Massive DDoS attack brought down 25% Iranian Internet connectivity

Iran comes under cyber-attack again, a massive offensive brought down a large portion of the Iranian access to the Internet.

Iran infrastructures are under attack, a massive cyberattack brought down a large portion of the Iranian access to the Internet, according to the experts the national connectivity fell to 75%.

The NetBlocks internet observatory, which tracks disruptions and shutdowns, observed yesterday (February 8, 2019) a massive outage of the country’s connectivity to the Internet

According to NetBlock, the connectivity issue was observed after the Iranian Government has deployed the “Digital Fortress” (also known as D DEZHFA/Dejfa) which is the national cyber shield.

“Network data from the NetBlocks internet observatory confirm extensive disruption to telecommunication networks in Iran on the morning of Saturday, 8 February 2020 lasting several hours.” reads a post published by NetBlocks.

“Network data show a distinct fall in connectivity with several of Iran’s leading network operators from approximately 11:45 a.m. local time (08:15 UTC) affecting cellular and fixed-line operators. Partial recovery was observed one hour after the initial shutdown but other networks returned some seven hours after the incident onset. National connectivity fell to a low point of 75% of ordinary levels for a period during the morning.”

In December 2019, the Iranian telecommunications minister Mohammad Javad Azari Jahromi, announced that the Islamic Republic had recently thwarted a “highly organized cyber attack” targeting its government infrastructure.

In October 2019, addressing the Munich Security Conference (MSC) Cyber Security Summit in Qatar, Azari Jahromi said his country’s cybersecurity project codenamed Digital Fortress (Dejfa) deterred 33 million cyberattacks in 2018.

According to the experts, the Internet outage suffered yesterday by Iran had impacted some network operators. ICT ministry officials confirmed that the Digital Fortress system repelled a Distributed Denial of Service (DDoS) attack.

Technical data confirm that networks were disabled while the country’s infrastructures were under attack.

A spokesperson for Iran’s Telecommunication Infrastructure Company, confirmed via Twitter that a DDoS attack had been “normalized” with the “intervention of the Dzhafa Shield.”

While NetBlocks pointed out that the observation is consistent with a targeted disruption, the Financial Tribune revealed that there is no evidence that the attack was launched by a nation-state actor.

“No sign of state sponsorship of the attack has been detected yet.” Bonabi told Financial Tribune.

“The attack’s sources and destinations were highly distributed. Spoofed source IPs from East Asia and North America were used in the DDoS attack,”

Iran has faced multiple network disruptions in recent months, in some caused the problems were caused by internal factors.

In December Iran telecommunications minister announced that for the second time in a week it has foiled a cyber attack against its infrastructure.

In November 2019, after the announcement of the government to cut fuel subsidies, protests erupted in Iran and the authorities blocked access to the internet to prevent the spreading of news, videos, and images online.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Iran, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]