Operation Cleaver, as labelled in a report by American firm

Cylance Inc. Cylance Inc. Is an American software firm based in Irvine, California that developed antivirus programs and other kinds of computer software that sought to prevent, rather than reactively detect, Computer virus, viruses and malware. Cyber Secure ...

in late 2014, was a

cyberwarfare Cyberwarfare is the use of cyber attacks against an enemy state, causing comparable harm to actual warfare and/or disrupting vital computer systems. Some intended outcomes could be espionage, sabotage, propaganda, manipulation or economic war ...

covert operation A covert operation is a military operation intended to conceal the identity of (or allow plausible deniability by) the party that instigated the operation. Covert operations should not be confused with clandestine operations, which are performe ...

targeting critical infrastructure organizations worldwide, allegedly planned and executed by

Iran Iran, officially the Islamic Republic of Iran, and also called Persia, is a country located in Western Asia. It is bordered by Iraq and Turkey to the west, by Azerbaijan and Armenia to the northwest, by the Caspian Sea and Turkmeni ...

. Cylance's report was later tacitly acknowledged in a confidential report by

Federal Bureau of Investigation The Federal Bureau of Investigation (FBI) is the domestic intelligence and security service of the United States and its principal federal law enforcement agency. Operating under the jurisdiction of the United States Department of Justice, ...

(FBI), though Iranian officials denied involvement in the operation.

Cylance report

In December 2014,

California California is a U.S. state, state in the Western United States, located along the West Coast of the United States, Pacific Coast. With nearly 39.2million residents across a total area of approximately , it is the List of states and territori ...

-based cyber security firm

published results of a 2-year investigation, an 86-page technical report, indicating that an operation, called "Operation Cleaver", has targeted the military, oil and gas, energy and utilities, transportation, airlines, airports, hospitals and aerospace industries organizations worldwide. The title "Operation Cleaver" alludes to frequent uses of the word "cleaver" in the malware's coding. According to the report, over 50 entities in 16 countries have been hit by the campaign, based in the

United States The United States of America (U.S.A. or USA), commonly known as the United States (U.S. or US) or America, is a country primarily located in North America. It consists of 50 states, a federal district, five major unincorporated territorie ...

Israel Israel (; he, יִשְׂרָאֵל, ; ar, إِسْرَائِيل, ), officially the State of Israel ( he, מְדִינַת יִשְׂרָאֵל, label=none, translit=Medīnat Yīsrāʾēl; ), is a country in Western Asia. It is situated ...

China China, officially the People's Republic of China (PRC), is a country in East Asia. It is the world's most populous country, with a population exceeding 1.4 billion, slightly ahead of India. China spans the equivalent of five time zones and ...

Saudi Arabia Saudi Arabia, officially the Kingdom of Saudi Arabia (KSA), is a country in Western Asia. It covers the bulk of the Arabian Peninsula, and has a land area of about , making it the fifth-largest country in Asia, the second-largest in the A ...

India India, officially the Republic of India (Hindi: ), is a country in South Asia. It is the seventh-largest country by area, the second-most populous country, and the most populous democracy in the world. Bounded by the Indian Ocean on the so ...

Germany Germany,, officially the Federal Republic of Germany, is a country in Central Europe. It is the second most populous country in Europe after Russia, and the most populous member state of the European Union. Germany is situated betwe ...

France France (), officially the French Republic ( ), is a country primarily located in Western Europe. It also comprises of Overseas France, overseas regions and territories in the Americas and the Atlantic Ocean, Atlantic, Pacific Ocean, Pac ...

and

England England is a country that is part of the United Kingdom. It shares land borders with Wales to its west and Scotland to its north. The Irish Sea lies northwest and the Celtic Sea to the southwest. It is separated from continental Europe b ...

among others. Cylance's research does not name individual companies, but ''

Reuters Reuters ( ) is a news agency owned by Thomson Reuters Corporation. It employs around 2,500 journalists and 600 photojournalists in about 200 locations worldwide. Reuters is one of the largest news agencies in the world. The agency was estab ...

'' reports citing "a person familiar with the research"

Navy Marine Corps Intranet The Navy/Marine Corps Intranet (NMCI) is a United States Department of the Navy program which was designed to provide the vast majority of information technology services for the entire Department, including the United States Navy and Marine Corp ...

Calpine Calpine Corporation is the largest generator of electricity from natural gas and geothermal resources in the United States, with operations in competitive power markets. A Fortune 500 company based in Houston, Texas, the company is owned by an ...

Saudi Aramco Saudi Aramco ( ar, أرامكو السعودية '), officially the Saudi Arabian Oil Company (formerly Arabian-American Oil Company) or simply Aramco, is a Saudi Arabian public petroleum and natural gas company based in Dhahran. , it is one of ...

Pemex Pemex (a portmanteau of Petróleos Mexicanos, which translates to ''Mexican Petroleum'' in English; ) is the Mexican state-owned petroleum company managed and operated by the Mexican government. It was formed in 1938 by nationalization and expr ...

, Qatar Airlines and

Korean Air Korean Air Co., Ltd. (), operating as Korean Air (Korean Air Lines before 1984), is the flag carrier of South Korea and its largest airline based on fleet size, international destinations and international flights. The present-day Korean Air ...

were among the specific targets. Stuart McClure, Cylance founder and CEO believes that the hackers are sponsored by Iran and have ties to

Islamic Revolutionary Guard Corps The Islamic Revolutionary Guard Corps (IRGC; fa, سپاه پاسداران انقلاب اسلامی, Sepāh-e Pāsdārān-e Enghelāb-e Eslāmi, lit=Army of Guardians of the Islamic Revolution also Sepāh or Pasdaran for short) is a branch o ...

FBI report

According to ''

'', the

has filed a confidential "Flash" report, providing technical details about malicious software and techniques used in the attacks. The technical document said the hackers typically launch their attacks from two

IP address An Internet Protocol address (IP address) is a numerical label such as that is connected to a computer network that uses the Internet Protocol for communication.. Updated by . An IP address serves two main functions: network interface ident ...

es that are in Iran, but does not attribute the attacks to the

Iranian government The Government of the Islamic Republic of Iran ( fa, نظام جمهوری اسلامی ایران, Neẓām-e jomhūrī-e eslāmi-e Irān, known simply as ''Neẓām'' ( fa, نظام, lit=the system) among its supporters) is the ruling state a ...

. FBI warned businesses to stay vigilant and to report any suspicious activity spotted on the companies' computer systems.

Iran's reaction

Iran has officially denied involvement in the hacking campaign. "This is a baseless and unfounded allegation fabricated to tarnish the

image, particularly aimed at hampering current nuclear talks", said Hamid Babaei, spokesman for Permanent mission of Islamic Republic of Iran to the United Nations.

References

External links

Cylance Operation Cleaver Report
{{Hacking in the 2010s Cyberwarfare in Iran Cyberwarfare in the United States Cyberattacks Hacking in the 2010s Cyberattacks on energy sector Cybercrime in India

Cylance report

FBI report

Iran's reaction

See also

References

External links