‘Iran is the new China,’ cybersecurity firm says

Cylance Corp. said it rushed the report to publication Tuesday ahead of schedule because the worldwide threat of Operation Cleaver was so great, even though its experts had uncovered only a small fraction of its scope.

“Iran is the new China,” the report says. “As Iran’s cyber warfare capabilities continue to morph, the probability of an attack that could impact the physical world at a national or global level is rapidly increasing.”

Other U.S. targets have included airlines, educational and transportation networks, chemical, energy and utility companies, and parts of the defense industrial base, the report said, noting that networks in other countries, including Britain, Canada, China, France, Germany, India, Israel, Kuwait, Mexico, Pakistan, Qatar, Saudi Arabia, South Korea, Turkey and the United Arab Emirates also have been targeted.

The threat by hackers to U.S. critical infrastructure such as the electric power grid or water systems came into sharp focus Nov. 20, when National Security Agency Director Adm. Michael Rogers for the first time publicly revealed that China and at least one other country were capable of potentially causing “catastrophic failures” that could kill Americans or damage property with cyberattacks, saying it was only a matter of time before such an attack occurred.

Rogers did not mention Iran by name, but the Cylance report makes clear that the Iranian hackers’ skills were rapidly increasing to the point where they could pose such a threat.

Meanwhile, legislation in Congress that would allow government and private-sector experts to share information about threats has been stalled, primarily over concerns about whether that cooperation would leave the personal information of Americans vulnerable to government spying, a concern that has become worse since NSA leaker Edward Snowden revealed that his organization was doing just that.