Iranian hackers have broken into the networks of 50 governments and critical infrastructure firms in 16 nations in the latest major threat to come to light.
A report from security company Cylance details evidence that hackers from Iran have been hitting targets in countries including the UK, the US, Canada, Germany and South Korea from as far back as 2010.
Cylance said that it tracked the source of the attacks to a hacker team named Tarh Andishan in Tehran.
The firm has labelled the campaign Operation Cleaver, warning that those behind the hacks have avoided detection for several years by using advanced evasion techniques.
Cylance said that the group used publicly available and customised tools to attack and compromise targets around the globe.
The targets included military, oil and gas, energy and utilities, transport, telecoms, technology, aerospace, defence contractors, chemical, companies and governments.
Cylance gave some more details on those affected, such as San Diego’s Navy Marine Corp Intranet and a company "specialising in natural gas production", along with "electric utilities organisations" and a number of oil and gas providers.
The fact that the attackers hit such high-profile targets without being uncovered forced Cylance to reveal that it was tracking their work in order to raise awareness of the threat.
"Due to the choice of critical infrastructure victims and the Iranian team’s quickly improving skillset, we are compelled to publish this report," said Stuart McClure, CEO of Cylance.
"By exposing our intelligence on Cleaver, we hope the information we share can reveal the techniques and tools of this group, drawing global attention to attacks on critical infrastructure and preventing attacks which could endanger human lives."
Iran's development of such sophisticated cyber attack tools is significant, according to Cylance, given that only a few years only the country was limited to basic techniques such as website defacement and distributed denial of service attacks.
"Indication of the type of attacks show sophistication in approach and organisation. Additionally, the importance of the targets with geo-political impact [implies] that Iran is a source of serious cyber threat participants," the company said.
One possible explanation is that Iran has teamed up with North Korea to develop more powerful tools, given that Cylance found South Korean targets.
The security firm stopped short of saying this directly, but suggested that the idea of such a relationship is quite possible.
"We can say generally that we have found that nations will often barter cyber security services and use these abilities to increase their technical clout and political power," Cylance said.
North Korea has also been blamed for an attack on Sony Picture Entertainment's systems that used a rare form of "computer-destroying" malware which has left the company struggling for over a week.
Iran was itself the target of a major malware campaign termed Stuxnet, which was seen at the time as the first government-created malware, although the recently discovered Regin malware now appears to be older.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago