Iran investigates possible cyber attacks behind a string Oil Industry incidents

Iran ’s cyberspace security authorities are investigating a string of fires in the country oil and gas facilities. Incidents or cyber sabotage?

Once again, something of strange is happening in Iran, the Government of Teheran is investigating a recent string of incidents occurred in critical infrastructure in the country.

The Iran’s Supreme National Cyberspace Council is investigating whether the oil and petrochemical fires were caused by cyber attacks, authorities fears that nation state actors may have launched an attack similar to Stuxnet.

The first incident occurred on July 6, in the Bouali petrochemical plant on the Persian Gulf coast, a couple of days after the fire was put out, a liquefied gas pipeline exploded in the Marun Oil and Gas Production Company, unfortunately, a worker died. On July 29 another fire occurred at the Bisotoon petrochemical plant.

The incidents were originally blamed on human error but after another explosion of a gas pipeline near Gonaveh the Iranian Petroleum Ministry started an investigation to understand the real cause of the anomalous string of incidents.

“The Iranian Petroleum Ministry, in charge of all of the affected sites denied the plants were sabotaged and the Iranian oil minister Bijan Namdar Zanganeh said the fires and explosions were due to technical faults and human error.” reported the Time.com “However when an explosion in a gas pipeline near Gonaveh, which killed a worker, and another fire in the Imam Khomeini petrochemical plant, occurred within hours of each other on Aug. 6, the ministry refused to comment until after investigations.“

Mr. Abolhassan Firouzabadi, the secretary of Iran’s Supreme National Cyberspace Council, confirmed that a team of investigators will work on the case trying to understand if the incidents are linked and if they were caused by a cyber attack.

“Abolhassan Firouzabadi, secretary of Iran’s Supreme National Cyberspace Council, says a team of experts will look at the possibility of cyberattacks as being a cause, Press TV reported on Sunday.

Special teams will be sent to the afflicted sites to study the possibility of cyber systems having a role in the recent fires, he said.” reported the Tehran Times.

According to SCMagazine.com, Idan Udi Edry, CEO at Nation-E, speculates that the evidence leads experts into believing that the incidents being caused by a cyberattack.

“One indicator is that some of these attacks took place within hours of each other – some people may chalk this up to coincidence, but the fact that several of these incidences took place within a few weeks gives us reason to believe an attacker learned how to successfully implement a cyberattack on Iran’s oil and gas facilities, then continued to keep doing so on larger scales,” he told SCMagazine.com in an email.

This string of incidents raises the debate on the security of critical infrastructure and the dangers of cyber attack.

We all have in mind what has happened in 2010, when the systems at the Natanz nuclear facility were hit with the Stuxnet malware.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Iran, critical infrastructure)