Iranian oil sector under cyber attack

An enigmatic virus has reportedly infected various computer networks administering key aspects of Iran’s lucrative oil sector. 

The virus has prompted government officials in Tehran to form a “cyber crisis team” and unplug Kharg island – Iran’s main oil export terminal – from the Internet.

Iranian oil ministry Alireza Nikzade claimed the worm “failed to harm the main data of the ministry,” but acknowledged “damage to general information and data.”

“This cyber attack has not damaged the main data of the oil ministry and the National Iranian Oil Company (NIOC) since the general servers are separate from the main servers, even their cables are not linked to each other and are not linked to Internet service,” Nikzad explained. 

“[Yet], to say that no data was harmed is not right. [Still], only data related to some of the users have been compromised.”

It remains unclear if the latest virus – like the Stuxnet worm – was deliberately introduced to corrupt industrial processes and cause actual physical damage 

“There is no indication that this is definitely a targeted attack from outside,” cyber security specialist Ali Jahangiri told Reuters. “It could be a technical failure inside the oil ministry’s communications own systems.”

However, John Bumgarner, a security specialist at the US Cyber Consequences Unit think tank, believes a virus coded to deliberately target Iran’s oil sector remains a definite possibility.  

“The reason you would put a virus inside this network to erase data is because that causes those facilities to have to shut down.
.. So during that time the production and refinery operations for Iran could be impacted. And depending on how the virus was written, it could be longer term,” he added.