Iranian oil systems hit by cyber-attack

Iranian authorities said the country was hit by a cyber-attack during the weekend, a malware-based threat targeting institutional sites and (possibly) key infrastructures for oil extraction. The attack forced officials to cut the affected systems off the Internet, but now everything should be fine and investigators are working to find the true extent of the breach.

The unknown malicious code hit computers belonging to the Iranian oil Ministry and the national oil company, and Teheran decided to cut Kharg Island (handling 90% of Iran’s total oil exports) and other oil plants off the Internet just as a precautionary measure.

To better manage the cyber-attack consequences, Iran mobilized its previously formed “cyber crisis committee” – the same committee already entrusted with fighting the Stuxnet worm which attacked facilities for nuclear energy research.

As for the practical consequences of the new attack, Iran says data regarding users of Ministry and national oil company sites was stolen but “core” information about the oil industry on the whole is still safe on systems not connected to the Internet.

“All units with the oil industry back up their data on a daily and long-term basis – the oil ministry said – but in cases where information has been impaired to any extent, the backup data is being replaced”. The international oil selling division “has not been affected”, Teheran stated, while a team of experts will be investigating the incident for two or three days to know and deal with the full wrongdoings of the still-unnamed malicious code.

Report a problem with article
Previous Story

Steam for Linux confirmed; no launch date yet

Next Story

Lumia 900 coming to the UK May 14th

12 Comments

Commenting is disabled on this article.

Please explain to me why any critical infrastructure system needs to even be connected to the internet?

if it wasn't for the worry of $5-6/gallon gas then pressure on their oil exports is the best option but as of now nobody wants to deal with that pain as it would cripple the economy of many nations if done.

sava700 said,
if it wasn't for the worry of $5-6/gallon gas then pressure on their oil exports is the best option but as of now nobody wants to deal with that pain as it would cripple the economy of many nations if done.

Yeah,.. as others have said they can pick apart a secure drone yet they can't secure their own network... and important infrastructure connected to the net...

Smells more like a conspiracy...hmm, they claim to have been attacked, had to shut down internet access.. next we'll be hearing oil prices have gone up as a result. OR maybe this is just the what ifs/saw it comming run up to something much bigger. .."sorry guys, no more fuel for you, china hacked the internet and deleted all our oil we don't have a clue where it is anymore! but we've shipped several million gallons over to the USA just to be on the safe side of things..." meanwhile, in America "ok guys, listen up, we need to goto war with China because they've deleted OUR oil using the internet with hacker ninjas. I'm pretty sure they're armed to the teeth so lets make sure these documents I found lastnight in the bottom of my draw are shown to everyone in the world!" later that day in China 'ohh guys we need to hide our gold, the internet is coming for us they think we have their oil!"

ohh i could have fun with this all day... back later, I've gt a new conspiracy website to make...

sagum said,

Yeah,.. as others have said they can pick apart a secure drone yet they can't secure their own network... and important infrastructure connected to the net...

Smells more like a conspiracy...hmm, they claim to have been attacked, had to shut down internet access.. next we'll be hearing oil prices have gone up as a result. OR maybe this is just the what ifs/saw it comming run up to something much bigger. .."sorry guys, no more fuel for you, china hacked the internet and deleted all our oil we don't have a clue where it is anymore! but we've shipped several million gallons over to the USA just to be on the safe side of things..." meanwhile, in America "ok guys, listen up, we need to goto war with China because they've deleted OUR oil using the internet with hacker ninjas. I'm pretty sure they're armed to the teeth so lets make sure these documents I found lastnight in the bottom of my draw are shown to everyone in the world!" later that day in China 'ohh guys we need to hide our gold, the internet is coming for us they think we have their oil!"

ohh i could have fun with this all day... back later, I've gt a new conspiracy website to make...

I can actually see this. It's easier for a large and/or talented group of people to target a very specific system.

In this case, vendor provided control software running there system. In drone case, a group targeting a specific vendor provide control system.

I wish the military would contract a product to the company, and then the company turn EVERYTHING over for the military to control, make, etc. (source code of software, every single part specs etc). Then allow the military to manufacture it with who they want, and allow the company (while it's protected, licensed, patent, etc) have commercial control of it.

Ex - How the drones were broadcasting it's video feed unencrypted over standard satellite frequencies (control systems, however were heavily protected). They found this out after getting video from insurgents of the drone feeds after a raid.

they can't secure their stuff, yet they claim they reverse engineered and decrypted teh US drone that "crashed" there.... gotta love the irony...

neufuse said,
they can't secure their stuff, yet they claim they reverse engineered and decrypted teh US drone that "crashed" there.... gotta love the irony...

Sure they did

"Blame it on the States, Blame it on the Mossad, or blame it on the code, that you thought you mastered,
Blame it on the dro-o-o-o-o-one. Blame it on the dro-o-o-one"

neufuse said,
they can't secure their stuff, yet they claim they reverse engineered and decrypted teh US drone that "crashed" there.... gotta love the irony...

as opposed to the major attacks that target US security agencies in the last year or so... US can make secure drone's, but cant make secure servers for they're agencies?

There is always someone with more free time and dedication to find the security flaw, them the person who designs the system.

Tom said,
And people wonder why Iran want to build their own Internet?

Why don't they just use Microsoft security essentials? Or did tom from Engineering open all the ports via DMZ again to get Open NAT

Gaffney said,

Why don't they just use Microsoft security essentials? Or did tom from Engineering open all the ports via DMZ again to get Open NAT

lul.