The threat of International electronic terrorism appears to be rising, following two separate reports of hacker attacks on US business and government interests.
The FBI issued a warning about a highly destructive malware attack that may be coordinated by a foreign country and could be continuing over the next few weeks, according to a Reuters report. The warning comes in the wake of last week's devastating hacker attack on the Sony Pictures Corp. that kept many of its systems, including corporate email, down for as much as a week.
In a separate report security firm Cylance noted that it has identified a hacker group out of a Iran — Operation Cleaver.
Threats Are Rising
Although the two reports are unrelated, the convergence of warnings indicates increased security threats on a global level.
The FBI's "flash" warning was issued to businesses on Monday, according to the Reuters report. The FBI memo marked a first, as the FBI warned that these were the first major attacks launched on a US company with significant effects on business, and the FBI indicated that the malware is likely being used for further attacks.
The FBI report, which has not been released publicly, included tips on how to respond to the malware and asked businesses to contact the FBI if they had seen similar attacks. The malware is reportedly highly destructive, locking down hard drives and preventing computers from booting up.
Experts said the recent attacks raise the threat levels of hacking attacks on US firms.
"While speculation about the source of the hacking continues, this much is clear: companies are at serious risk, not just from the continued onslaught against their systems and most valuable information, but also from malware almost certain to be embedded into the stolen content now appearing on the web," Robert Cattanach, a partner at the international law firm Dorsey & Whitney and a legal expert on cyber security, wrote in an email to CMSWire. "Sophisticated cyber criminals are implanting malware at every turn, and the Sony breach offers a treasure trove of opportunity."
Last week's attack on Sony Pictures Entertainment shut down many of the company's systems and is believe to have triggered the FBI warning after further investigation. There has been speculation that the government of North Korea might be connected to that attack because of an upcoming Sony release of a film about North Korea.
Sony has hired FireEye Inc.'s Mandiant incident response team top help it respond and recover from the attack.
In Cylance's "Operation Cleaver," report, the company warns of a growing network of Iranian hackers who are threatening computer resources worldwide. The report notes that Iranian hackers have either attacked or extracted data from government agencies and major critical infrastructure companies in Canada, China, England, France, Germany, India, Israel, Kuwait, Mexico, Pakistan, Qatar, Saudi Arabia, South Korea, Turkey, United Arab Emirates and the United States.
"During intense intelligence gathering over the last 24 months, we observed the technical capabilities of the Operation Cleaver team rapidly evolve faster than any previously observed Iranian effort," the report states. "As Iran's cyber warfare capabilities continue to morph, the probability of an attack that could impact the physical world at a national or global level is rapidly increasing."
Cylance noted that Operation Cleaver shifts its operations between private companies and the Iranian government so that it can "blur the line between legitimate engineering companies and state- sponsored cyber hacking teams to establish a foothold in the world's critical infrastructure."
Although the report describes a systematic increase in Iran's hacking threats, this is not the first identification of electronic security threats from Iran. In 2013, Israeli Prime Minister Benjamin Netanyahu accused Iran of attacks on Israeli infrastructure, and Israel has since set up a special cyber security authority to prevent such attacks.
The US Navy also reported in 2013 that Iranian hackers had broken into San Diego's NMCI (Navy Marine Corp Intranet), according to a Wall Street Journal article.