Can Iran Turn Off Your Lights?

[InfoSec News <alerts () infosecnews org>]

http://www.defenseone.com/technology/2014/12/can-iran-turn-your-lights/100821/

By Patrick Tucker
Defense One
December 9, 2014

Online security company Cylance released a report last week showing that 
an Iranian cyber-espionage operation “Operation Cleaver” had successfully 
breached U.S. and foreign military, infrastructure and transportation 
targets. The report claimed to confirm widely-suspected Iranian hacks of 
the unclassified Navy Marine Core Intranet system, NMCI, in 2013. It 
describes (with explicitly naming) more than 50 targets around the world, 
including players in energy and transportation.

But is the Iranian cyber threat overblown?

The tactics detailed in the report show an escalation of Iranian hacking 
activity, which the report’s writers, in several instances, refer to as 
rapid.

“We observed the technical capabilities of the Operation Cleaver team 
rapidly evolve faster than any previously observed Iranian effort. As 
Iran’s cyber warfare capabilities continue to morph the probability of an 
attack that could impact the physical world at a national or global level 
is rapidly increasing. Their capabilities have advanced beyond simple 
website defacements, Distributed Denial of Service (DDoS) attacks, and 
Hacking Exposed style techniques,” the report states.

The Operation Cleaver team found vulnerabilities in the Search Query 
Language or SQL coding in various target systems and then used those SQL 
vulnerabilities to inject secret commands into back servers (a tactic 
called SQL injection). They were then able to upload new tools into the 
systems allowing for more data theft and access. The tools enabled the 
hackers to capture a wide number of administrator passwords (a technique 
known as credential dumping) and even log keystrokes on affected 
computers.

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/