Iran Remains Defiant in Confronting Cyber Attacks

Tuesday, February 14, 2012

Headlines

69dafe8b58066478aea48f3d0f384820

The Associated Press reports that Gholam-Reza Jalali, head of the Iranian Passive Defense Organization, is relatively confident that the nation's cyber defenses are adequate to protect sensitive networks from continued attacks.

"Most enemy threats target nuclear energy sites as well as electronic trade and banking operations... Iranian experts possess adequate knowledge to confront cyber threats. All nuclear facilities in the country are immune from cyber attacks... Many viruses are produced in the world every day, and (Iran’s) cyberdefense headquarters monitors them. So far there has been no destructive impact inside the country," Jalali said.

However, Jalali's self-assured statements run counter to documented damage sustained by the country's nuclear weapons programs in the wake of the Stuxnet virus infestations.

Iran is still struggling with the aftermath of the Stuxnet attacks more than a year after the attacks were discovered. The virus specifically targeted Siemens Programmable Logic Controllers (PLCs) used to control uranium enrichment centrifuges.

Stuxnet, first identified in 2010, is a highly sophisticated designer-virus that wreaks havoc with SCADA systems which provide operations control for critical infrastructure and production networks, and leading theories indicate that the malware was probably produced to stifle Iran's nuclear warhead ambitions.

The Stuxnet virus attacks are thought to have caused severe damage to Iranian uranium enrichment facilities and reportedly set back the nation's nuclear program by as much as several years.

Last spring, Iranian officials indicated they believed government systems were being targeted by a different malware strain dubbed "Stars".

"Certain characteristics about the 'Stars' virus have been identified, including that it is compatible with the (targeted) system. In the initial stage, the damage is low and it is likely to be mistaken for governmental executable files, Jalali stated at the time.

Jalali did not indicate which systems were infected with the virus or elaborate on the extent of the damage, but his statements confirmed that the malware had inflicted a measurable level of harm to the systems.

There were also suspicions that Iranian networks may have been infected with a Stuxnet-like modular malware strain called "Duqu".

Analysis showed that Duqu was designed primarily as a data harvesting tool meant to collect sensitive information and keystrokes on infected systems, and Jalali indicated that Iran did not find the infection to be of any significance.

"Doku [sic] has not created any troubles for Iranian industrial organizations," the Associated Press reported Jalali as stating.

Source:  http://www.washingtonpost.com/world/middle-east/iran-says-nuclear-facilities-under-periodic-cyber-attack-but-are-immune-to-the-threat/2012/02/13/gIQAVZnuAR_story.html

Possibly Related Articles:
10662
Viruses & Malware
SCADA malware Iran Military Cyberwar Attacks Stuxnet Headlines Network Security Siemens Programmable Logic Controllers Stars Industrial Control Systems DUQU plc
Post Rating I Like this!
Default-avatar
Rosaria Debiase We must consider Iran an Enemy to fight as soon as possible.His engagement in warfare must warn everyone before it's too late
1329376280
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.