Skip to main content

Iranian government backpedals on claims of rebuffed virus

The Iranian government in recent months reportedly rebuffed a Stuxnet-like Internet virus targeting infrastructure in the country's southern province of Hormuzgan. But new reports indicate officials weren't 100 per cent successful at containing the malware.

An apparent extension of the 2010 Stuxnet virus reportedly developed jointly by the US and Israel with the intention of shutting down Iran's nuclear program, the recent attack was blamed by the government on the same adversaries who created and released Stuxnet two years ago.

But news reports out of Iran were confusing. Some reports held that the government, which controls Iranian media, halted the attack with "the cooperation of skilled hackers," according to civil defence chief Ali Akbar Akhavan, who was quoted by the Iranian Students' News Agency (ISNA).

The "Stuxnet-like" malware hit southern Iran's computer systems over the "past few months," early reports said.

But updated accounts this week denied officials' ability to repel the attacks, but offered little further information about the spread of the virus.

"At a press conference we announced readiness to confront cyber attacks against Hormuzgan installations, which was mistakenly reported by the agencies as a cyber attack having been foiled," Akhavan said in a statement to the ISNA.

Officials in Iran's capital of Tehran pointed their fingers at the US and Israel, accusing the countries of planting the malware.

Kaspersky Lab discovered the Stuxnet worm in 2010, reporting on its exploitation of an unusual number of different security weak spots, in particular, attacking Supervisory Control and Data Acquisition (SCADA) systems.

Almost two years later, it was discovered that the virus began its life under the Bush administration, and continued into President Obama's first term in office. Intended to affect only the Natanz plant in Iran, it was mistakenly unleashed on the global Web.

Iran has been the recipient of various malware attacks, including the Flame strain, launching at least 189 infections in late May, before the Gauss cyber threat targeted the Middle East in August. The similar Duqu virus hit computers in Iran in late 2011, but those agencies hit kept the virus under control.