Malware cuts Iran oil artery from the net

Powered by SC Magazine
 

SCADA-based malware 'rare'.

Malware has damaged key parts of Iran’s oil sector, forcing the country's main export terminal offline.

The Kharg Island terminal is responsible for exporting 90 percent of Iran’s oil and was disconnected along with an unknown number of other facilities across the country.

Mehr News said the disconnection had not disrupted crude oil production and exports. 

Sanctions imposed against the country had already done that. Reuters reported yesterday that more than half of Iran's supertanker oil fleet is being used to store crude at sea in the Gulf.

Iran news agencies reported that the malware had cut internet access but was “detected before it could infect other systems”. 

Details on the malware and precisely what it was designed to do are unknown.

However the response has been to halt the operation of critical infrastructure facilities while attempts are made to purge the malware.

Most malware is not designed to attack critical infrastructure but rather underlying operating systems.

Supervisory control and data acquisition (SCADA) and Distributed Control System applications were often dependant on Windows or Unix operating systems which, if attacked, could have the same effect as targeting the control system directly. 

“There are about 250 vulnerabilities in vendor-specific SCADA platforms, but if someone can hack into the underlying Windows or Unix environment using a vulnerability, they can go up into the SCADA system just as if they broke into the [control] system itself,” Lofty Perch director and chief scientist Mark Fabro told SC Magazine. 

In addition, traditional incident response mechanisms like running anti-virus could erase files critical to the SCADA systems, potentially doing more damage than the infection alone.

Despite media facination with SCADA-based malware, few instances of it exist. The discovery of Stuxnet and its smaller derivative Duqu were two prominent exceptions, the former having famously damaged Iran’s uranium enrichment program.

Copyright © SC Magazine, Australia


Malware cuts Iran oil artery from the net
 
 
 
Top Stories
At the top of her game
A decision to bring digital operations back in-house three years ago has paid big dividends for Tabcorp.
 
Westpac hires SAP man as CTO
Creates four new IT lead positions.
 
Qld Transport to replace core registration system
State's biggest citizen info repository set for overhaul.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  38%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  21%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  5%
TOTAL VOTES: 983

Vote