Iran is investigating a suspected cyber attack on its main oil export terminal and on the Oil Ministry itself, Iranian industry sources said on Monday, April 23, according to Reuters.
A virus was detected inside the control systems of Kharg Island – which handles the vast majority of Iran’s crude oil exports – but the terminal remained operational, a source at the National Iranian Oil Company (NIOC) said.
The virus, which is likely to draw comparisons with the Stuxnet computer worm which reportedly affected Iranian nuclear facilities in 2009-10 [ID:nPOM731768], struck late on Sunday.
It hit the internet and communications systems of Iran’s Oil Ministry and of its national oil company, the semi-official Mehr news agency reported. Computer systems controlling a number of Iran’s other oil facilities have been disconnected from the Internet as a precaution, the agency added.
Hamdullah Mohammadnejad, the head of civil defense at the oil ministry, was reported as saying Iranian authorities had set up a crisis unit and were working out how to neutralize the attacks.
IT systems at the oil ministry and at the national oil company were also disconnected to prevent the spread of any virus, the Mehr news agency said.
The oil ministry’s own media network, Shana, quoted a spokesman as saying some data had been affected but that there was no major damage.
Iran’s nuclear program is thought to be the principal target of the Stuxnet worm – discovered in 2010 – the first virus believed to have been specifically designed to subvert industrial systems.
U.S.-based think-tank, the Institute for Science and International Security (ISIS), said that in late 2009 or early 2010 about 1,000 centrifuges – machines used to refine uranium – out of the 9,000 used at Iran’s Natanz enrichment plant, had been knocked out by the virus – not enough to seriously harm its operations.
Iranian officials have accused the United States and Israel of developing the virus to sabotage its atomic program, an allegation neither country has commented on.