Slashdot Mirror

← Back to Stories (view on slashdot.org)

Iranian Hackers Compromised Airlines, Critical Infrastructure Companies

Posted by Soulskill on from the emperor-has-no-firewall dept.

itwbennett writes: For the past two years, a team of Iranian hackers has compromised computers and networks belonging to over 50 organizations in 16 countries, including airlines, defense contractors, universities, military installations, hospitals, airports, telecommunications firms, government agencies, and energy and gas companies, researchers from IT security firm Cylance said in an extensive report released Tuesday (PDF). According to the report, "ten of these victims are headquartered in the U.S. and include a major airline, a medical university, an energy company specializing in natural gas production, an automobile manufacturer, a large defense contractor, and a major military installation."

61 comments

  1. In before... by YrWrstNtmr · · Score: 2

    ...oh wait. Too late.

  2. Re: More propaganda by Anonymous Coward · · Score: 0

    You forgot Syria too.

  3. ha fucking ha by Anonymous Coward · · Score: 2, Insightful

    So Stuxnet; what a fucking good idea. Let's all start a computer virus arms war. No blowback from that for first world computer dominated societies. No sir; none at all.

    OTOH; at least the OpenBSD and SELinux guys may finally get a bit of attention; if only we can find some non compromised hardware to run it on.

    1. Re:ha fucking ha by Ralph+Wiggam · · Score: 1

      You think that cyber-warfare started with Stuxnet? That's funny.

    2. Re: ha fucking ha by Anonymous Coward · · Score: 0

      So... What is the US doing to make peace? I'm really curious. Because these wars are not won.

    3. Re:ha fucking ha by Anonymous Coward · · Score: 0

      So when did "cyber-warfare" start?

    4. Re:ha fucking ha by Anonymous Coward · · Score: 0

      Nope, but it painted a big target on the US.

    5. Re: ha fucking ha by Anonymous Coward · · Score: 0

      You think he said that's when it started? Lmao at poor reading comprehension.

  4. W A R by Anonymous Coward · · Score: 0

    Another reason for an all out war is just what this world needs, especially the U.S..

  5. Only Fifty by rtb61 · · Score: 2

    Gees, talking about lame, only fifty organisations in then years, that's pretty lame, the NSA does that in about ten minutes. So if the Iranians are meant to be considered evil for doing it what does that make the NSA. Of course the most important thing not mentioned in the story was how significant were the hacks, how quickly were they discovered and how difficult were they to remove. Hmm, also were they discovered by the NSA just because the NSA was hacking those systems themselves and just discovered those 'other people's' hacks as a result.

    PS. Due to the nature of the internet and the predilection of black hat hackers to use other people's computers, that they have already hacked, in order to reduce risk when targeting high risk targets. You are meant to say, hacks sourced out of Iran but you can not claim Iranians did it with out significant proof, for all we know the NSA could have conducted those attacks remotely via computers they had already hacked in Iran. So would the NSA do this, from all indications, abso'fucking'lutely, especially based on anti-Iran Israeli government policy and their ability to control their foolishly bumbling attack dog, Uncle Sam.

    --
    Chaos - everything, everywhere, everywhen
    1. Re:Only Fifty by Anonymous Coward · · Score: 0

      We need Neo to fuck all the Agents Smiths of NSA origin in the ass and after that hang them on their own guts that he pulled out of their virtual bellies. There is no other lesser means to fight this disease.

    2. Re:Only Fifty by turbidostato · · Score: 2

      "Gees, talking about lame, only fifty organisations in then years, that's pretty lame"

      And still didn't tell us what the sofistication level of those attacks was.

      Given standard security practices I wouldn't be surprised if by "attack" they meant mounting an Internet-exposed SMB resource and leaving there a virus within a file named "kardashians-bottom-photos-pretty-please-dont-open.exe"

  6. At least they didn't hack WoW (WoD) by WillAffleckUW · · Score: 2

    Also, not that it matters, but Iraq is pretty much Iranian in leadership after Bush gave it to them.

    Consequences.

    --
    -- Tigger warning: This post may contain tiggers! --
  7. Hackers has compromised computers? by lippydude · · Score: 1

    How did these hackers compromise these 'computers' and what was the name of the Operating System?

  8. More Windows vulnerabilities by Anonymous Coward · · Score: 0

    Cached Windows passwords and SQL injection allow gaping holes into critical network infrastructure. Whoever would have guessed?

  9. Re:"Iranian".. uhuh. by Anonymous Coward · · Score: 3, Informative

    Hold on. You have to slow down. You're losing it. You have to take a breath. Listen to yourself. You're connecting a computer bug I had with a computer bug you might have had and some religious hogwash. You want to find the number 216 in the world, you will be able to find it everywhere. 216 steps from a mere street corner to your front door. 216 seconds you spend riding on the elevator. When your mind becomes obsessed with anything, you will filter everything else out and find that thing everywhere.

  10. Re:"Iranian".. uhuh. by Anonymous Coward · · Score: 0

    Iranian here, Iranian hacker can eat their shit ! these are just Iran Regime propaganda !

  11. What goes around comes around by Trachman · · Score: 2

    There was a time Iran was an ally to USA.Iran is still an ally, but due to the interests of certain groups they are not allowed to be official ally and have to be in a role of the bad ones.

    What would the country do if you realize, one day, that all your critical systems are infected/stuxneted by known and unkown malware?

    1. Re:What goes around comes around by Livius · · Score: 5, Insightful

      Iran, like Cuba, decided to stop being treated like a colony.

      That's so challenging to the American world view that they actually become hysterical.

    2. Re:What goes around comes around by Anonymous Coward · · Score: 0

      yeah, if by "stop being treated like a colony" you mean "sponsor terrorists through half the world while developing nuclear weapons." That's very different than the reatrdedness with cuba.

    3. Re:What goes around comes around by Anonymous Coward · · Score: 1

      No, Iran became an "enemy" when they had the gall to overthrow a US-backed dictator and *gasp* want to control their oil interests rather than being dominated by Western oil companies.

    4. Re:What goes around comes around by Anonymous Coward · · Score: 0

      Bullshit, Iran is not an ally, you are an idiot. USSA placed HEAVY sanctions on them (economic war) to the detriment of the populace.

    5. Re:What goes around comes around by turbidostato · · Score: 1

      "Bullshit, Iran is not an ally"

      And still Reagan's administration provided weapons to them.

    6. Re:What goes around comes around by ahabswhale · · Score: 3, Interesting

      Actually, it has nothing to do with being treated as a colony. They're being punished for nationalizing US corporate infrastructure (not just some but ALL of it). It's the real reason rather than the bullshit reasons given in the past (like communism and they're a threat to the US because of their relationship with Russia ala Cuban Missile Crisis, etc.) I'm not saying this is a good reason, just trying to make it clear why they are being treated the way they are. Cuba is our example to the world of what happens when you do that shit.

      --
      Are agnostics skeptical of unicorns too?
    7. Re:What goes around comes around by fustakrakich · · Score: 1

      Oh, please, Khomeini was called in for the same reason the Shah was installed, to keep the Soviets out. There was no 'revolution'.

      --
      “He’s not deformed, he’s just drunk!”
    8. Re: What goes around comes around by Anonymous Coward · · Score: 0

      So, they do exactly the same thing the US does? Double standards?

    9. Re:What goes around comes around by kilfarsnar · · Score: 1

      Oh, please, Khomeini was called in for the same reason the Shah was installed, to keep the Soviets out. There was no 'revolution'.

      But why was Mosaddegh overthrown?

      --
      "What the American public doesn't know is what makes them the American public." -Ray Zalinsky (Tommy Boy)
    10. Re:What goes around comes around by fustakrakich · · Score: 1

      He was sick and going to die. The cover for his replacement was the show they put on. The US and Iran do remain as business partners, if not exactly political allies in this charade..

      --
      “He’s not deformed, he’s just drunk!”
    11. Re:What goes around comes around by fustakrakich · · Score: 1

      Sorry! My mistake. The shah was 'overthrown' because he was sick. The previous guy was trying to change the terms of the contract with British Petroleum's ancestor. That's grounds for a coup. You don't mess with big business

      --
      “He’s not deformed, he’s just drunk!”
    12. Re:What goes around comes around by Livius · · Score: 1

      So... thinking that their own country was their own.

      Is it getting clearer why the rest of the planet hates you?

    13. Re:What goes around comes around by ahabswhale · · Score: 1

      You do know what "nationalizing" means, right? It's flat out theft. And no country would be happy about that. If they would have covered the cost of all the confiscated infrastructure, they would be much better off right now. Again, I'm not saying that they should continue to be punished the way they have. In fact, I think it's gone on way too long. I'm just explaining why it is the way it is.

      --
      Are agnostics skeptical of unicorns too?
  12. Re: More propaganda by Anonymous Coward · · Score: 0

    and the american public.

  13. oh noes, its the Iranians! by Anonymous Coward · · Score: 0

    So with the tapering off of any blockbuster Snowden leaks, Slashdot is back to promoting some shit security company's scary reports about Iranian/North Korean/Chinese/Russian/Syrian etc., etc. hackerz invading our internetz, stealin' our precious digital flow-ids. Yawn, fucking, yawn.

  14. Re: More propaganda by tehlinux · · Score: 1

    guns

    --
    Most linux users don't know this, but the man pages were named after Chuck Norris. Chuck Norris fsck'ing hates noobs!
  15. Scary brown bogeymen! by Anonymous Coward · · Score: 0

    In mah intarwebz!

  16. good / bad / us / them by Anonymous Coward · · Score: 0

    Well then they're *miles* off the achievements of the US and UK agenices.

    But it's bad, right, because they're *Iranians* doing the hacking. They shouldn't do it, because they're evil, whereas *our* hacking of exactly the same companies and organizations and in fact the recording of every byte which moves is *good*, because *we're* doing it.

  17. BINGO by Anonymous Coward · · Score: 0

    The REALLY NASTY FOLKS are the Saudis. They did 9/11. Unpunished.

    Because the Saudis have cracked the U.S. Code. The Code is called HandoutDollarBillsLiberally.

  18. Some Facts About Iran by Anonymous Coward · · Score: 0

    1.) Anglosaxon Coup d'etat against elected government in 1953 and installation of the "Shah" Tyrant.

    2.) Jews continue to live in Iran, but not in Saudi-Arabia, where is is prohibited BY LAW.

  19. Re: "Iranian".. uhuh. by Anonymous Coward · · Score: 0

    Am I supposed to burst out into tears over this or run in circles and scream and shout?? So the Iranians took a lesson from the Stuxnet attack on one of their defense programs. I am not interested in the viewpoint where when American 3 letters do it, it is called surveillance, monitoring, cyber intervention and when the other side does the same exact thing then it is called criminal, terrorist hacking. Fuck off and quit insulting peoples' intelligence with redundant fear fodder, the hacking we need to worry the most about is perpetrated by domestic intelligence services.

  20. Re: More propaganda by Anonymous Coward · · Score: 0

    veterans and militia

  21. Re: "Iranian".. uhuh. by l0n3s0m3phr34k · · Score: 2

    Assuming you've never seen the movie "Pi"? go watch it and STFU

  22. How timely by Anonymous Coward · · Score: 0

    Just as Iran begins bombing the isis louts in Iraq, they allegedly also initiate cyber attacks. Why not stop making excuses, and just grab a fucking weapon, and waltz your jingo arses to Iran and shut the fuck up. Right, you'll have American soldiers do it for you. Bravo.

  23. Hmm by execthis · · Score: 2

    I find it far more likely that this company is run by Zionists and that many of the statements in the report are false or misleading. I'm sure there are hackers in every country. How hard would it be to drum up charges like this?

  24. Who said it "started" with Stuxnet? by s.petry · · Score: 4, Insightful

    Stuxnet/Duqu/FLAME and several other exploits were easily tracked to US 3 letter agencies and Israel. Stuxnet was the first Virus created by Government agencies (from any country) specifically intended to cause physical damage, not just perform non-destructive information gathering. Any idiot looking at the facts can make this determination.

    Lets not neglect the fact that the US sponsors the largest group of black hat hackers in the world and claims "national security" when people complain about being hacked by them. I'm not talking about the porn spammers like we see out of Russia, I'm talking about people who actually cause physical, social, and financial damage to anyone and everyone including our "Allies".

    Now compare what the NSA has done with what these "evil Iranian terrorist haxxors" did in terms of damage. There is no evidence that they did really anything except prove that they can behave like script kiddies. They stole a few files and some personal information, but this is what spear phishing does all the time and with much greater success than this group's 50 companies in a few years time frame. There is no evidence that they damaged anything at all, just a wild speculation which reads like typical fear mongering.

    Before you ask for a citation, I'll simply point you to everything Snowden leaked. Not that empirical evidence is of any interest to you or anything...

    --

    -The wise argue that there are few absolutes, the fool argues that there are no probabilities.

    1. Re:Who said it "started" with Stuxnet? by Anonymous Coward · · Score: 0

      One thing a lot of people often overlook is that Stuxnet required physical infiltration of the Iranian lab to plant the virus. It also required someone to physically infiltrate two companies in Japan to steal the security certificates that were used in for the installation process. Those facts alone demonstrate that Stuxnet was a state sponsored operation. Not many hacker groups have access to people who can infiltrate a highly secured facility. Stuxnet accomplished it's goal without killing anyone while demonstrating some incredible technological capabilities. Capabilities that are envied and feared by others. Stuxnet seems to be a better way to achieve your goals instead of dropping a few bunker busters on their labs and killing everyone in the labs. It wasn't the damaged centrifuges that caused the most chaos it was the fact someone had possibly had access to their computer systems. They had to stop operations while they took down and examined their entire computer network looking for any evidence of infection.

      And the US has no "Allies". They are only "Allies" when they need something from the US. The NSA should continue full speed ahead with their foreign operations. If China,France,Russia,Japan, Britain, Brazil, and damn near ever other country on the planet with indoor plumbing and an internet connection stand up and publicly dismantle all their foreign espionage operations targeting the US and it's foreign interests the NSA could then cease it's operations. And it's high time for the US to just drop the economic related sanctions imposed on Iran. All the diplomatic related sanctions should stay in place and the US should turn their backs on the entire ME. The US can not fix the problems in the ME so it's time to stop trying.

  25. Re:"Iranian".. uhuh. by Anonymous Coward · · Score: 0

    Not Israeli.

    Iran has everything to lose by even sneezing in the wrong direction, Israel on the other hand has a long history of false flag operations.

    Everything to lose?!?!?!

    What planet are you on? They're all but openly flipping Obama the bird - and that's only because the Iranians are leaving the openly-flip-Obama-the-bird act to Putin.

    What's Obama going to do? Obama's done NOTHING as Putin invades Ukraine. Obama did nothing when his "red line" was breached in Syria in 2013.

    Obama's going to do something to Iran because Iranians did some hacking? Given he's done nothing to Putin for an actual invasion, done nothing to the same Putin for actually shooting down a civilian airliner, done nothing to Assad for gassing people - which is literally considered the use of "weapons of mass destruction"?

    You think, in the face of that, that the Iranians are going to refrain from a little hacking?

    Maybe the Iranians didn't do this, but they wouldn't be in any danger from doing it.

  26. you reap what you sow. by Gravis+Zero · · Score: 0, Flamebait

    it seems our efforts of sabotage are coming to fruition in the form of retaliation.

    always remember, you reap what you sow.

    --
    Anons need not reply. Questions end with a question mark.
  27. Good thing SCADA isn't on internet by Billly+Gates · · Score: 2

    And requires IE 6/XP and no security updates or anything.

    For a minute I thought we were screwed where the utilities corrupt all our agencies so they can't enforce any polices to change this that would somehow cost MBA access to real time reports and money.

    --
    http://saveie6.com/
    1. Re:Good thing SCADA isn't on internet by some+old+guy · · Score: 1

      This. People with no industrial background love to blame the engineers for the security failings of SCADA and Distributed Controls, but we, like all good company drones, are at the mercy of the MBA shitheels and their bankster overlords. It's never been a technical problem. It's a money problem.

      --
      Scruting the inscrutable for over 50 years.
  28. Re:More propaganda by fustakrakich · · Score: 1

    I can assure you they need no help from the Americans.

    --
    “He’s not deformed, he’s just drunk!”
  29. oh my god by ruir · · Score: 0

    We hear everyday news about Chinese, Korean, and Iran hacking stuff, the USA must bom them. Now, yesterday please. So all sheep say with me: meh meh meh

    1. Re:oh my god by ruir · · Score: 1

      Bomb...you got it ;)

    2. Re:oh my god by ruir · · Score: 1

      | We hear everyday news about Chinese, Korean, and Iran hacking stuff, the USA must bomb them. Now, yesterday please. So all sheep say with me: meh meh meh My joke has been modded down...I explain to the dense/daft/sheep in plain english: it is already nauseating enough media being a tool for control, I do not welcome political propaganda in slashdot.

  30. government funding? by Lawrence_Bird · · Score: 1

    And I say this with no malice but how does anyone know where Cylance's bread is buttered? Attribution is very difficult and to say 'We are certain that' is a bit like calling a quantum mechanical state "certain" - its not but it might be a highly probable outcome.

    Given the state of relations between the US and Iran (and Israel and Iran), it would make certain groups very happy for Cylance to announce these "findings." But the outsider has no way of knowing what government contracts Cylance has taken, directly or indirectly that may play into getting a certain result. As always, approach with caution.

  31. kaJ = Hack by laughingskeptic · · Score: 1

    "kaJ" is a clever way of spelling "Hack" using roman transliteration and reading right to left as indicated by the capitol J.

  32. injected by spearfishing component suppliers by raymorris · · Score: 1

    > one thing a lot of people often overlook is that Stuxnet required physical infiltration of the Iranian lab to plant the virus. It also required someone

    No, Stuxnet was injected by spearfishing and waterholing several companies that make components which later go into SCADA systems, some of which were used in the enrichment facility.

    http://blog.kaspersky.com/stux...

    Note that the rest of your post is based on reasoning from your mistake about the initial infection. Also BTW, it's a worm, not a virus.