets and in some cases infiltrated victims computer networks to such an extent that they could take over, manipulate or easily destroy data on those machines.
Cylance called the attacks “Operation Cleaver” because the word cleaver appeared often in the attackers malicious code.
The hackers used a set of tools that can spy and even shut down critical control systems and computer networks, and aimed them at targets in the United States, Canada, Israel, India, Qatar, Kuwait, Mexico, Pakistan, Saudi Arabia, Turkey, the United Arab Emirates, Germany, France, England, China and South Korea.
Victims of the attacks include: US Marine Corps, a major airline, a medical university, an energy company that specializes in natural gas production, a car manufacturer, a major military installation and a large military contractor. The Islamic Republic also concentrated attacks on oil and gas industries and universities in the United States, India, Israel and South Korea and managed to steal pictures, passports and specific identifying information for students and faculty.
Cylance said it also collected worrying evidence of attacks on transport networks, including airlines and airports in South Korea, Saudi Arabia and Pakistan. Researchers said they found evidence that hackers gained complete remote access to airport gates and security control systems, “potentially allowing them to spoof gate credentials.”
See here for full report: http://www.cylance.com/assets/Cleaver/Cylance_Operation_Cleaver_Report.pdf