Malware cuts Iran oil artery from the net

Powered by SC Magazine
 

SCADA-based malware 'rare'.

Malware has damaged key parts of Iran’s oil sector, forcing the country's main export terminal offline.

The Kharg Island terminal is responsible for exporting 90 percent of Iran’s oil and was disconnected along with an unknown number of other facilities across the country.

Mehr News said the disconnection had not disrupted crude oil production and exports. 

Sanctions imposed against the country had already done that. Reuters reported yesterday that more than half of Iran's supertanker oil fleet is being used to store crude at sea in the Gulf.

Iran news agencies reported that the malware had cut internet access but was “detected before it could infect other systems”. 

Details on the malware and precisely what it was designed to do are unknown.

However the response has been to halt the operation of critical infrastructure facilities while attempts are made to purge the malware.

Most malware is not designed to attack critical infrastructure but rather underlying operating systems.

Supervisory control and data acquisition (SCADA) and Distributed Control System applications were often dependant on Windows or Unix operating systems which, if attacked, could have the same effect as targeting the control system directly. 

“There are about 250 vulnerabilities in vendor-specific SCADA platforms, but if someone can hack into the underlying Windows or Unix environment using a vulnerability, they can go up into the SCADA system just as if they broke into the [control] system itself,” Lofty Perch director and chief scientist Mark Fabro told SC Magazine. 

In addition, traditional incident response mechanisms like running anti-virus could erase files critical to the SCADA systems, potentially doing more damage than the infection alone.

Despite media facination with SCADA-based malware, few instances of it exist. The discovery of Stuxnet and its smaller derivative Duqu were two prominent exceptions, the former having famously damaged Iran’s uranium enrichment program.

Copyright © SC Magazine, Australia


Malware cuts Iran oil artery from the net
 
 
 
Top Stories
Meet FABACUS, Westpac's first computer
GE225 operators celebrate gold anniversary.
 
NSW Govt gets ready to throw out the floppy disks
[Opinion] Dominic Perrottet says its time for government to catch up.
 
iiNet facing new copyright battle with Hollywood
Fighting to protect customer details.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  26%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  22%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  25%
TOTAL VOTES: 346

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  58%
 
No
  42%
TOTAL VOTES: 144

Vote