'Iran is the new China' declared as Iranian hackers threaten 'world’s critical infrastructure'

Iranian hackers have been running amok and breaching a shed-load of leading corporations across the globe, according to an American security company.

Cylance reckons that over the past couple of years, Iran-based cyber-ne’er-do-wells have targeted universities and hospitals, telecoms giants, energy companies, airlines and aerospace firms across the US, UK, Germany and France, Israel and India, Saudi Arabia, China and other nations.

The report from Cylance (which was highlighted by Reuters) does not name which companies were actually hit by the hackers, though a source who spoke to Reuters (the usual anonymous person familiar with the matter) said that targets had included the US outfit Calpine Corp (a Fortune 500 power company), Petroleos Mexicanos (Pemex – the Mexican state-owned petroleum company) and Korean Air.

Speaking about Iran’s campaign, Cylance noted that “if the operation is left to continue unabated, it is only a matter of time before the team impacts the world’s physical safety”.

It’s believed Iran is further engaged in cyber-espionage and scaling up its efforts due to the attacks on its nuclear industry which was targeted by the malware Stuxnet.

Cylance’s report boldly proclaims that Iran is the new China. It focuses on one particular Iranian team that the company has named Tarh Andishan, which has an “evolved skillset and uses a complex infrastructure to perform attacks of espionage, theft, and the potential destruction of control systems and networks”.

In total, this group has hit at least 50 victim organisations since 2012.

The report concludes: “The government of Iran, and particularly the Islamic Revolutionary Guard Corps (IRGC), is backing numerous groups and front entities to attack the world’s critical infrastructure.”

Cylance obviously then urges companies to take their security very seriously, and to: “Challenge your trusted advisors. Challenge your security vendors. Demand better technology and services to detect, respond, but most importantly PREVENT not just contemporary attacks, but future exotic attacks that have yet to be imagined.”