Malware cuts Iran oil artery from the net

Powered by SC Magazine

SCADA-based malware 'rare'.

Malware has damaged key parts of Iran’s oil sector, forcing the country's main export terminal offline.

The Kharg Island terminal is responsible for exporting 90 percent of Iran’s oil and was disconnected along with an unknown number of other facilities across the country.

Mehr News said the disconnection had not disrupted crude oil production and exports. 

Sanctions imposed against the country had already done that. Reuters reported yesterday that more than half of Iran's supertanker oil fleet is being used to store crude at sea in the Gulf.

Iran news agencies reported that the malware had cut internet access but was “detected before it could infect other systems”. 

Details on the malware and precisely what it was designed to do are unknown.

However the response has been to halt the operation of critical infrastructure facilities while attempts are made to purge the malware.

Most malware is not designed to attack critical infrastructure but rather underlying operating systems.

Supervisory control and data acquisition (SCADA) and Distributed Control System applications were often dependant on Windows or Unix operating systems which, if attacked, could have the same effect as targeting the control system directly. 

“There are about 250 vulnerabilities in vendor-specific SCADA platforms, but if someone can hack into the underlying Windows or Unix environment using a vulnerability, they can go up into the SCADA system just as if they broke into the [control] system itself,” Lofty Perch director and chief scientist Mark Fabro told SC Magazine. 

In addition, traditional incident response mechanisms like running anti-virus could erase files critical to the SCADA systems, potentially doing more damage than the infection alone.

Despite media facination with SCADA-based malware, few instances of it exist. The discovery of Stuxnet and its smaller derivative Duqu were two prominent exceptions, the former having famously damaged Iran’s uranium enrichment program.

Copyright © SC Magazine, Australia

Malware cuts Iran oil artery from the net
Top Stories
Soft drinks and SoftLayer: A solution for hard times?
Coca-Cola Amatil's CIO Barry Simpson shares his story of cost-cutting, outsourcing and why his software developers to ride around in delivery trucks.
Optus considers breaking net neutrality in Australia
May charge Netflix, OTT providers for premium service.
AGL restructure sees CIO depart
Owen Coppage to leave after ten years.
Sign up to receive iTnews email bulletins
Latest Comments
Do you support the Government's data retention scheme?

   |   View results