Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Infrastructure

Technical Problems, Not Cyberattacks Caused Iranian Oil Network Outage

Over the weekend, an Iranian government agency boasted that they’d successfully blocked a cyberattack that had targeted the networks of the Oil Ministry and the National Iranian Oil Company (NIOC).

Over the weekend, an Iranian government agency boasted that they’d successfully blocked a cyberattack that had targeted the networks of the Oil Ministry and the National Iranian Oil Company (NIOC).

After the proclamation was made early Saturday, the head of IT at the NIOC, Ahmad Tavallaei, posted to the Iranian Oil Ministry’s website that a technical problem – not a cyberattack – was the cause of network problems, which eventually led to a temporary shutdown.

In April 2012, the NIOC took several systems offline after malware was detected inside the control systems of Kharg Island oil terminal, which handles the majority of Iran’s crude oil exports.

Iran Oil MinistryLast October, Mohammad Reza Golshani, head of the communications and IT of a subsidiary of the NIOC – the NIOOC (Nat’l Iranian Offshore Oil Company), blamed Israel for cyberattacks against his company, bragging that they were defeated before any serious damage could be done.  

Iran often reports to state media that they have stopped a cyberattack launched by the west – Israel or the U.S., but as this weekend’s report shows, often their claims do not match the facts. Still, since it was revealed that the U.S. (and allegedly Israel) was behind Stuxnet and Duqu, Iran can cry wolf all they want and still have a somewhat valid argument for their claims.

The last time they used Stuxnet in context was on Christmas Day 2012. According to ISNA, the state’s media agency, Ali Akbar Akhavan said that a virus “penetrated some manufacturing industries in Hormuzgan province,” but progress was halted after Iran gained some help from “skilled hackers.”

The Christmas attack had occurred over several months, Akhavan noted, and it used malware that was “Stuxnet-like.” One of the targets of the Christmas attack was Bandar Abbas Tavanir Co.

According to the company’s website, they oversee electricity production and distribution in Hormuzgan and other adjacent provinces. This led Iran to speculate and blame the west for additional infrastructure attacks.

Interestingly, once the Christmas Day attack was carried by international media, Iran attempted to walk back their claims, and blamed inter-agency confusion for misleading statements.

Written By

Click to comment

Expert Insights

Related Content

Funding/M&A

Identity and access governance vendor Saviynt has closed a $205 million financing round.

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture

ICS/OT

Security orchestration, automation and response (SOAR) provider Swimlane on Monday announced the launch of a security automation solution ecosystem for operational technology (OT) environments.

ICS/OT

The White House announced on Wednesday that the Industrial Control Systems (ICS) Cybersecurity Initiative has been expanded to include the chemical sector.

Data Protection

Artificial intelligence is more artificial than intelligent.

Incident Response

Created and maintained by MITRE, MITRE D3FEND is a framework that provides a library of defensive cybersecurity countermeasures and technical components to help organizations...