Iran’s minister of telecommunications announced that the country stopped a second major cyberattack this week. Tweeting about the incident, Mohammad Javad Azari-Jahromi said the attack targeted the country’s electronic government systems.
The tweet was short, without additional details. He did say that the attack used “the well-known APT27”, which many are linking to Chinese state-sponsored actors.
Earlier last week, on Wednesday, Jahromi told the country’s official news agency Irna that the country’s electronic infrastructure was under a “massive” cyberattack. Iran’s state agencies and infrastructure are often under cyberattacks. This June, the country’s weapons systems have also come under cyberattack by the US, when it had its computer systems managing rockets and missile launchers disabled.
According to the BBC, the attack came as retaliation for Iran shooting down a US drone and allegedly attacking oil tankers.
Iran was also on the receiving end of Stuxnet – one of the deadliest malwares to have ever been created. In summer 2010, Stuxnet hit the Iranian nuclear program, bringing centrifuges used to enrich uranium gas offline.
Even though nobody officially took responsibility for the creation and distribution of Stuxnet, word on the street is that it was a joint US/Israel military operation aimed at slowing down the Iranian nuclear program.
Iran continues its trade war with the US, ever since the latter pulled out of the 2015 nuclear deal. The Donald Trump administration said it would impose further “major” sanctions on Iran.