(Reuters) – Iranian hackers have infiltrated some of the world’s top energy, transport and infrastructure companies over the past two years in a campaign that could allow them to eventually cause physical damage, according to U.S. cyber security firm Cylance.
Aerospace firms, airports and airlines, universities, energy firms, hospitals, and telecommunications operators based in the United States, Israel, China, Saudi Arabia, India, Germany, France, England have been hit by the campaign, the research firm said, without naming individual companies.
A person familiar with the research said U.S. energy firm Calpine Corp, state-controlled oil companies Saudi Aramco and Petroleos Mexicanos (Pemex), as well as flag carriers Qatar Airlines and Korean Air were among the specific targets.
The 87-page report comes as governments scramble to better understand Iran’s cyber capabilities, which researchers say have grown rapidly as Tehran seeks to retaliate for Western cyber attacks on its nuclear program.
“We believe that if the operation is left to continue unabated, it is only a matter of time before the team impacts the world’s physical safety,” Cylance said.
The California-based company said its researchers uncovered breaches affecting more than 50 entities and had evidence they were committed by the same Tehran-based group that was behind a previously reported 2013 cyber attack on a U.S. Navy network.
A Pemex spokesman said the company had not detected any attacks from the Iranian groups but was constantly monitoring. Officials at the other companies were not immediately available to comment.
A diplomatic representative for Iran said Cylance’s claim was groundless. “This is a baseless and unfounded allegation fabricated to tarnish the Iranian government image, particularly aimed at hampering current nuclear talks,” said Hamid Babaei, spokesman for Iran’s mission to the United Nations.