Iran-based hackers infiltrated into the servers of more than 50 businesses, facilities, and organisations across various industries worldwide in a two-year cyber attack.
Cylance, a global cyber security company, released a report saying a Tehran-based hacker team extracted highly sensitive and confidential materials from organisations around the world.
The report noted that hackers currently own networks of government agencies as well as key critical infrastructure companies in 15 countries. The victims include organisations in a variety of critical industries such as aviation, oil and gas, defence and telecommunications. Hackers also targeted government agencies and universities.
The attackers were revealed as "individual contractors and a hacking team fronting as a construction engineering company based in Tehran". They used methods such as SQL Injection, spear phishing, water holing attacks and hacking directly through public websites, Cylance said.
The victims are spread over Canada, China, England, France, Germany, India, Israel, Kuwait, Mexico, Pakistan, Qatar, Saudi Arabia, South Korea, Turkey, the UAE and the US.
Victims in the US include a large defence contractor and major military installation. Cylance also confirmed San Diego's Navy Marine Corp Intranet as a victim of the attack.
Cylance added that the hackers may have other motives than financial or intellectual property, as stolen data included information about airport and airline security; and documents with network, housing, telecom, and electricity diagrams.
The report indicates the advancement of Iran-based hackers in their pursuit to take control of global critical infrastructure.
"Due to the choice of critical infrastructure victims and the Iranian team¹s quickly improving skillset, we are compelled to publish this report," said Stuart McClure, CEO of Cylance.
The importance of the targets with geo-political impact infers that Iran is a source of serious cyber threat participants, the company noted.
Cylance discovered these coordinated attacks when it was contracted to investigate multiple security breaches across a variety of organisations.