WASHINGTON // Hackers working for Iran have targeted at least 50 companies and government organisations, including institutions in the UAE.
The hackers infiltrated the computer systems of commerical airlines and their contractors in the Emirates, Pakistan and South Korea, the US cyber-security firm Cylance said in a report based on a two-year investigation.
They broke into the computers of companies responsible for aircraft maintenance, cargo loading and refuelling, according to the report and Cylance analysts, and stole credentials that could be used to impersonate workers.
From a trove of more than 80,000 files of stolen data and hacking tools obtained from computers used by the hackers since at least 2012, the company’s analysts peeled back what they said was a sweeping spying operation that focused on the US and Iran’s Arabian Gulf rivals, as well as on Germany, China, England and Israel.
Universities and their financial aid and housing offices were targeted, suggesting the spies were interested in students, perhaps as potential recruits.
In the US, computers belonging to chemical and energy companies, defence contractors, universities and transportation providers were hacked in what Cylance called Operation Cleaver.
The report said the Iranian group was the same one that breached the US navy’s unclassified computer system in September last year.
The capabilities of Iranian cyberspies have advanced to the point that the country is quickly becoming a top-tier cyber power, according to the report.
While the group Cylance followed appears to have been focused on intelligence gathering, the choice of targets raises security fears.
Cylance said it provided the information it collected to the FBI. The FBI is already looking into Iranian hacking, including the navy breach, according to two people familiar with that investigation.
Hamid Babaei, the spokesman for the Iranian mission to the United Nations in New York, denounced the report. “This is a baseless and unfounded allegation fabricated to tarnish the Iranian government image, particularly aimed at hampering current nuclear talks,” Mr Babaei said.
While Cylance did not identify the targets, a person familiar with the law-enforcement investigation said they included Pakistan International Airlines, Korean Air, Petroleos Mexicanos (Pemex), the world’s ninth-largest oil producer, and Calpine Corp, a US power company.
Pakistan International Airlines said it was not aware of any threat from hackers.
“We are well secured and our firewall is in place,” a spokesman said.
A Pemex official denied its data network had been violated.
Cylance’s allegations of state-sponsored hacking are the latest in a string this year. Other security firms have accused Russians of breaching systems at Nato, and the United States indicted five members of China’s military on charges of hacking US companies.
The US is also mounting vast cyber-espionage operations, with the National Security Agency’s efforts revealed in a series of leaks of classified information beginning last year.
“Russians are the most sophisticated and most capable outside the US. The Chinese bring to bear staggering numbers of people and computers. Iran is probably between those two,” said retired Admiral William Fallon, head of the US mlitary’s central command until 2008. “They are pretty good and they are motivated.”
The Iranian hacking efforts are largely overseen by the Iranian Revolutionary Guard Corps, Adm Fallon said.
Iran has been building its cyber-capacity since a computer worm known as Stuxnet derailed work at a uranium processing facility at Natanz in 2010.
That attack has been attributed to a joint US-Israel operation.
The kinds of companies cited in the report provide a map of intelligence priorities. The targets are different from those of Russian hackers, who have recently zeroed in on the Ukraine conflict, oil markets and the global financial system, and Chinese hackers, who have focused on gaining commercial secrets.
Any data collected about global air transportation networks could be passed to militants and insurgent groups allied with Tehran, according to Reuel Marc Gerecht, senior fellow at the Foundation for Defence of Democracies and former Middle East specialist at the CIA’s directorate of operations.
The fact that several targets were in South Korea may be the result of intelligence cooperation between Iran and North Korea, giving Iran something to trade.
There may be reason for concern given the information the hackers sought to take, said Stuart McClure, Cylance’s chief executive. The report said they stole passport photos, employee credentials and data that could be used to impersonate workers and bypass airport security checkpoints.
They also accessed details about computer systems at major airports, including Pakistan’s Jinnah International Airport in Karachi.
Taliban militants disguised as security staff stormed the airport in June, killing more than 30 people. The report did not link that to the hack but Mr McClure said some information stolen was related to a gate where the attack began.
The report paints a picture of a persistent, aggressive operation aimed at undermining vital components of nations’ transportation systems, and highlights the growing danger that state-sponsored hacking poses to civilian infrastructure.
“If you’ve gone from financial to oil and gas and you’re switching to avionics, you’re talking about the whole of critical infrastructure,” said Joe DeTrani, former senior adviser to the US director of national intelligence and president of the Intelligence and National Security Alliance. “If one is looking at the battlespace, certainly the air, avionics and airports and related facilities would be part of the equation.”
* Bloomberg
In-demand jobs and monthly salaries
- Technology expert in robotics and automation: Dh20,000 to Dh40,000
- Energy engineer: Dh25,000 to Dh30,000
- Production engineer: Dh30,000 to Dh40,000
- Data-driven supply chain management professional: Dh30,000 to Dh50,000
- HR leader: Dh40,000 to Dh60,000
- Engineering leader: Dh30,000 to Dh55,000
- Project manager: Dh55,000 to Dh65,000
- Senior reservoir engineer: Dh40,000 to Dh55,000
- Senior drilling engineer: Dh38,000 to Dh46,000
- Senior process engineer: Dh28,000 to Dh38,000
- Senior maintenance engineer: Dh22,000 to Dh34,000
- Field engineer: Dh6,500 to Dh7,500
- Field supervisor: Dh9,000 to Dh12,000
- Field operator: Dh5,000 to Dh7,000
Ultra processed foods
- Carbonated drinks, sweet or savoury packaged snacks, confectionery, mass-produced packaged breads and buns
- margarines and spreads; cookies, biscuits, pastries, cakes, and cake mixes, breakfast cereals, cereal and energy bars;
- energy drinks, milk drinks, fruit yoghurts and fruit drinks, cocoa drinks, meat and chicken extracts and instant sauces
- infant formulas and follow-on milks, health and slimming products such as powdered or fortified meal and dish substitutes,
- many ready-to-heat products including pre-prepared pies and pasta and pizza dishes, poultry and fish nuggets and sticks, sausages, burgers, hot dogs, and other reconstituted meat products, powdered and packaged instant soups, noodles and desserts.
SHAITTAN
%3Cp%3E%3Cstrong%3EDirector%3A%20%3C%2Fstrong%3EVikas%20Bahl%3Cbr%3E%3Cstrong%3EStarring%3A%20%3C%2Fstrong%3EAjay%20Devgn%2C%20R.%20Madhavan%2C%20Jyothika%2C%20Janaki%20Bodiwala%3Cbr%3E%3Cstrong%3ERating%3A%20%3C%2Fstrong%3E3%2F5%3C%2Fp%3E%0A
Desert Warrior
Starring: Anthony Mackie, Aiysha Hart, Ben Kingsley
Director: Rupert Wyatt
Rating: 3/5
Key changes
Commission caps
For life insurance products with a savings component, Peter Hodgins of Clyde & Co said different caps apply to the saving and protection elements:
• For the saving component, a cap of 4.5 per cent of the annualised premium per year (which may not exceed 90 per cent of the annualised premium over the policy term).
• On the protection component, there is a cap of 10 per cent of the annualised premium per year (which may not exceed 160 per cent of the annualised premium over the policy term).
• Indemnity commission, the amount of commission that can be advanced to a product salesperson, can be 50 per cent of the annualised premium for the first year or 50 per cent of the total commissions on the policy calculated.
• The remaining commission after deduction of the indemnity commission is paid equally over the premium payment term.
• For pure protection products, which only offer a life insurance component, the maximum commission will be 10 per cent of the annualised premium multiplied by the length of the policy in years.
Disclosure
Customers must now be provided with a full illustration of the product they are buying to ensure they understand the potential returns on savings products as well as the effects of any charges. There is also a “free-look” period of 30 days, where insurers must provide a full refund if the buyer wishes to cancel the policy.
“The illustration should provide for at least two scenarios to illustrate the performance of the product,” said Mr Hodgins. “All illustrations are required to be signed by the customer.”
Another illustration must outline surrender charges to ensure they understand the costs of exiting a fixed-term product early.
Illustrations must also be kept updatedand insurers must provide information on the top five investment funds available annually, including at least five years' performance data.
“This may be segregated based on the risk appetite of the customer (in which case, the top five funds for each segment must be provided),” said Mr Hodgins.
Product providers must also disclose the ratio of protection benefit to savings benefits. If a protection benefit ratio is less than 10 per cent "the product must carry a warning stating that it has limited or no protection benefit" Mr Hodgins added.
RESULTS
Bantamweight title:
Vinicius de Oliveira (BRA) bt Xavier Alaoui (MAR)
(KO round 2)
Catchweight 68kg:
Sean Soriano (USA) bt Noad Lahat (ISR)
(TKO round 1)
Middleweight:
Denis Tiuliulin (RUS) bt Juscelino Ferreira (BRA)
(TKO round 1)
Lightweight:
Anas Siraj Mounir (MAR) bt Joachim Tollefsen (DEN)
(Unanimous decision)
Catchweight 68kg:
Austin Arnett (USA) bt Daniel Vega (MEX)
(TKO round 3)
Lightweight:
Carrington Banks (USA) bt Marcio Andrade (BRA)
(Unanimous decision)
Catchweight 58kg:
Corinne Laframboise (CAN) bt Malin Hermansson (SWE)
(Submission round 2)
Bantamweight:
Jalal Al Daaja (CAN) bt Juares Dea (CMR)
(Split decision)
Middleweight:
Mohamad Osseili (LEB) bt Ivan Slynko (UKR)
(TKO round 1)
Featherweight:
Tarun Grigoryan (ARM) bt Islam Makhamadjanov (UZB)
(Unanimous decision)
Catchweight 54kg:
Mariagiovanna Vai (ITA) bt Daniella Shutov (ISR)
(Submission round 1)
Middleweight:
Joan Arastey (ESP) bt Omran Chaaban (LEB)
(Unanimous decision)
Welterweight:
Bruno Carvalho (POR) bt Souhil Tahiri (ALG)
(TKO)
Cinco in numbers
Dh3.7 million
The estimated cost of Victoria Swarovski’s gem-encrusted Michael Cinco wedding gown
46
The number, in kilograms, that Swarovski’s wedding gown weighed.
1,000
The hours it took to create Cinco’s vermillion petal gown, as seen in his atelier [note, is the one he’s playing with in the corner of a room]
50
How many looks Cinco has created in a new collection to celebrate Ballet Philippines’ 50th birthday
3,000
The hours needed to create the butterfly gown worn by Aishwarya Rai to the 2018 Cannes Film Festival.
1.1 million
The number of followers that Michael Cinco’s Instagram account has garnered.
'The worst thing you can eat'
Trans fat is typically found in fried and baked goods, but you may be consuming more than you think.
Powdered coffee creamer, microwave popcorn and virtually anything processed with a crust is likely to contain it, as this guide from Mayo Clinic outlines:
Baked goods - Most cakes, cookies, pie crusts and crackers contain shortening, which is usually made from partially hydrogenated vegetable oil. Ready-made frosting is another source of trans fat.
Snacks - Potato, corn and tortilla chips often contain trans fat. And while popcorn can be a healthy snack, many types of packaged or microwave popcorn use trans fat to help cook or flavour the popcorn.
Fried food - Foods that require deep frying — french fries, doughnuts and fried chicken — can contain trans fat from the oil used in the cooking process.
Refrigerator dough - Products such as canned biscuits and cinnamon rolls often contain trans fat, as do frozen pizza crusts.
Creamer and margarine - Nondairy coffee creamer and stick margarines also may contain partially hydrogenated vegetable oils.
Turkish Ladies
Various artists, Sony Music Turkey
The specs
Engine: 6.2-litre supercharged V8
Power: 712hp at 6,100rpm
Torque: 881Nm at 4,800rpm
Transmission: 8-speed auto
Fuel consumption: 19.6 l/100km
Price: Dh380,000
On sale: now
How to apply for a drone permit
- Individuals must register on UAE Drone app or website using their UAE Pass
- Add all their personal details, including name, nationality, passport number, Emiratis ID, email and phone number
- Upload the training certificate from a centre accredited by the GCAA
- Submit their request
What are the regulations?
- Fly it within visual line of sight
- Never over populated areas
- Ensure maximum flying height of 400 feet (122 metres) above ground level is not crossed
- Users must avoid flying over restricted areas listed on the UAE Drone app
- Only fly the drone during the day, and never at night
- Should have a live feed of the drone flight
- Drones must weigh 5 kg or less
Paris Can Wait
Dir: Eleanor Coppola
Starring: Alec Baldwin, Diane Lane, Arnaud Viard
Two stars
More from Neighbourhood Watch:
Lexus LX700h specs
Engine: 3.4-litre twin-turbo V6 plus supplementary electric motor
Power: 464hp at 5,200rpm
Torque: 790Nm from 2,000-3,600rpm
Transmission: 10-speed auto
Fuel consumption: 11.7L/100km
On sale: Now
Price: From Dh590,000
Indoor cricket in a nutshell
Indoor Cricket World Cup - Sept 16-20, Insportz, Dubai
16 Indoor cricket matches are 16 overs per side
8 There are eight players per team
9 There have been nine Indoor Cricket World Cups for men. Australia have won every one.
5 Five runs are deducted from the score when a wickets falls
4 Batsmen bat in pairs, facing four overs per partnership
Scoring In indoor cricket, runs are scored by way of both physical and bonus runs. Physical runs are scored by both batsmen completing a run from one crease to the other. Bonus runs are scored when the ball hits a net in different zones, but only when at least one physical run is score.
Zones
A Front net, behind the striker and wicketkeeper: 0 runs
B Side nets, between the striker and halfway down the pitch: 1 run
C Side nets between halfway and the bowlers end: 2 runs
D Back net: 4 runs on the bounce, 6 runs on the full
if you go
The flights
Etihad, Emirates and Singapore Airlines fly direct from the UAE to Singapore from Dh2,265 return including taxes. The flight takes about 7 hours.
The hotel
Rooms at the M Social Singapore cost from SG $179 (Dh488) per night including taxes.
The tour
Makan Makan Walking group tours costs from SG $90 (Dh245) per person for about three hours. Tailor-made tours can be arranged. For details go to www.woknstroll.com.sg
The Sky Is Pink
Director: Shonali Bose
Cast: Priyanka Chopra Jonas, Farhan Akhtar, Zaira Wasim, Rohit Saraf
Three stars
Price, base / as tested From Dh173,775 (base model)
Engine 2.0-litre 4cyl turbo, AWD
Power 249hp at 5,500rpm
Torque 365Nm at 1,300-4,500rpm
Gearbox Nine-speed auto
Fuel economy, combined 7.9L/100km
England's all-time record goalscorers:
Wayne Rooney 53
Bobby Charlton 49
Gary Lineker 48
Jimmy Greaves 44
Michael Owen 40
Tom Finney 30
Nat Lofthouse 30
Alan Shearer 30
Viv Woodward 29
Frank Lampard 29
Sweet%20Tooth
%3Cp%3E%3Cstrong%3ECreator%3A%20%3C%2Fstrong%3EJim%20Mickle%3Cbr%3E%3Cstrong%3EStarring%3A%20%3C%2Fstrong%3EChristian%20Convery%2C%20Nonso%20Anozie%2C%20Adeel%20Akhtar%2C%20Stefania%20LaVie%20Owen%3Cbr%3E%3Cstrong%3ERating%3A%20%3C%2Fstrong%3E2.5%2F5%3C%2Fp%3E%0A
Dirham Stretcher tips for having a baby in the UAE
Selma Abdelhamid, the group's moderator, offers her guide to guide the cost of having a young family:
• Buy second hand stuff
They grow so fast. Don't get a second hand car seat though, unless you 100 per cent know it's not expired and hasn't been in an accident.
• Get a health card and vaccinate your child for free at government health centres
Ms Ma says she discovered this after spending thousands on vaccinations at private clinics.
• Join mum and baby coffee mornings provided by clinics, babysitting companies or nurseries.
Before joining baby classes ask for a free trial session. This way you will know if it's for you or not. You'll be surprised how great some classes are and how bad others are.
• Once baby is ready for solids, cook at home
Take the food with you in reusable pouches or jars. You'll save a fortune and you'll know exactly what you're feeding your child.
The Bloomberg Billionaire Index in full
1 Jeff Bezos $140 billion
2 Bill Gates $98.3 billion
3 Bernard Arnault $83.1 billion
4 Warren Buffett $83 billion
5 Amancio Ortega $67.9 billion
6 Mark Zuckerberg $67.3 billion
7 Larry Page $56.8 billion
8 Larry Ellison $56.1 billion
9 Sergey Brin $55.2 billion
10 Carlos Slim $55.2 billion
Gifts exchanged
- King Charles - replica of President Eisenhower Sword
- Queen Camilla - Tiffany & Co vintage 18-carat gold, diamond and ruby flower brooch
- Donald Trump - hand-bound leather book with Declaration of Independence
- Melania Trump - personalised Anya Hindmarch handbag
