Iran Claims New Cyberattacks On Industrial Sites 75
wiredmikey writes "Iranian officials on Tuesday said a 'Stuxnet-like' cyberattack hit some industrial units in a southern province. 'A virus had penetrated some manufacturing industries in Hormuzgan province, but its progress was halted,' Ali Akbar Akhavan said, quoted by the ISNA news agency. Akhavan said the malware was 'Stuxnet-like' but did not elaborate, and that the attack had occurred over the 'past few months.' One of the targets of the latest attack was the Bandar Abbas Tavanir Co, which oversees electricity production and distribution in Hormuzgan and adjacent provinces. He also accused 'enemies' of constantly seeking to disrupt operations at Iran's industrial units through cyberattacks, without specifying how much damage had been caused. Iran has blamed the U.S. and Israel for cyberattacks in the past. In April, it said a voracious malware attack had hit computers running key parts of its oil sector and succeeded in wiping data off official servers."
Hope the saying isnt true.... (Score:3)
"What goes around, comes around."
Ill go back tomorrow and read this at -1 to see the real discussion....
The nature of the attack (Score:2)
Presumably the Stuxnet virus was released to retard the development of Iranian nuclear program.
Wonder what's the real aim for this latest round of stuxnet-like virus?
Re:Hope the saying isnt true.... (Score:4, Informative)
Re: (Score:1)
Iran has funded and controlled terrorists [wikipedia.org] in Argentina, Israel, India, Iraq, Kenya, Lebanon, and Saudi Arabia. Setting off bombs in another country, firing missiles randomly at another country's civilian population, and attacking military targets could all be considered acts of war, are far more serious attacks than a computer virus, and have been going on for far longer than Stuxnet has been around. If Stuxnet is the only payback Iran receives for what they've done, they're getting off very lightly.
Re: (Score:3)
You mean accused of funding terrorists. There's a big difference between claims and proof - or have you forgotten about "Nigerian yellow cake" and "aluminum tubes?"
But, lets go ahead and say that the worst things you claim about Iran are true - they'd still be the molehill next to the mountain of U.S. and Israeli aggression. Iran hasn't launched two bogus wars of choice in the last ten years or s
Hrmpf. (Score:2)
I *just* heard on German radio they now withdrew that claim, but I didn't pay closer attention sorry ^_^
Re: (Score:3)
Well, that doesn't excuse being sloppy: I heard they withdrew their knee-jerk accusing US and Israel for it, *not* that an attack took place. And this isn't even contrary to the Slashdot summary, so ignore all of this.
Re: (Score:1)
Tehran - A local civil defense official denied an earlier account that a fresh cyber attack on industrial units in the southern province of Hormuzgan had been repelled, Iran's state broadcaster website reported Tuesday.
http://www.securityweek.com/iran-denies-foiling-cyber-attack-industrial-units-report [securityweek.com]
Re: (Score:3)
You know, the Iranian revolution in '79 was co-opted by murderous poopyheads who have had their grip on the country since then, right? My point is that your beef is, by and large, not with Iranians, especially not with the younger generation. There is nothing to gain and a lot to loose by missing this.
But first you kinda have to drop this attidude of talking down to servants, just because the guys who hold your collar can beat up the guys holding theirs. That is beyond pathetic.
don't need Irant anyway (Score:4, Interesting)
but the real fun is when some nitwit turns the worms loose on the so-called "smart grid," which has more holes than security.
Dear Iran (Score:5, Informative)
Fix your shit or quit complaining that the same basic attack keeps infecting your systems
thank you
Re: (Score:2)
TFA mentions that the attacks failed. TFS is misleading.
Re: (Score:2)
Re: (Score:2)
Fix your shit or quit complaining that the same basic attack keeps infecting your systems
thank you
Because changing a countries complete IT infrastructure to a new platform is something that can be done in a blink of an eye? With every attack I would imagine we will get closer to Iran moving to a really controlled environment, but weather that is a huge fix is another issue (I would imagine the US and Israel have the capability to infect anything they wish).
A warning (Score:5, Insightful)
Commerce, industry, governments, and militaries need to get *real* serious about computer security. If intelligence operatives can make attacks on critical infrastructure now, script kiddies will be able to do it before too many years. People will be shutting down critical industry just for the lulz.
Re: (Score:1)
Script kiddies can do it right now, but most of them aren't as malicious as governments.
Re: (Score:2)
How about we can start by taking these PLCs off the internet!
I am mortified by the responses I see here with PHBs wanting live reports from their cell phones on the nuclear power plant and IT willing to do it and how they all use XP SP 2 unpatched with no AV software!
Re: (Score:3)
COINTELPRO showed the way, PATCON Patriot-conspiracy http://www.foreignpolicy.com/articles/2012/04/18/patriot_games [foreignpolicy.com] provided insight into the 1980-90's efforts within the USA - using domestic and EU staff to form, control and guide groups within the USA.
Now you have the "so much so that 1 in 4 hackers may now be an
Re: (Score:2)
Some already do [theregister.co.uk]. Although this is more of a hardware hack.
Americans (Score:1)
Do not be surprised when you have a nuclear meltdown or be without power for a few days during a grid outage. You brought this on yourselves and Iran has every right to attack back!
If this does happen then the PHBs and IT needs to be jailed for negligence if any of these live systems are on the internet with their PLCS. Good LORD what the hell were you thinking?
enlighten me... (Score:5, Informative)
Re: (Score:2)
If your cash flow is low/import issues you put your cash into hardware and software you cannot do without and fill in the gaps the best you can.
Windows offers fast, 'easy' engineering interfaces with political cover. Buying an EU bespoke hardened linux 'u
Re: (Score:2)
Re: (Score:1)
Iran probably doesn't have enough people sufficiently skilled with Linux to pull this off.
If their internet was a little more open, they might have more home-grown skill for the kinds of things you learn by having unrestricted access to the web-at-large.
Re: (Score:1)
Re: (Score:2)
First of all, if those attacks are made by armies of professional hackers specifically targeting their installation, chances are that Linux won't offer much protection.
Second, I suspect that most of these industrial systems rely on custom hardware whose drivers only exists for Windows. That would make a migration pretty expensive.
Re: (Score:2)
Say you buy a small steam turbine because you need extraction steam as part of a heating process. Every OEM I can think of uses a dedicated controller to control overspeed protection, load control, overtemperature control, temperature mismatch lockouts, etc. BUT they all use proprietary Windows software to interface with that controller.
Many industrial pieces of equipment along your process work like this. Proprietary PID controller with access to it via Windows. Are you going to w
Sniff. (Score:1)
The hackers ethic... (Score:2)
http://en.wikipedia.org/wiki/Hacker_ethic [wikipedia.org]
"Mistrust authority — promote decentralization" and the rest...
Those in glass houses... (Score:2)
throw stones to get an excuse to attack Iran, and you can bet our being attacked will help keep the patriot act going for another decade.
I thought they would learn by now (Score:2)
Seriously, if I were Iran, I'd be installing OpenBSD on all critical infrastructure from day one when it became obvious that stuxnet damaged Natanz. As much as I like country and people of Iran, I have serious doubts of the mental capabilities of their leadership.
Re: (Score:2)
I think the message is not to get roped into imported industrial infrastructure with or without tie-ins to sack of shit operating systems like Windows. Iran has plenty of home grown technical expertise. We are not talking about some backwater here. The next nuclear players - and believe me, they WILL be coming - will get the message, but I can't think of any likely ones with anything like the native talent that Iran has.
Are they stupid? (Score:3)
An Internet virus? (Score:2)
Would this "Internet virus" be Microsoft Windows only?