Iran Confirms Shut-Downs After Cyberattacks On Two Government Organizations
Iran has suffered two cyberattacks leading to the shutting down of some government services, according to a statement issued on Wednesday [October 14] by the Ministry of Information and Communications Technology (ICT). Social media users have named the Ministry of Roads and Transportation and the Ports and Maritime Organization (PMO) as the targets, and also suggest some banks have been affected.
Confirmation of the attacks came from the ICT Ministry’s Center For Cyber Support and Operation Coordination, which they had been on “two government organizations” and had led to the “temporary shutdown of services” as a security precaution. “There is no evidence of widespread attacks on a big number of government organizations other than the two,” the statement said, without giving further information.
One Twitter user naming the targets as the PMO and the Transport Ministry suggested the attack has employed the ransomware Harma, which infects computer systems, encrypting data to make it unusable. Another Twitter user claimed the attack had destroyed software in use at the PMO and suggested Israel was responsible.
Other Twitterati have reported internet shutdowns. “I think Iran’s Internet [connection to the global web] has been reset. I’ve lost all my cookies and credentials and been signed out of all services,” wrote one user. Comments on the post reported lost Internet connections at work on Tuesday, while some university students reported the cancellation of online classes.
Zoomit, an IT information website, in an article on Tuesday said government companies and organizations had been warned not to update systems, anti-virus software or firewalls, in order to avoid connecting to the government Intranet known as the National Information Network (NIN), and not to provide distance access to any servers or to information and operational systems.
In 2011 Iran’s nuclear facilities were infected with the Stuxnet virus. In December 2019 Communications Minister Mohammad-Javad Azari-Jahromi said there had been a “massive state-sponsored cyber-attack” on government cyber infrastructure and websites and that Iran’s homegrown firewall, DEZHFA, had warded off 33 million cyberattacks. In May, Iran reported a “failed cyberattack” against the port of Bandar Abbas in the Strait of Hormuz.
There has been speculation that recent fires and explosions at Iran’s nuclear and military facilities were due to cyberattacks. An explosion at the Natanz atomic facility in July set back Iran’s enrichment program, possibly for several years. The Atomic Energy Organization of Iran said on July 5 it had determined the cause of the blast but would not reveal it on security grounds.