Critical Pakistani Networks Compromised By Iranian Hackers

In another series of disturbing revelations, Iranian hackers have penetrated and stolen information from governments and private companies around the world. Pakistan is among the countries affected by the hacks. According to researchers, this operation has been going on since 2012.

Cylance, the security company that has authored the report, says that highly sensitive information has been stolen from government agencies as well as infrastructure companies in the following countries: United States, Britain, Canada, China, France, Germany, India, Israel, Kuwait, Mexico, Pakistan, Qatar, Saudi Arabia, South Korea, Turkey and the UAE.

The operation has been active since 2012 and governments and major infrastructure companies across the world were the targets of attack

The hacks, which have been dubbed ‘Operation Cleaver’, show that the Iranian hackers managed to infiltrate and conduct surveillance on a global scale. Affected companies are from a wide range of operational fields that include military, oil and gas, energy and utilities, transportation, airlines, airports, hospitals, telecommunications, technology, education, aerospace and other sectors.

Cylance suspect that the main operation is being conducted from Tehran with smaller cells operating in Canada, Britain and the Netherlands. Detailing information about Operation Cleaver, the researchers said, “During intense intelligence gathering over the last 24 months, we observed the technical capabilities of the Operation Cleaver team rapidly evolve faster than any previously observed Iranian effort. As Iran’s cyber warfare capabilities continue to morph, the probability of an attack that could impact the physical world at a national or global level is rapidly increasing. Their capabilities have advanced beyond simple website defacements.”

If the operation is left to continue unabated, it is only a matter of time before the world’s physical safety is impacted by it – Researchers

Operation Cleaver is another huge security threat that appears to be state sponsored, with multiple Persian hackers and Iran registered domains highlighted in the report. Previously, we covered Regin and the scope of this new threat appears to be the same. Warning about potential ramifications if not immediately addressed, Cylance researchers said ” We have uncovered only a fraction of Operation Cleaver’s full scope. If the operation is left to continue unabated, it is only a matter of time before the world’s physical safety is impacted by it.”

The discovery of the Stuxnet worm, which affected Iranian nuclear reactors appears to have triggered this retaliation which has ramped up to full scale cyber warfare.  Cylance said, “Stuxnet was an eye-opening event for Iranian authorities, exposing them to the world of physical destruction via electronic means. Retaliation for Stuxnet began almost immediately in 2011.”

Transportation systems in Pakistan were affected and even our airport gates and security control systems were under the control of the hackers

Perhaps what is most concerning about Operation Cleaver is the fact that transportation systems in South Korea, Saudi Arabia and Pakistan were successfully compromised. This means that our remote infrastructure and supply chain were under the control of a malicious entity. Everything from airport gates to security control systems to payment systems were compromised and we were none the wiser.

The increasing number of major security breaches go to show that we need to invest more in defense against such threats. The internet is the battle-ground where modern warfare is conducted and the sooner the authorities wake up and realize it, the better.

via Express Tribune

Talal is the Editor in Chief at ProPakistani. Reach out at [email protected]