Iran gets a Christmas visit from the notorious Stuxnet worm

Iran alleged that on Tuesday it has been experiencing a new rash of attacks on strategic computer systems.

A “Stuxnet-like” virus was discovered at the Bandar Abbas Tavanir, an electrical power production and distribution facility in Hormozgan Province, home to the container port of Bandar Abbas, which also hosts an oil refinery. An attack was also alleged against computers in the Culture Ministry, according to Iranian press reports quoted by the New York Times and the AFP.

The Iranian Students’ News Agency quoted Ali Akbar Akhavan, the head of the military’s Passive Defense Organization’s provincial branch as saying, “with timely measures and the cooperation of skilled hackers in the province, the progress of this virus was halted.” The PDO is responsible for defending the country against cyberattacks and espionage.

The Fars News agency reported the attacks on the Culture Ministry were “repelled by the headquarters’ experts.”

Later, Akhavan stated, “At a press conference we announced readiness to confront cyberattacks against Hormuzgan installations, which was mistakenly reported by the agencies as a cyberattack having been foiled,” implying the battle against the virus is ongoing.

Iranian reports implied the agents of the virus were the United States and Israel.

These attacks may be the latest volley in an ongoing game of computer-based geopolitical gamesmanship between Iran on one hand the the U.S. and its allies on the other.

The U.S. and Israel are widely believed to have perpetrated attacks two years ago on computers devoted to developing Iran’s nuclear program.

Those attacks were perpetrated via a virus called Stuxnet, which targeted the supervisory control and data acquisition systems in Siemens industrial computers, affecting specifically the speed controls on centrifuges used to refine uranium. The attacks are said to have set the Iranian nuclear program back.

Iran was suspected to be behind an attack in August against Saudi computers attached to the oil industry, as well as hacks of American financial institutions in September.

As All Things D noted, other malware attacks, perhaps less severe, have also been detected in Iranian computers systems over the past year.

Planned talks with Iran have been seized up since the summer. The Times maintains that even as Western sanctions on Iran pile up, are plans afoot to restart diplomatic discussions, possibly as early as next month.

Perhaps these battles are the online equivalent of seizing as much land as possible prior to peace talks, so as to negotiate from a position of power.

Mark Twain famously maintained that “God created war so that Americans would learn geography.” It might be time to replace “geography” with “coding.”

Photo by Ninara/Flickr

Curt Hopkins

Curt Hopkins

Curt Hopkins has over two decades of experience as a journalist, editorial strategist, and social media manager. His work has been published by Ars Technica, Reuters, Los Angeles Times, and San Francisco Chronicle. He is the also founding director of the Committee to Protect Bloggers, the first organization devoted to global free speech rights for bloggers