Security Experts:

Iran Says U.S. Attacked Oil Ministry

Iran said on Monday that the attack on its Oil Ministry was carried out by U.S. hackers, citing the results of internal investigations.

The new information comes to light after a New York Times report, excerpting a book written by one of their reporters, said that the Obama administration was behind the Stuxnet attack that crippled an Iranian nuclear power plant.

Last month, senior officials within Iran’s Oil Ministry said that they had determined the attacker’s agenda after the cyberattack in April. At the time, they would not disclose any information citing ongoing investigations. However, all of that seems to have changed now that the cat is out of the bag on Stuxnet.

Seyed Kamal Hadianfar, who is the head of Information Production and Exchange Department of the Law Enforcement Police General, told state media (FARS) over the weekend that “2 American IPs were identified in the attack against the oil ministry.”

Hadianfar said that the U.S. should disclose the assignment records for the addresses, so that his country can identify them and file a lawsuit.

According to reports, the alleged U.S.-based attackers failed to penetrate the oil ministry’s network with a virus during the April attack, which was initiated in order to steal or destroy critical information.

Deputy Oil Minister Hamdollah Mohammadnejad told FARS “those who design and develop such viruses are pursuing specific goals.”

Monday’s report made no mention of Stuxnet directly, though earlier reports from the AFP compared to two attacks on equal footing.

Earlier in March, Iran announced plans to strengthen its cyber security measures with the establishment of the Supreme Council of Cyberspace. The council, state media reported, would “establish the National Center for Cyberspace that will allow gaining complete knowledge about the activities in cyberspace on domestic and international scales...”

 

Related: Are Industrial Control Systems Secure?

Related: Industrial Control Systems are 10 Years Behind Enterprise IT on Security, Say Experts

 

Subscribe to the SecurityWeek Email Briefing
view counter
Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.