Malware Used By Cyber-Criminals To Attack Airlines
Worrying news has emerged this week concerning cyber-attacks against energy companies, telecoms firms, government agencies and even airlines. Iranian hackers are accused of a two year campaign using malware to target the systems of airlines, hospitals, education facilities, energy companies, defence contractors and other agencies all around the world. The apparent aim of the attacks is theft of confidential security documentation.
The revelations by cyber-security company Cylance state that compromised information includes employee details (ID card data and schedules) and even more concerning, PDFs of airport security systems. The hackers have infiltrated over 50 organisations in 16 countries including: the United States, Canada, Britain, China, France, India, Germany, South Korea, Pakistan, Qatar, the UAE, Turkey, Mexico, Israel, Kuwait and Saudi Arabia. A Cylance spokesman reported that ten of the hackers’ victims had their headquarters in the US and included a major airline, an energy company focussed on the production of natural gas, a medical university, a military installation and a large defence contractor.
It’s believed that if the operation is allowed to continue unchecked, the cyber-criminals’ activities will impact on the physical safety of the whole world.
The attacks have been blamed on a Tehran-based group that is responsible for cyber-attacks on the US Navy’s network over the last 12 months, although Iranian officials have denied that their country is in any way culpable for the hacks. The Iranian press office has told Reuters that the allegations are mere “fabrications” designed to tarnish the image of the Iranian government and are “baseless and unfounded”. It is further alleged that the accusations are just a smokescreen designed to hamper current nuclear talks.
Cylance have not revealed exactly how the attackers were able to hack into systems although it’s thought that they used malware to gain access to employee record data before then using the stolen identities to steal other confidential documents.
Reports like these are particularly worrying given the current instability in the Middle East and this should come as a wake-up call to those organisations that have yet to put in place adequate and robust security measures to protect their systems from such attacks.
Image Source: beliefsoftheheart