Iran announced to have foiled massive cyberattacks on public services

State television announced that Iran has foiled massive cyberattacks that targeted public services operated by both government and private organizations.

According to the Iran state television, the attack attempts took place in recent days and aimed at the infrastructure of more than 100 public sector agencies. The report did not name entities that were targeted by the cyberattacks.

Iranian authorities did not attribute the attacks to a specific threat actor, they only said that the offensive was launched from systems in the Netherlands, Britain and the United States.

However, Iranian authorities always blame foreign hackers for the attacks on local critical infrastructure.

“The report said that unidentified parties behind the cyberattacks used Internet Protocols in the Netherlands, Britain and the United States to stage the attacks.” reported the Associated Press.

In October, a cyber attack disrupted gas stations from the state-owned National Iranian Oil Products Distribution Company (NIOPDC) across Iran. The attack also defaced the screens at the gas pumps and gas price billboards.

In July 2021, Iran’s railroad system was hit by a cyberattack, threat actors published fake messages about delays or cancellations of the trains on display boards at stations across the country, the Fars news agency reported.

The attack against Iran’s national railway system involved a wiper malware dubbed Meteor and not ransomware as initially thought. Meteor was a previously undetected strain of malware, but experts were not able to link it to specific advanced persistent threat actors. The messages on the boards informed passengers that the trains were “long delayed because of cyberattack” or “canceled.” The messages also urged passengers to call for information and provided the phone number of the office of the country’s supreme leader, Ayatollah Ali Khamenei.

However, the most debated attack against Iran was Stuxnet, its story is still one of the most intriguing cases of modern information warfare. The virus was developed by the US and Israel to interfere with the nuclear enrichment program conducted by Iran in the plant of Natanz.

Stuxnet is a malicious computer worm developed to target SCADA systems that were first uncovered in 2010, but researchers believe its development began at least in 2005. 

Stuxnet has been designed to hit centrifuges used in the uranium enrichment process in nuclear plants of the country.

Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.
To nominate, please visit: https://docs.google.com/forms/d/e/1FAIpQLSfxxrxICiMZ9QM9iiPuMQIC-IoM-NpQMOsFZnJXrBQRYJGCOw/viewform  

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, SolarMarker)

[adrotate banner=”5″]

[adrotate banner=”13″]