Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Security Worms News

Iran's Oil Industry Hit By Cyber Attacks 115

wiredmikey writes "Iran disconnected computer systems at a number of its oil facilities in response to a cyber attack that hit multiple industry targets during the weekend. A source at the National Iranian Oil Company (NIOC) reportedly told Reuters that a virus was detected inside the control systems of Kharg Island oil terminal, which handles the majority of Iran's crude oil exports. In addition, computer systems at Iran's Oil Ministry and its national oil company were hit. There has been no word on the details of the malware found, but computer systems controlling several of Iran's oil facilities were disconnected from the Internet as a precaution. Oil Ministry spokesman Ali Reza Nikzad-Rahbar told Mehr News Agency on Monday that the attack had not caused significant damage and the worm had been detected before it could infect systems."
This discussion has been archived. No new comments can be posted.

Iran's Oil Industry Hit By Cyber Attacks

Comments Filter:
  • Re:how long? (Score:5, Interesting)

    by arglebargle_xiv ( 2212710 ) on Tuesday April 24, 2012 @03:54AM (#39779789)

    before Iran retaliates and the whole thing escalates into WW3

    There's almost nothing of any note on Kharq Island any more, most of it was destroyed during the Iran/Iraq war and never rebuilt. Have a look on Google Maps/Earth, there's a handful of oil storage tanks down the southern end, most of them completely empty, and one single ship that's almost certainly a bulk carrier (not an oil ship) docked there. The only reason Iran bothers to maintain a presence there is to extend their territorial claims into the Persian Gulf.

    This is some sort of political shenanigans being played by Iran, nothing more.

  • by tinkerton ( 199273 ) on Tuesday April 24, 2012 @04:50AM (#39779989)

    Maybe you're overstating things a bit but I roughly agree, and it's called nuclear capability. Iran is fully aware of the military capability of a civilian program, and this is part of their deterrence strategy. This is El Baradei's viewpoint and US and Israeli intelligence agrees with it. It is also a legitimate strategy.

    An agreement with Iran would involve keeping the development time to a full bomb as long as possible and the safeguards as thorough as possible. The real sticking point lies elsewhere: normalization of relations with Iran will make them a regional player. Unfortunately that's happening anyway so the question for the US is whether they want to be part of it or not.

  • Re:Quite (Score:5, Interesting)

    by ledow ( 319597 ) on Tuesday April 24, 2012 @07:33AM (#39780389) Homepage

    You can have Internet access on the computer next to it - what's that got to do with having critical control systems accessible over the Internet?

    1) Separate the two PHYSICAL networks.

    2) Make sure that there are only authorised devices sit on the control network and NEVER anything else (big, huge, red lights and warnings when something new is detected).

    3) Make sure that even pulling the Internet cable out does not in any way affect the control system, and that tampering with the control system or even detecting a single packet destined for or originating from anything other than authorised devices sets off so many warnings people wouldn't even try.

    4) IF YOU REALLY MUST - make the control system expose only the absolute minimum of controls (i.e. don't trust user input and act only on a given, set, limited protocol of commands) over an encrypted protocol to only authorised devices from authorised networks that know all the one-time-passwords and whatever else you want to use to secure it. And never expose any interface that has the potential to be compromised autonomously (e.g. web interfaces etc.) - there's no need for it and the interface should NEVER be able to do anything but issue valid commands with all appropriate normal safeguards applied to them.

    You do NOT need a general purpose operating system to run a nuclear reactor - it's not only an incredibly bad idea, they warn you against doing things like that in the OS EULA itself because it's JUST NOT GOOD ENOUGH and provides too much scope for mischief.

    One day, someone is going to end up running a nuclear reactor on Windows or something because they're just too thick to realise that's a problem and the slow creep of GPOS's into our lives will mean they will see nothing wrong with it.

  • by Digital Vomit ( 891734 ) on Tuesday April 24, 2012 @07:41AM (#39780405) Homepage Journal

    I think the USA is the more likely culprit. Iran created an oil bourse to trade oil in non-US dollars [] a few years ago (the same time all those undersea internet trunk lines were "coincidentally" damaged in the Persian Gulf []). The US needs to keep people trading oil in their currency at all costs, or the value of the US dollar will drastically drop and hyper-inflation will destroy the economy.

    Remember what happened to Iraq when they switched to trading oil from US dollars to the Euro in November 2000: the US invaded under false pretenses and forced Iraq to immediately switch oil trading back to US dollars [].

  • Re:Cold war (Score:5, Interesting)

    by AmiMoJo ( 196126 ) <> on Tuesday April 24, 2012 @07:59AM (#39780485) Homepage Journal

    To those who modded me -1 Troll:

    What is your explanation for this behaviour? The US and Israel are at war with Iran, invading their air space with drones, surrounding them with military bases and the US Navy, and launching cyber-attacks against their infrastructure. Do they think that if they keep at it Iran will just give up and abandon all nuclear and space research, give up their arms and become a placid non-threatening nation? With Israel still right next door?

    How do you think this is going to end? What possible sequence of events could lead to a peaceful resolution? How will attacking Iran make them decide to stop developing nuclear weapons?

System restarting, wait...