Slashdot Mirror

← Back to Stories (view on slashdot.org)

Iran Claims New Cyberattacks On Industrial Sites

Posted by Soulskill on from the christmas-gift-from-the-nsa dept.

wiredmikey writes "Iranian officials on Tuesday said a 'Stuxnet-like' cyberattack hit some industrial units in a southern province. 'A virus had penetrated some manufacturing industries in Hormuzgan province, but its progress was halted,' Ali Akbar Akhavan said, quoted by the ISNA news agency. Akhavan said the malware was 'Stuxnet-like' but did not elaborate, and that the attack had occurred over the 'past few months.' One of the targets of the latest attack was the Bandar Abbas Tavanir Co, which oversees electricity production and distribution in Hormuzgan and adjacent provinces. He also accused 'enemies' of constantly seeking to disrupt operations at Iran's industrial units through cyberattacks, without specifying how much damage had been caused. Iran has blamed the U.S. and Israel for cyberattacks in the past. In April, it said a voracious malware attack had hit computers running key parts of its oil sector and succeeded in wiping data off official servers."

75 comments

  1. Hope the saying isnt true.... by ihatewinXP · · Score: 2

    "What goes around, comes around."

    Ill go back tomorrow and read this at -1 to see the real discussion....

    --
    ---- The real Slashdot is still here. You just have to browse at -1 to read the comments.
    1. Re:Hope the saying isnt true.... by jimmydevice · · Score: 3, Informative

      A viral attack on a sovereign country is war.

    2. Re:Hope the saying isnt true.... by Anonymous Coward · · Score: 0

      I don't think that would bother Israel. They've been itching to pummel Iran for a while now.

    3. Re:Hope the saying isnt true.... by Anonymous Coward · · Score: 0

      ...and funding, recruiting and training terrorists isn't...ok

    4. Re:Hope the saying isnt true.... by MiniMike · · Score: 0

      Iran has funded and controlled terrorists in Argentina, Israel, India, Iraq, Kenya, Lebanon, and Saudi Arabia. Setting off bombs in another country, firing missiles randomly at another country's civilian population, and attacking military targets could all be considered acts of war, are far more serious attacks than a computer virus, and have been going on for far longer than Stuxnet has been around. If Stuxnet is the only payback Iran receives for what they've done, they're getting off very lightly.

    5. Re:Hope the saying isnt true.... by Anonymous Coward · · Score: 0

      A viral attack on a sovereign country is war.

      Can be considered an act of war. There's a difference.
      And that decision is not up to you... probably a good thing.

    6. Re:Hope the saying isnt true.... by Uberbah · · Score: 2

      Iran has funded and controlled terrorists in Argentina, Israel, India, Iraq, Kenya, Lebanon, and Saudi Arabia.

      You mean accused of funding terrorists. There's a big difference between claims and proof - or have you forgotten about "Nigerian yellow cake" and "aluminum tubes?"

      But, lets go ahead and say that the worst things you claim about Iran are true - they'd still be the molehill next to the mountain of U.S. and Israeli aggression. Iran hasn't launched two bogus wars of choice in the last ten years or set up a world wide torture regime. Iran isn't running an apartheid state against half it's population.

      As for terrorism again, wake us up when giant banks that have laundered money for Al Queda aren't granted sweeping immunity from prosecution, along with American shills for the terrorist group MEK.

  2. Hrmpf. by Johann+Lau · · Score: 1

    I *just* heard on German radio they now withdrew that claim, but I didn't pay closer attention sorry ^_^

    1. Re:Hrmpf. by Johann+Lau · · Score: 2

      Well, that doesn't excuse being sloppy: I heard they withdrew their knee-jerk accusing US and Israel for it, *not* that an attack took place. And this isn't even contrary to the Slashdot summary, so ignore all of this.

    2. Re:Hrmpf. by Anonymous Coward · · Score: 1

      Tehran - A local civil defense official denied an earlier account that a fresh cyber attack on industrial units in the southern province of Hormuzgan had been repelled, Iran's state broadcaster website reported Tuesday.

      http://www.securityweek.com/iran-denies-foiling-cyber-attack-industrial-units-report

    3. Re:Hrmpf. by Anonymous Coward · · Score: 0

      Oh. Thanks ^^

  3. Maybe they should just stop their warmongering. by Anonymous Coward · · Score: 0

    Feel free to curse the White Yankee Devil, but pump the oil and don't make waves.

    You'll be happier.

    1. Re:Maybe they should just stop their warmongering. by Johann+Lau · · Score: 2

      You know, the Iranian revolution in '79 was co-opted by murderous poopyheads who have had their grip on the country since then, right? My point is that your beef is, by and large, not with Iranians, especially not with the younger generation. There is nothing to gain and a lot to loose by missing this.

      But first you kinda have to drop this attidude of talking down to servants, just because the guys who hold your collar can beat up the guys holding theirs. That is beyond pathetic.

    2. Re:Maybe they should just stop their warmongering. by Anonymous Coward · · Score: 0

      Watch out, he'll tell you to Argofuckyourself.

    3. Re:Maybe they should just stop their warmongering. by Anonymous Coward · · Score: 0

      That, silence, non-sequiturs.. is all the same to me.

    4. Re:Maybe they should just stop their warmongering. by Anonymous Coward · · Score: 0

      Funny how in your question you cite EXACTLY what Iran has been doing.

  4. don't need Irant anyway by swschrad · · Score: 3, Interesting

    but the real fun is when some nitwit turns the worms loose on the so-called "smart grid," which has more holes than security.

    --
    if this is supposed to be a new economy, how come they still want my old fashioned money?
    1. Re:don't need Irant anyway by Anonymous Coward · · Score: 0

      hehe, yeah. That's a dirty little secret we'd rather keep to ourselves. Smart grid has all the characteristics of swiss cheese. It's soft & full of holes. The wireless meetering alone should be enough to suggest to anyone that they're on the wrong track there.

  5. Must be the "I love you virus" by Anonymous Coward · · Score: 0

    http://www.israelovesiran.com/
    Link related.

  6. Dear Iran by Osgeld · · Score: 4, Informative

    Fix your shit or quit complaining that the same basic attack keeps infecting your systems

    thank you

    1. Re:Dear Iran by Anonymous Coward · · Score: 0

      Oh my diddly kikerino

    2. Re:Dear Iran by AmiMoJo · · Score: 1

      TFA mentions that the attacks failed. TFS is misleading.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    3. Re:Dear Iran by IamTheRealMike · · Score: 1

      In what universe was Stuxnet a "basic attack"? Did you ever read how it worked?

    4. Re:Dear Iran by dropadrop · · Score: 1

      Fix your shit or quit complaining that the same basic attack keeps infecting your systems

      thank you

      Because changing a countries complete IT infrastructure to a new platform is something that can be done in a blink of an eye? With every attack I would imagine we will get closer to Iran moving to a really controlled environment, but weather that is a huge fix is another issue (I would imagine the US and Israel have the capability to infect anything they wish).

  7. A warning by Black+Parrot · · Score: 4, Insightful

    Commerce, industry, governments, and militaries need to get *real* serious about computer security. If intelligence operatives can make attacks on critical infrastructure now, script kiddies will be able to do it before too many years. People will be shutting down critical industry just for the lulz.

    --
    Sheesh, evil *and* a jerk. -- Jade
    1. Re:A warning by Anonymous Coward · · Score: 1

      Script kiddies can do it right now, but most of them aren't as malicious as governments.

    2. Re:A warning by Billly+Gates · · Score: 2

      How about we can start by taking these PLCs off the internet!

      I am mortified by the responses I see here with PHBs wanting live reports from their cell phones on the nuclear power plant and IT willing to do it and how they all use XP SP 2 unpatched with no AV software!

      --
      http://saveie6.com/
    3. Re:A warning by AHuxley · · Score: 2

      The most interesting aspect is most/many/all? script groups that come to the surface seem to be owned top down or at an admin level or mixed in with many informants/agents/agents provocateurs.
      COINTELPRO showed the way, PATCON Patriot-conspiracy http://www.foreignpolicy.com/articles/2012/04/18/patriot_games provided insight into the 1980-90's efforts within the USA - using domestic and EU staff to form, control and guide groups within the USA.
      Now you have the "so much so that 1 in 4 hackers may now be an informant, according to some experts." quote.
      http://www.npr.org/2011/06/11/137125799/hackers-and-clouds-how-secure-is-the-web
      The idea of any long term group not been compromised or used as bait or tracked is getting more hard to believe.
      As for Iran all the 'new' posters to slashdot seem to drop in to tell us past code efforts could only be used for a subset of unique, exotic nuclear hardware.
      I guess some governments have a list of other unique hardware and now have the political cover to expand their efforts.

      --
      Domestic spying is now "Benign Information Gathering"
    4. Re:A warning by Anonymous Coward · · Score: 0

      Have you been paying attention to what has been going on the last few years?

    5. Re:A warning by Anonymous Coward · · Score: 0

      I call BS. An unpatched XP SP2 exposed to the internet is a goner within minutes. Nobody could use it for anything.

    6. Re:A warning by Hentes · · Score: 1

      Some already do. Although this is more of a hardware hack.

    7. Re:A warning by Anonymous Coward · · Score: 0

      Just because it's powned doesn't mean it's not useful. Plug in an unpatched XP box (even running SP2) and it will be infected within 30 seconds. But it will still continue to operate most likely as the malware market has shifted from outright destruction to the creation of zombie armies. When it becomes apparent that one of these systems is a part of a botnet it will become much more valuable to the botnet commander. That's the real problem.

      Sometimes these systems need to run an older insecure version of the OS, but they should be physically isolated from the Internet. I kid you not. I was at a seminar not long ago and spoke with an engineer from the oil/gas industry. The system they were running could not run on anything newer than Windows NT. Increasingly because of regulation, management demand, and IT not being security concsious these are being connected in some fashion to the Internet. It's easy to say were not going to connect these systems to the internet, but when the government demands real time data exchange with partners (under penalty of fines) it makes it kind of hard to do that. When management says "oh I'd like to monitor our SCADA systems on my smartphone" it also makes it hard especially when the IT folks know that if you don't give manament what they want they'll get rid of you and find someone who will.

    8. Re:A warning by Anonymous Coward · · Score: 0

      I have paid attention, where do you want to start?

      ISP Spying
      NSA Spying
      Commercial Spying
      Telco Spying

      That's it your toast, if the spies want you to be toast. Fuck the rule of law and the US Constitution. (they say, not me)

      I say

      RESTORE THE US CONSTITUTION

      arrest the fucking
      BANKSTERS
      OATH BREAKERS
      LOGAN ACT vs UN/IPCC/ICLEI/CARBONTAX/GREENSHIT infiltration'

      Oh and where's Hillary? 2 weeks sick now. or is it 2 weeks of TREASON?!
      Gun Ban? You want a civil war right?

  8. ok i admit i did it by Anonymous Coward · · Score: 0

    I ran comet cursor on one of the atm terminals when i was in tehran

  9. Americans by Billly+Gates · · Score: 1

    Do not be surprised when you have a nuclear meltdown or be without power for a few days during a grid outage. You brought this on yourselves and Iran has every right to attack back!

    If this does happen then the PHBs and IT needs to be jailed for negligence if any of these live systems are on the internet with their PLCS. Good LORD what the hell were you thinking?

    --
    http://saveie6.com/
    1. Re:Americans by Anonymous Coward · · Score: 0

      No, when this happens they'll just fire the IT people for being incompetent. Don't you know how this works yet?

  10. The nature of the attack by Taco+Cowboy · · Score: 1

    Presumably the Stuxnet virus was released to retard the development of Iranian nuclear program.

    Wonder what's the real aim for this latest round of stuxnet-like virus?

    --
    Muchas Gracias, Señor Edward Snowden !
    1. Re:The nature of the attack by Anonymous Coward · · Score: 0

      Presumably the Stuxnet virus was released to retard the development of Iranian nuclear program.

      Wonder what's the real aim for this latest round of stuxnet-like virus?

      To cause their generators to spin out of control and break slinging UF6 everywhere.

      --

      Posted from my PLC.

  11. enlighten me... by babai101 · · Score: 5, Informative

    Shouldn't these heavy industries and Iranian defense systems dump windows and use linux considering these are mainly virus and malware. A legitimate hack cannot be stopped but spreading of these malwares would be so much slower in a hardened linux system, and many script kiddies would be stopped too.

    1. Re:enlighten me... by AHuxley · · Score: 1

      Think back to the early UK, US, Soviet, French, South African mil efforts. When a gov tells its country to move into a new area of dev, they rush out to buy whats on the open market, read up and build on what they know and what can be found from spying.
      If your cash flow is low/import issues you put your cash into hardware and software you cannot do without and fill in the gaps the best you can.
      Windows offers fast, 'easy' engineering interfaces with political cover. Buying an EU bespoke hardened linux 'unit' only offers another weak point before its shipped.
      Staff still have to enter the country to fix, update, expand and will be debriefed by their respective govs or get noticed for shipped to exotic locations with no trade history. A lucrative deal gets looked at as a positive and then it all gets discovered.....
      A device for education/industry running windows might just be more easy to 'fix' onsite vs a bespoke 'unit' that has been messed with at hardware level during production and will never work.

      --
      Domestic spying is now "Benign Information Gathering"
    2. Re:enlighten me... by Anonymous Coward · · Score: 1

      Iran probably doesn't have enough people sufficiently skilled with Linux to pull this off.

      If their internet was a little more open, they might have more home-grown skill for the kinds of things you learn by having unrestricted access to the web-at-large.

    3. Re:enlighten me... by Anonymous Coward · · Score: 0

      If you hack my s3 'millions' (hundreds ... insert whatever monetary scale you wish) of dollars in damage don't occur....nor do I run the risk in bombing you or being bombed into the stone age.

      I've been a Windows admin for 20 years and if I ran such a porous network such as this, I should get fired (or taken out back and shot or whatever they would do to this admin staff) ... I would think Iran has some pretty bright engineering students who could build their own hardened systems and curtail all of this cloak and dagger shit .... the fact their systems rely on Microsoft products (which if poorly managed are very porous) but that the fact it comes from the USA they should be the LEAST bit suspicious that it's been backdoored or can be.

      I guess I'm glad they continue making these mistakes of poor security but not thrilled with the fact this will lead us into another pointless war sooner or later.

    4. Re:enlighten me... by SomePgmr · · Score: 1

      I figured many of these industrial control systems probably work with vendor supplied software developed for windows. So in places where you need that kind of hardware you end up with windows machines.

    5. Re:enlighten me... by Pieroxy · · Score: 1

      First of all, if those attacks are made by armies of professional hackers specifically targeting their installation, chances are that Linux won't offer much protection.

      Second, I suspect that most of these industrial systems rely on custom hardware whose drivers only exists for Windows. That would make a migration pretty expensive.

      --
      Write boring code, not shiny code!
    6. Re:enlighten me... by dj245 · · Score: 1

      It isn't so easy.

      Say you buy a small steam turbine because you need extraction steam as part of a heating process. Every OEM I can think of uses a dedicated controller to control overspeed protection, load control, overtemperature control, temperature mismatch lockouts, etc. BUT they all use proprietary Windows software to interface with that controller.

      Many industrial pieces of equipment along your process work like this. Proprietary PID controller with access to it via Windows. Are you going to write custom software for every single piece of equipment along the whole process? Keep in mind that it took the OEM several years to write, test, and refine their software to the point where their equipment is reliable and safe.

      --
      Even those who arrange and design shrubberies are under considerable economic stress at this period in history.
    7. Re:enlighten me... by cheesybagel · · Score: 1

      You would be surprised. I often see Iranian CS research papers at international conferences and they don't seem stupid or basic quite the contrary. They seem to have a better grasp of mathematics than the average. I don't see them having many issues switching to Linux assuming they are not using it already. The issue with these industrial machine tools is that they come with custom Windows drivers so they do not run on anything but Windows.

    8. Re:enlighten me... by Anonymous Coward · · Score: 0

      Shouldn't these heavy industries and Iranian defense systems dump windows and use linux considering these are mainly virus and malware. A legitimate hack cannot be stopped but spreading of these malwares would be so much slower in a hardened linux system, and many script kiddies would be stopped too.

      Just to clarify: Stuxnet was a very specific, very well targeted attack, infecting Programmable Logic Controllers which were not connected to the Internet, through a devious delivery mechanism that involved (apparently) infected thumb drives that may or may not have been DELIBERATELY plugged into laptop computers by spies on the premises. So what it boils down to is, IT-level security was not so much of an obstacle for the attackers. They overcame other hurdles gracefully and did the job, and just the use of Linux instead of Windoze (which was not viable in the first place because those Siemens PLC's were managed through Win-only programming and configuration software running on the aforementioned laptops, but still) would not have stopped them. For all we know, this new attack may (or may not) have been similar.

    9. Re:enlighten me... by Anonymous Coward · · Score: 0

      A) SCADA systems are not Windows or Linux. They are industrial systems with a completely separate method of operation.

      B) Can we please get over the ridiculous notion that Windows cannot be hardened? Shit, I love Linux, and the only machine I run Windows on is a Virtual one, but the idea that there are not adequately secure Windows systems out there is to simply ignore the reality of things. MOST Windows systems are insecure, but then, by default, your average Linux distribution (especially in the Ubuntu/Mint age...) tends not to be a paragon of security either. Systems tend to be at most as secured as they need to be, at least by most of the general public (and you're lucky if they're that secured in your average penny pinching corporate environment...), but with sufficient will to do so, any of your major systems out there can be gotten quite secure. Now, as for malware... Worms, Trojans, and Logic bombs all exist in the world of *nix. It is true that virii have never really gotten a foothold on *nix, largely due to the inherent permissions in the filesystem by default (which are something quite available on Windows, though the default settings are not particularly locked down). However, if I recall correctly, Stuxnet appeared to be primarily a worm with some virus like properties. The idea that something of this type could not be written for a *nix system, if an attacker had reason to be coding for *nix instead of Windows, seems to be a bit naive.

  12. Not Look Like Real One by Anonymous Coward · · Score: 0

    After Encounter with actual Stuxnet ,Iran's CERT is flagging every simple malware as stuxnet like ,previously they make a statement about a "wiper Like" malware that was actually a bat script,I think they need to understand every thing they are getting is not targeted malware ,sometime they are just random malwares who just spread themmself

  13. who reads the subjects? by Anonymous Coward · · Score: 0

    These sort of attacks are tantamount to declaring war.

    These attacks are very clearly state-sponsored.

    How long will Iran continue to be provoked?

    1. Re:who reads the subjects? by benjfowler · · Score: 0

      Shilling for these muslim dogs?

      When the first shots are fired, AC, I hope you're the first to die.

    2. Re:who reads the subjects? by Anonymous Coward · · Score: 0

      ...and breaking treaties isn't??? I think they're going to be enduring this sort of thing for as long as it takes them to quit being treatcherous assholes.

    3. Re:who reads the subjects? by Anonymous Coward · · Score: 0

      Then you deserve to die more than you claim he does. And you know it.

  14. if only iranian workers by Anonymous Coward · · Score: 0

    would quit looking at pr0n online.. they might not get infected with so many viruses.

  15. Sniff. by PacRim+Jim · · Score: 1

    Hand me a Kleenex.

  16. Iran claims.... by Anonymous Coward · · Score: 0

    I call bullshit.

  17. The hackers ethic... by 3seas · · Score: 1

    http://en.wikipedia.org/wiki/Hacker_ethic
    "Mistrust authority — promote decentralization" and the rest...

  18. i wonder by Anonymous Coward · · Score: 0

    Is there anyone left who gives a FUCK about anything iran says anymore?

  19. Iranian STUDENTS news agency by Anonymous Coward · · Score: 0

    There is no news agency run by STUDENTS. It's another Iranian government method of disseminating information.

    It's easy to blame the "US AND ISRAEL" but the two rarely act in concert.

    Here's your two cent summary: Iran is a third world country full of lying dogs and once again they clicked on "I accept" on Windoze" and instead of blaming themselves or Microsoft blame everyone else.

    One day they will be dead and none of us will cry.

    J

  20. It's the will of allah... by Anonymous Coward · · Score: 0

    ... so just suck it up!!!

  21. Those in glass houses... by Nexion · · Score: 1

    throw stones to get an excuse to attack Iran, and you can bet our being attacked will help keep the patriot act going for another decade.

  22. I thought they would learn by now by Pegasus · · Score: 1

    Seriously, if I were Iran, I'd be installing OpenBSD on all critical infrastructure from day one when it became obvious that stuxnet damaged Natanz. As much as I like country and people of Iran, I have serious doubts of the mental capabilities of their leadership.

    1. Re:I thought they would learn by now by fnj · · Score: 1

      I think the message is not to get roped into imported industrial infrastructure with or without tie-ins to sack of shit operating systems like Windows. Iran has plenty of home grown technical expertise. We are not talking about some backwater here. The next nuclear players - and believe me, they WILL be coming - will get the message, but I can't think of any likely ones with anything like the native talent that Iran has.

  23. They're Muslims by benjfowler · · Score: 0

    ... and by definition, lying Third World scum (because of al-Taqqiya, they're allowed to deceive and lie to us dirty kuffars).

    Don't believe a word these pigs say.

    1. Re:They're Muslims by Anonymous Coward · · Score: 0

      There's a reason the piss colored people (arabs) ended up in sand. They and their relatives (jews a religious cult) got banished in antiquity for being a pack of deceitful shit to the deserts, and nobody sane would live there. They are nothing but troublemaking little slime.

  24. Meanwhile In The West... by Anonymous Coward · · Score: 0

    fancy new shiny, BYOD and Cloudy services swamp the market. Mostly with security taking a backseat to convenience and shiny. While Iran struggles against cyber issues and strengthens its security measures, Westerners embrace gaping security holes with a cavalier 'what could possibly go wrong' attitude. I can't help but wonder what the results will be if the battle shifts.

  25. Are they stupid? by slashmydots · · Score: 2

    Maaaaybe they should keep their industrial equipment and controlling computers OFF THE INTERNET, seeing as how they have no reason to be on the internet. Then set up a bulletproof VLAN and you're a hell of a lot better off than now.

    1. Re:Are they stupid? by Anonymous Coward · · Score: 0

      Err, the SCADA systems Stuxnet targetted WERE off the Internet, however, the malware was spread through USB sticks used by the Russian technicians, having gotten there by infecting other computers being used with the same USB sticks that were on the Internet. So no, they aren't stupid, at least as much as you seem to be suggesting.

  26. Re:Cheers To You Mr. Kangaroo! by Anonymous Coward · · Score: 0

    What you need is an entire roll of tin foil. In fact, you'd better make it 2-3. Wrap your whole house in it, and sink it to ground.

  27. Big business by Anonymous Coward · · Score: 0

    Cyberwar will be big business for the war profiteers that have been vampircally sucking the US dry. Oh well, I'd rather them bankrupt us with smoke and mirrors than real world terror and murder.

  28. An Internet virus? by dgharmon · · Score: 1

    "An Internet virus attacked computers at industrial sites in southern Iran, in an apparent extension of a covert cyber war that initially targeted the country's nuclear facilities, an Iranian official said."

    Would this "Internet virus" be Microsoft Windows only?

    --
    AccountKiller