Forgot your password?
typodupeerror
Security News Technology

Iran Claims New Cyberattacks On Industrial Sites 75

Posted by Soulskill
from the christmas-gift-from-the-nsa dept.
wiredmikey writes "Iranian officials on Tuesday said a 'Stuxnet-like' cyberattack hit some industrial units in a southern province. 'A virus had penetrated some manufacturing industries in Hormuzgan province, but its progress was halted,' Ali Akbar Akhavan said, quoted by the ISNA news agency. Akhavan said the malware was 'Stuxnet-like' but did not elaborate, and that the attack had occurred over the 'past few months.' One of the targets of the latest attack was the Bandar Abbas Tavanir Co, which oversees electricity production and distribution in Hormuzgan and adjacent provinces. He also accused 'enemies' of constantly seeking to disrupt operations at Iran's industrial units through cyberattacks, without specifying how much damage had been caused. Iran has blamed the U.S. and Israel for cyberattacks in the past. In April, it said a voracious malware attack had hit computers running key parts of its oil sector and succeeded in wiping data off official servers."
This discussion has been archived. No new comments can be posted.

Iran Claims New Cyberattacks On Industrial Sites

Comments Filter:
  • by ihatewinXP (638000) on Wednesday December 26, 2012 @12:01AM (#42392283)

    "What goes around, comes around."

    Ill go back tomorrow and read this at -1 to see the real discussion....

    • Presumably the Stuxnet virus was released to retard the development of Iranian nuclear program.

      Wonder what's the real aim for this latest round of stuxnet-like virus?

    • by jimmydevice (699057) on Wednesday December 26, 2012 @01:22AM (#42392565)
      A viral attack on a sovereign country is war.
      • by MiniMike (234881)

        Iran has funded and controlled terrorists [wikipedia.org] in Argentina, Israel, India, Iraq, Kenya, Lebanon, and Saudi Arabia. Setting off bombs in another country, firing missiles randomly at another country's civilian population, and attacking military targets could all be considered acts of war, are far more serious attacks than a computer virus, and have been going on for far longer than Stuxnet has been around. If Stuxnet is the only payback Iran receives for what they've done, they're getting off very lightly.

        • by Uberbah (647458)

          Iran has funded and controlled terrorists in Argentina, Israel, India, Iraq, Kenya, Lebanon, and Saudi Arabia.

          You mean accused of funding terrorists. There's a big difference between claims and proof - or have you forgotten about "Nigerian yellow cake" and "aluminum tubes?"

          But, lets go ahead and say that the worst things you claim about Iran are true - they'd still be the molehill next to the mountain of U.S. and Israeli aggression. Iran hasn't launched two bogus wars of choice in the last ten years or s

  • I *just* heard on German radio they now withdrew that claim, but I didn't pay closer attention sorry ^_^

    • Well, that doesn't excuse being sloppy: I heard they withdrew their knee-jerk accusing US and Israel for it, *not* that an attack took place. And this isn't even contrary to the Slashdot summary, so ignore all of this.

  • by swschrad (312009) on Wednesday December 26, 2012 @12:35AM (#42392401) Homepage Journal

    but the real fun is when some nitwit turns the worms loose on the so-called "smart grid," which has more holes than security.

  • Dear Iran (Score:5, Informative)

    by Osgeld (1900440) on Wednesday December 26, 2012 @12:39AM (#42392427)

    Fix your shit or quit complaining that the same basic attack keeps infecting your systems

    thank you

    • by AmiMoJo (196126) *

      TFA mentions that the attacks failed. TFS is misleading.

    • In what universe was Stuxnet a "basic attack"? Did you ever read how it worked?
    • Fix your shit or quit complaining that the same basic attack keeps infecting your systems

      thank you

      Because changing a countries complete IT infrastructure to a new platform is something that can be done in a blink of an eye? With every attack I would imagine we will get closer to Iran moving to a really controlled environment, but weather that is a huge fix is another issue (I would imagine the US and Israel have the capability to infect anything they wish).

  • A warning (Score:5, Insightful)

    by Black Parrot (19622) on Wednesday December 26, 2012 @12:40AM (#42392431)

    Commerce, industry, governments, and militaries need to get *real* serious about computer security. If intelligence operatives can make attacks on critical infrastructure now, script kiddies will be able to do it before too many years. People will be shutting down critical industry just for the lulz.

    • by Anonymous Coward

      Script kiddies can do it right now, but most of them aren't as malicious as governments.

    • How about we can start by taking these PLCs off the internet!

      I am mortified by the responses I see here with PHBs wanting live reports from their cell phones on the nuclear power plant and IT willing to do it and how they all use XP SP 2 unpatched with no AV software!

    • by AHuxley (892839)
      The most interesting aspect is most/many/all? script groups that come to the surface seem to be owned top down or at an admin level or mixed in with many informants/agents/agents provocateurs.
      COINTELPRO showed the way, PATCON Patriot-conspiracy http://www.foreignpolicy.com/articles/2012/04/18/patriot_games [foreignpolicy.com] provided insight into the 1980-90's efforts within the USA - using domestic and EU staff to form, control and guide groups within the USA.
      Now you have the "so much so that 1 in 4 hackers may now be an
    • by Hentes (2461350)

      Some already do [theregister.co.uk]. Although this is more of a hardware hack.

  • Do not be surprised when you have a nuclear meltdown or be without power for a few days during a grid outage. You brought this on yourselves and Iran has every right to attack back!

    If this does happen then the PHBs and IT needs to be jailed for negligence if any of these live systems are on the internet with their PLCS. Good LORD what the hell were you thinking?

  • enlighten me... (Score:5, Informative)

    by babai101 (1964448) on Wednesday December 26, 2012 @01:24AM (#42392575)
    Shouldn't these heavy industries and Iranian defense systems dump windows and use linux considering these are mainly virus and malware. A legitimate hack cannot be stopped but spreading of these malwares would be so much slower in a hardened linux system, and many script kiddies would be stopped too.
    • by AHuxley (892839)
      Think back to the early UK, US, Soviet, French, South African mil efforts. When a gov tells its country to move into a new area of dev, they rush out to buy whats on the open market, read up and build on what they know and what can be found from spying.
      If your cash flow is low/import issues you put your cash into hardware and software you cannot do without and fill in the gaps the best you can.
      Windows offers fast, 'easy' engineering interfaces with political cover. Buying an EU bespoke hardened linux 'u
      • by SomePgmr (2021234)
        I figured many of these industrial control systems probably work with vendor supplied software developed for windows. So in places where you need that kind of hardware you end up with windows machines.
    • by Anonymous Coward

      Iran probably doesn't have enough people sufficiently skilled with Linux to pull this off.

      If their internet was a little more open, they might have more home-grown skill for the kinds of things you learn by having unrestricted access to the web-at-large.

      • You would be surprised. I often see Iranian CS research papers at international conferences and they don't seem stupid or basic quite the contrary. They seem to have a better grasp of mathematics than the average. I don't see them having many issues switching to Linux assuming they are not using it already. The issue with these industrial machine tools is that they come with custom Windows drivers so they do not run on anything but Windows.
    • by Pieroxy (222434)

      First of all, if those attacks are made by armies of professional hackers specifically targeting their installation, chances are that Linux won't offer much protection.

      Second, I suspect that most of these industrial systems rely on custom hardware whose drivers only exists for Windows. That would make a migration pretty expensive.

    • by dj245 (732906)
      It isn't so easy.

      Say you buy a small steam turbine because you need extraction steam as part of a heating process. Every OEM I can think of uses a dedicated controller to control overspeed protection, load control, overtemperature control, temperature mismatch lockouts, etc. BUT they all use proprietary Windows software to interface with that controller.

      Many industrial pieces of equipment along your process work like this. Proprietary PID controller with access to it via Windows. Are you going to w
  • Hand me a Kleenex.
  • http://en.wikipedia.org/wiki/Hacker_ethic [wikipedia.org]
    "Mistrust authority — promote decentralization" and the rest...

  • throw stones to get an excuse to attack Iran, and you can bet our being attacked will help keep the patriot act going for another decade.

  • Seriously, if I were Iran, I'd be installing OpenBSD on all critical infrastructure from day one when it became obvious that stuxnet damaged Natanz. As much as I like country and people of Iran, I have serious doubts of the mental capabilities of their leadership.

    • by fnj (64210)

      I think the message is not to get roped into imported industrial infrastructure with or without tie-ins to sack of shit operating systems like Windows. Iran has plenty of home grown technical expertise. We are not talking about some backwater here. The next nuclear players - and believe me, they WILL be coming - will get the message, but I can't think of any likely ones with anything like the native talent that Iran has.

  • by slashmydots (2189826) on Wednesday December 26, 2012 @08:59AM (#42394129)
    Maaaaybe they should keep their industrial equipment and controlling computers OFF THE INTERNET, seeing as how they have no reason to be on the internet. Then set up a bulletproof VLAN and you're a hell of a lot better off than now.
  • "An Internet virus [yahoo.com] attacked computers at industrial sites in southern Iran, in an apparent extension of a covert cyber war that initially targeted the country's nuclear facilities, an Iranian official said."

    Would this "Internet virus" be Microsoft Windows only?

If builders built buildings the way programmers wrote programs, then the first woodpecker to come along would destroy civilization.

Working...