Iran's oil ministry has admitted that its website and systems came under cyber-attack at the weekend.
The Mehr News Agency, the semi-official arm of the Iranian regime, reported yesterday that Iran's main oil terminal on Kharg Island was disconnected from the internet after the attacks were detected, and targeted email systems were also taken offline. Iran was keen to emphasise that the systems were taken down by themselves as a precaution, not by the cyber-criminals.
A Ministry of Petroleum spokesman acknowledged the attacks on the oil ministry, and Kharg Island facility, but noted that critical systems at the targets weren't under any threat, as they were isolated from the net anyway.
However, the cyber-attackers did damage some data - which was later restored by back-ups - and some user data from the exploited sites was also stolen.
As to who was behind the incident, that isn't clear, but it's not the first time - and it won't be the last - that Iran has faced a cyber-attack. The country has famously been hit by Stuxnet in the past, and Duqu since then.
Liam O Murchu, manager of operations at Symantec's security response team, commented that "one of the industries that Duqu targeted was the energy industry". But he also added there was no evidence to link Duqu with this current attack.
O Murchu's best guess is this incident probably wasn't worm-based, but an external attack aimed at the websites.
Source: Computerworld (opens in new tab)