Breach, Data Security, Incident Response, Malware, TDR

Another Iran facility hit with cyber attack, perhaps

The accuracy of a report of a cyber attack on an Iranian infrastructure facility is being disputed.

An initial report on Tuesday from the Iranian Students News Agency (ISNA) claimed that cyber attackers had breached computer systems at a power plant and a branch of the Culture Ministry in the southern coastal province of Hormozgan. The location is considered strategic because the area borders the Straits of Hormuz, which offers the only open sea lane between the oil-rich Persian Gulf and the Indian Ocean.

The ISNA said the Passive Defense Organization of Iran (PDOI), a military unit charged with the nation's cyber operations, had detected and thwarted a computer virus intrusion at Bandar Abbas Tavanir Co., an electrical utility, as well as at other facilities.

Additionally, according to an item in Wednesday's New York Times, Iran's Fars News Agency reported that the cyber attack on the Culture Ministry had been "repelled by the headquarters' experts."

However, a follow-up press release from a local civil defense official refuted these announcements. And, in another twist, the ISNA later quoted other officials as saying there had, in fact, been no attacks on facilities in the area.

While the widely circulated state reports failed to specify who was behind the attacks, there were indications they originated in the United States and Israel, which have already been reported to be behind earlier cyber attacks, namely Stuxnet, in a long-term dispute over whether Iran's nuclear facilities are intended for infrastructure or military use. The Stuxnet attacks on the computer systems that run Iran's primary nuclear enrichment facilities, including those at Natanz and Bushehr, was first disclosed in June 2011 by the New York Times as originating from the United States.

These reports are just the latest extension of what has been described as a covert cyber war. Reports in late July claimed the Atomic Energy Organization of Iran was hit by a cyber attack. A computer virus was detected in April inside the control systems of Kharg Island, an Iran-controlled island in the Persian Gulf from which most of Iran's crude oil is exported, but the facility remained online. And, earlier this month, Iran's Computer Emergency Response Team said it had detected new targeted malware capable of wiping disk partitions and user profile directories without being recognized by anti-virus software at "various predefined times."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.