Iranian official disputes report that power station was hit by virus attack

An Iranian civil defense official claims he only said the country was ready to repel cyberattacks, media reports say

A power station in the south of Iran has been hit by a cyberattack, an Iranian news agency reported Tuesday, citing a local civil defense official. But now agency and official are in dispute over whether he really made the remarks.

The Iranian Students News Agency (ISNA) initially reported that cyberattackers had struck industrial infrastructure in the southern province of Hormuzgan, which overlooks the Straits of Hormuz.

The widely circulated report quoted Ali Akbar Akhavan as saying in a news conference that a virus had penetrated some manufacturing industries in Hormuzgan province, but that skilled hackers had helped halt its progress, according to a translation of the ISNA report published by Agence France Presse.

The attack, targeting Bandar Abbas Tavanir Co., an electrical utility, among other installations, had happened in the past few months and was "Stuxnet-like," the AFP report quoted Akhavan as saying.

But later Tuesday AFP published a new report saying that Akhavan had accused ISNA of misinterpreting his remarks.

"At a press conference we announced readiness to confront cyber attacks against Hormuzgan installations, which was mistakenly reported by the agencies as a cyber attack having been foiled," Akhavan told the Iranian state broadcaster, IRIB, according to AFP.

ISNA hit back, publishing MP3 files which it claimed contained Akhavan's initial remarks, and saying it stood by the accuracy of its initial story, according to a machine translation of the report.

In a further twist, however, ISNA also published a third report that, according to a machine translation, quoted other Iranian officials as saying there had been no attacks on electrical installations in the region.

This is not the first time there has been a dispute about whether a cyberattack has hit Iranian infrastructure. A report in late July that a virus was causing computers at the Atomic Energy Organization of Iran to play AC/DC song 'Thunderstruck' at full volume were roundly dismissed the following week by the organization's director, Fereydoun Abassi.

One attack the Iranians did confirm was the original Stuxnet attack. Officials said it infected 30,000 PCs in the country, including some at the Bushehr nuclear reactor. However, computer security analysts believe Stuxnet was written to attack the control systems of centrifuges used to enrich uranium at a different Iranian nuclear facility, Natanz.

Join the CSO newsletter!

Error: Please check your email address.

Tags intrusionsecurityindustry verticalsenergymalware

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Peter Sayer

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts