The FBI has warned U.S. businesses to be on the alert for a sophisticated Iranian hacking operation whose targets include defense contractors, energy firms and educational institutions, according to a confidential agency document. The operation is the same as one flagged last week by cybersecurity firm Cylance Inc. as targeting critical infrastructure organizations worldwide, cybersecurity experts said. Cylance has said it uncovered more than 50 victims in 16 countries, including the United States, from what it dubbed Operation Cleaver. The FBI's confidential "Flash" report, seen by Reuters on Friday, provides technical details about malicious software and techniques used in the attacks, along with advice on thwarting the hackers. It asked businesses to contact the FBI if they believed they were victims of the campaign.
Cylance Chief Executive Stuart McClure said the FBI warning suggested that the Iranian hacking campaign may have been larger than its own research revealed. "It underscores Iran's determination and fixation on large-scale compromise of critical infrastructure," he said.
The FBI's technical document said the hackers typically launch their attacks from two IP addresses that are in Iran, but did not attribute the attacks to the Tehran government. Cylance has said it believes Iran's government is behind the campaign, a claim Iran has vehemently denied. Iran in the past has targeted the U.S. infrastructure in the energy sector.
Secretary Kerry: US Not Coordinating Militarily with IranDec. 3, 201400:49
- Hacker Wars: Companies Fight Back With Counter-Intelligence
- FBI Warns of Possible Cyberattacks in Retaliation for U.S. Strikes on ISIS