Malware cuts Iran oil artery from the net

Powered by SC Magazine

SCADA-based malware 'rare'.

Malware has damaged key parts of Iran’s oil sector, forcing the country's main export terminal offline.

The Kharg Island terminal is responsible for exporting 90 percent of Iran’s oil and was disconnected along with an unknown number of other facilities across the country.

Mehr News said the disconnection had not disrupted crude oil production and exports. 

Sanctions imposed against the country had already done that. Reuters reported yesterday that more than half of Iran's supertanker oil fleet is being used to store crude at sea in the Gulf.

Iran news agencies reported that the malware had cut internet access but was “detected before it could infect other systems”. 

Details on the malware and precisely what it was designed to do are unknown.

However the response has been to halt the operation of critical infrastructure facilities while attempts are made to purge the malware.

Most malware is not designed to attack critical infrastructure but rather underlying operating systems.

Supervisory control and data acquisition (SCADA) and Distributed Control System applications were often dependant on Windows or Unix operating systems which, if attacked, could have the same effect as targeting the control system directly. 

“There are about 250 vulnerabilities in vendor-specific SCADA platforms, but if someone can hack into the underlying Windows or Unix environment using a vulnerability, they can go up into the SCADA system just as if they broke into the [control] system itself,” Lofty Perch director and chief scientist Mark Fabro told SC Magazine. 

In addition, traditional incident response mechanisms like running anti-virus could erase files critical to the SCADA systems, potentially doing more damage than the infection alone.

Despite media facination with SCADA-based malware, few instances of it exist. The discovery of Stuxnet and its smaller derivative Duqu were two prominent exceptions, the former having famously damaged Iran’s uranium enrichment program.

Copyright © SC Magazine, Australia

Malware cuts Iran oil artery from the net
Top Stories
Australia passes data retention into law
Mammoth last-ditch effort by Greens, indies knocked back.
Turnbull introduces bill to block piracy websites
Takes ownership of legislation from Brandis.
ATO to kill off e-Tax
Veteran software to be replaced by more modern myTax.
Sign up to receive iTnews email bulletins
Latest Comments
Do you support the Government's data retention scheme?

   |   View results