Malware cuts Iran oil artery from the net

Powered by SC Magazine

SCADA-based malware 'rare'.

Malware has damaged key parts of Iran’s oil sector, forcing the country's main export terminal offline.

The Kharg Island terminal is responsible for exporting 90 percent of Iran’s oil and was disconnected along with an unknown number of other facilities across the country.

Mehr News said the disconnection had not disrupted crude oil production and exports. 

Sanctions imposed against the country had already done that. Reuters reported yesterday that more than half of Iran's supertanker oil fleet is being used to store crude at sea in the Gulf.

Iran news agencies reported that the malware had cut internet access but was “detected before it could infect other systems”. 

Details on the malware and precisely what it was designed to do are unknown.

However the response has been to halt the operation of critical infrastructure facilities while attempts are made to purge the malware.

Most malware is not designed to attack critical infrastructure but rather underlying operating systems.

Supervisory control and data acquisition (SCADA) and Distributed Control System applications were often dependant on Windows or Unix operating systems which, if attacked, could have the same effect as targeting the control system directly. 

“There are about 250 vulnerabilities in vendor-specific SCADA platforms, but if someone can hack into the underlying Windows or Unix environment using a vulnerability, they can go up into the SCADA system just as if they broke into the [control] system itself,” Lofty Perch director and chief scientist Mark Fabro told SC Magazine. 

In addition, traditional incident response mechanisms like running anti-virus could erase files critical to the SCADA systems, potentially doing more damage than the infection alone.

Despite media facination with SCADA-based malware, few instances of it exist. The discovery of Stuxnet and its smaller derivative Duqu were two prominent exceptions, the former having famously damaged Iran’s uranium enrichment program.

Copyright © SC Magazine, Australia

Malware cuts Iran oil artery from the net
Top Stories
Content, cost & constant innovation: How Foxtel plans to take on Netflix
Nell Payne inhabits the “brave new world of blue strings and networking”. Just don't ask her to put a TV screen on your microwave.
Sending in the drones
Margins are getting tighter in the industrial services industry, so Transfield Services' Stephen Phillips looks offshore - and to the skies - for the solutions he needs to keep pace.
Westpac fires starting pistol on core banking upgrade
St George readies itself for move to Celeriti.
Sign up to receive iTnews email bulletins
Latest Comments
Should Optus make a bid for iiNet?

   |   View results