Pierluigi Paganini May 26, 2013

New cyber attacks from Iran hit US enterprises focusing on energy sector, the offensive has been revealed by American officials and private security experts.

A new series of cyber attacks from Iran hit US enterprises, the offensive has been revealed by American officials and private security experts.

The attacks are classified as “potentially destructive” and targeted IT infrastructures of various sectors especially the energetic one, the expert has tracked them back to Iran but haven’t provided any evidence.

American oil, gas and electricity companies are most targeted by the hackers but differently from the numerous attacks originated from China in the last months their purpose is the sabotage.

Last year the energy giants Saudi Aramco, RasGas and the Qatari energy company were hit by  destructive cyber attacks originated from Iran, DHS warns that respect these offensives the sophistication level of recent attacks appears superior demonstrating that Teheran has improved its hacking capabilities in the last months.

The attackers seem to be interested to find and exploit vulnerabilities in industrial control of critical processing systems to cause serious damage, an US official revealed

“[attack] probes that suggest someone is looking at how to take control of these systems.”

Similar attacks are daily conducted against US infrastructures as revealed in more that one occasion by various alerts issued by DHS but according a government official they are principally originating from the Middle East area.

 “most everything we have seen is coming from the Middle East.” Official said.

Government officials declared to The Wall Street Journal that the attacks were originated from Iran, of course the revelation is not enough to link them to the Government of Teheran despite the experts suspect state-sponsored operations. Let’s remind that access to Internet from Iran is controlled by the regime and it is quite impossible to elude the surveillance to conduct a series of attacks against a foreign state.

US Government was considered by Iran an enemy to fight and in various occasions the Iranian authorities blamed US and Israel for the destructive cyber attacks based on Stuxnet virus against the Natanz nuclear enrichment plant.

To respond to continuous attacks against its infrastructures from foreign governments the President Mahmud Ahmadinejad personally promoted the born of a high specialized cyber unit named Iran’s Islamic Revolutionary Guards Corps.

Immediate the official reply of the Iranian government, it denied that responsibility for the cyber attacks from Iran and in turn increased the allegations against the U.S. Government guilty of continuing attacks on facilities in the country.

According The Times its editor received a letter referring a May 12 article that reported on the new attacks’ similar to the Saudi Aramco episode, Alireza Miryousefi, the head of the press office of the Iranian mission to the United Nations, wrote that

[Iran] “never engaged in such attacks against its Persian Gulf neighbors, with which Iran has maintained good neighborly relations.”

“Unfortunately, wrongful acts such as authorizing the 2010 Stuxnet attack against Iran have set a bad, and dangerous, precedent in breach of certain principles of international law,” he wrote.

US ICS-Cert, an agency that monitors cyber attacks against industrial SCADA and ICS issued various warnings on the cyber threats expressing high concern for possible consequences of a successful attack.

Former Defense Secretary Leon Panetta last year has alerted US government on the high risks of cyber attacks against U.S. critical infrastructures and network, sustaining that attackers are increasing their cyber capabilities.

He defined the actual historical period as a “pre-9/11 moment,” referring to a possible series of cyber attacks against US. Panetta revealed that U.S. Intelligence community fears a combined threat of cyber terrorism and other attacks that could have effect similar to 9/11.

The possible targets of a cyber attacks are multiple, from nuclear plants to telecommunications systems and the U.S., such as many other countries are still too vulnerable.

“The attackers are plotting. Our systems will never be impenetrable, just like our physical defenses are not perfect. But more can be done to improve them.  We need Congress, and we need all of you, to help in that effort.” said Panetta.

Foreign governments are conducting numerous offensives also against other strategic sectors, US major banks for example have been targeted by numerous DDoS attacks in the recent months and according security experts it was always a series of cyber attacks from Iran.

The New York Times reported in a post:

Government officials also say Iran was the source of a separate continuing campaign of attacks on American financial institutions that began last September and has since taken dozens of American banks intermittently offline, costing millions of dollars. But that attack was a less sophisticated “denial of service” effort.

These attacks, their increased complexity and frequency urge the adoption of an efficient cyber security strategy shared by government, private enterprises and the population … cyber security is a share responsibity.

Pierluigi Paganini

(Security Affairs – Cyber security)