http://www.defenseone.com/technology/2014/12/can-iran-turn-your-lights/100821/
By Patrick Tucker
Defense One
December 9, 2014
Online security company Cylance released a report last week showing that
an Iranian cyber-espionage operation “Operation Cleaver” had successfully
breached U.S. and foreign military, infrastructure and transportation
targets. The report claimed to confirm widely-suspected Iranian hacks of
the unclassified Navy Marine Core Intranet system, NMCI, in 2013. It
describes (with explicitly naming) more than 50 targets around the world,
including players in energy and transportation.
But is the Iranian cyber threat overblown?
The tactics detailed in the report show an escalation of Iranian hacking
activity, which the report’s writers, in several instances, refer to as
rapid.
“We observed the technical capabilities of the Operation Cleaver team
rapidly evolve faster than any previously observed Iranian effort. As
Iran’s cyber warfare capabilities continue to morph the probability of an
attack that could impact the physical world at a national or global level
is rapidly increasing. Their capabilities have advanced beyond simple
website defacements, Distributed Denial of Service (DDoS) attacks, and
Hacking Exposed style techniques,” the report states.
The Operation Cleaver team found vulnerabilities in the Search Query
Language or SQL coding in various target systems and then used those SQL
vulnerabilities to inject secret commands into back servers (a tactic
called SQL injection). They were then able to upload new tools into the
systems allowing for more data theft and access. The tools enabled the
hackers to capture a wide number of administrator passwords (a technique
known as credential dumping) and even log keystrokes on affected
computers.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
