Article Lead Image

Cyberattacks on U.S. energy firms tied to Iran

Although the attacks have not been successful, the scale was large enough for the government officials to compare it to last year’s attack on Aramco.


Curt Hopkins


Posted on May 27, 2013   Updated on Jun 1, 2021, 2:54 pm CDT

Government officials and security analysts have identified a new series of attacks on energy firms as coming from Iran, according to a report by the New York Times.

American oil, gas, and electricity companies have borne the brunt of the attacks, though the officials would not identify the companies by name.

“Government officials and outside experts on Friday confirmed a report in The Wall Street Journal,” wrote Nicole Pelroth and David Sanger, “that the source of the attacks had been narrowed to Iran. They said the evidence was not specific enough to conclude with confidence that the attacks were state-sponsored, but control over the Internet is so centralized in Iran that they said it was hard to imagine the attacks being done without government knowledge.”

Although the attacks have not been successful, the scale was large enough for the government officials to compare it to last year’s attack on the Saudi national oil company, Aramco and on the Qatari company RasGas, also both traced to Iran.

The intent seems to be sabotage, with an emphasis on destroying data and gaining access to the control mechanisms for the energy companies’ facilities, and not simply espionage. This difference in emphasis could qualify the actions as “cyberwar” instead of “cyber-espionage,” which has been much more common over the last years.

Given the origin of the attacks and the targets, it might be a revenge attack for the Stuxnet worm, which disabled Iranian nuclear centrifuges, that most analysts believe was created by the United States and Israel. (Some believe the attack wound up helping the Iranian nuclear program more than it hurt it.)

That attack resulted in the creation of an Iranian “cyber corps,” which has been very active, including apparently spearheading attacks against financial institutions late last year.

The agency that issued the alert, based on an executive order signed last year to share cyber-threat information, was the Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, which is charged with coordinating cross-agency for the defense of America’s energy infrastructure.

H/T New York Times | Photo by iran made it/Flickr

Share this article
*First Published: May 27, 2013, 12:38 pm CDT