The US FBI has warned businesses to be on the alert for a sophisticated Iranian hacking operation whose targets include defense contractors, energy firms and educational institutions, according to a confidential agency document.
The operation is the same as one flagged last week by cyber security firm Cylance as targeting critical infrastructure organisations worldwide, cyber security experts said. Cylance said it uncovered more than 50 victims from what it dubbed Operation Cleaver, in 16 countries, including the United States.
The FBI's confidential "Flash" report provides technical details about malicious software and techniques used in the attacks, along with advice on thwarting the hackers. It asked businesses to contact the FBI if they believed they were victims.
Cylance CEO Stuart McClure said the FBI warning suggested the Iranian hacking campaign may have been larger than his company's research revealed.
"It underscores Iran's determination and fixation on large-scale compromise of critical infrastructure," he said.
The FBI's technical document said the hackers typically launch their attacks from two IP addresses that are in Iran, but did not attribute the attacks to the Tehran government. Cylance has said it believes Iran's government is behind the campaign, a claim Iran has vehemently denied.
An FBI official did not provide further details, but said the agency routinely provides private industry with advisories to help it fend off cyber threats.
The Pentagon and National Security Agency had no immediate comment.
Tehran has been substantially increasing investment in its cyber capabilities since 2010, when its nuclear program was hit by the Stuxnet computer virus, widely believed to have been launched by the United States and Israel.
Cyber security professionals who investigate cyber attacks said they are seeing evidence that Iran's investment is paying off.
"They are good and have a lot of talent in the country," said Dave Kennedy, CEO of TrustedSEC. "They are definitely a serious threat, no question."