Operation Cleaver
Operation Cleaver, as labelled in a report by American firm Cylance Inc. in late 2014, was a cyberwarfare covert operation targeting critical infrastructure organizations worldwide, allegedly planned and executed by Iran.
Cylance's report was later tacitly acknowledged in a confidential report by Federal Bureau of Investigation (FBI), though Iranian officials denied involvement in the operation.[1]
Cylance report
[edit | edit source]
In December 2014, California-based cyber security firm Cylance Inc. published results of a 2-year investigation,[2] an 86-page technical report, indicating that an operation, called "Operation Cleaver", has targeted the military, oil and gas, energy and utilities, transportation, airlines, airports, hospitals and aerospace industries organizations worldwide.[3]
The title "Operation Cleaver" alludes to frequent uses of the word "cleaver" in the malware's coding.[4]
According to the report, over 50 entities in 16 countries have been hit by the campaign, based in the United States, Israel, China, Saudi Arabia, India, Germany, France and England among others.[5] Cylance's research does not name individual companies, but Reuters reports citing "a person familiar with the research" Navy Marine Corps Intranet, Calpine, Saudi Aramco, Pemex, Qatar Airways and Korean Air were among the specific targets.[5]
Stuart McClure, Cylance founder and CEO believes that the hackers are sponsored by Iran and have ties to Islamic Revolutionary Guard Corps.[2]
FBI report
[edit | edit source]According to Reuters, the Federal Bureau of Investigation has filed a confidential "Flash" report, providing technical details about malicious software and techniques used in the attacks. The technical document said the hackers typically launch their attacks from two IP addresses that are in Iran, but does not attribute the attacks to the Iranian government.[5] FBI warned businesses to stay vigilant and to report any suspicious activity spotted on the companies' computer systems.[3]
Iran's reaction
[edit | edit source]Iran has officially denied involvement in the hacking campaign. "This is a baseless and unfounded allegation fabricated to tarnish the Iranian government image, particularly aimed at hampering current nuclear talks", said Hamid Babaei, spokesman for Permanent mission of Islamic Republic of Iran to the United Nations.[5]
See also
[edit | edit source]References
[edit | edit source]- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ a b Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ a b Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ a b c d Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
External links
[edit | edit source]Lua error in mw.title.lua at line 392: bad argument #2 to 'title.new' (unrecognized namespace name 'Portal').