Latest cyberattack on Iran targets oil export facilities
Computer servers at the government oil ministry and the National Iranian Oil Co. are the apparent target of a cyberattack via a data-deleting virus, Iranian officials have acknowledged. Previous attacks struck at Iran's nuclear program.
Gas flares from an oil production platform, as an Iranian flag is seen in the foreground, at the Soroush oil fields in the Persian Gulf, some 776 miles south of the capital Tehran, in this July 2005 file photo.
Raheb Homavandi/Reuters/File
Iran's oil export facilities are the apparent target of computer malware, an attack that penetrated computer servers at both the government oil ministry and the National Iranian Oil Co.
Skip to next paragraphSubscribe Today to the Monitor
The cyberattack – one of several Iran has endured over the past few years – comes as Iran and an international coalition of six nations, including the US, prepare for more talks next month over the extent of Iran's nuclear ambitions. To put pressure on Iran to cooperate with efforts to verify the scope of its nuclear program, the United States has been discouraging the international community from buying Iranian oil.
Initial reports from Iran are that a computer virus, dubbed "Viper," wiped data from the targeted servers.
RECOMMENDED: Iran sanctions 101
Alireza Nikzad, a spokesman for Iran's oil ministry, told the Fars news agency, which has ties to the government, that Sunday's attack was a "virus" that "attempted to delete data on oil ministry servers." Another Iranian news agency cited Mr. Nikzad as identifying the virus as Viper.
"This cyberattack has not damaged the main data of the oil ministry and the National Iranian Oil Company (NIOC) since the general servers are separate from the main servers; even their cables are not linked to each other and are not linked to Internet service," Nikzad said in the reports. "We have a backup from all our main or secondary data, and there is no problem in this regard."
But in another statement posted on the oil ministry's news website, SHANA, Nikzad said the virus did indeed wipe some data from official servers – but with limited damage, Agence France Presse reported.
"To say that no data was harmed is not right. Only data related to some of the users have been compromised," Nikzad said, according to AFP. Websites of the Iranian oil ministry and NIOC were also knocked offline, reports said.
Authorities told Iranian news agencies that oil exports were not disrupted. At least 80 percent of Iranian oil is shipped from Kharg Island, the nation's big export terminal.
The cyberattack on Iran's oil facilities could be perpetrated by a nation sending Iran a not-too-subtle message: Start negotiating with the international community over your nuclear weapons program or lose the ability to export oil, say some US cyberwarfare experts. Or, it could be the work of a lone hacker taking a digital potshot.
Either way, Iran is expected to take the attack seriously, these experts say.
"It looks like this virus was not designed to attack the industrial control systems that operate Iran's oil-pumping operations," says John Bumgarner, research director for the US Cyber Consequences Unit, a nonprofit security think tank that advises government and industry. "If it had been, the attackers could have done serious damage to those plants. By taking over servers and wiping the data so they can't function, that's only a temporary disruption – possibly one designed mainly to send a message like, 'We are in your oil export system, so you better start negotiating.' "
These comments are not screened before publication. Constructive debate about the above story is welcome, but personal attacks are not. Please do not post comments that are commercial in nature or that violate any copyright[s]. Comments that we regard as obscene, defamatory, or intended to incite violence will be removed. If you find a comment offensive, you may flag it.