Cyberattack disrupts gasoline distribution in Iran

Read Time:3 Minute, 5 Second

Iran has been facing a nationwide fuel shortage for more than 24 hours. A cyber attack has paralyzed service stations across the country, blocking access to pumps by electronic card and leaving the population in disarray.

The whole system

Since Tuesday, October 26, disruptions in the fuel distribution network have shaken Iran and in particular Tehran. Iranian authorities attribute this to a cyberattack, although it has not been claimed so far according to The Times of Israel. “The Supreme National Security Council has confirmed that there was a cyberattack against the gasoline distribution computer system,” national television said before adding that “the details of the attack and its source are in investigative course.

The attack rendered government-issued electronic cards that allowed nearly 60 million Iranians to buy subsidized fuel at gas stations unusable. Introduced for the first time in the country in 2007, these cards were intended to regulate the market, fight against smuggling and allow households to pay for their fuel while inflation is at its peak in the country. Subsequently abandoned, they were gradually reintroduced in 2018. Thanks to these subsidies, Iranians can pay a maximum of 60 liters of gasoline per month at a very low price (5 euro cents per liter). Beyond that, each additional liter costs 10 euro cents. By comparison, gasoline costs 1.58 euros per liter on average in France.

Political motives behind the attack

The Associated Press reports that the cyberattack resulted in long lines of cars waiting to refuel in the Iranian capital, with many pumps turned off and stations closed. Those who tried to use the pumps with their card received a message saying “cyberattack 64411”. This number matches the office phone number of Iranian Ayatollah and Supreme Leader Ali Khamenei, suggesting the attack may have been politically motivated.

It is not the first time that a cyberattack has hit Iran and it is even less of a surprise to see the phone number of the Iranian Supreme Leader appear. By early July, the Islamic Republic of Iran (IR) Railways – the company that owns Iran’s railway network – had been affected. After communicating about this cyberattack, the modus operandi targeting the Iranian government was discovered. The hacked train screens invited passengers to express their displeasure by using the telephone number of Ayatollah Ali Khamenei’s office. Chance or coincidence, the display of this number is in any case intriguing. The malware, a wiper designated as Meteor, had then first erased the file system of the railway system, then locked user workstations and corrupted the sectors (MBR) of hard drives. However, the originator of this cyberattack has still not been identified and this number sows further confusion, making it even more difficult to attribute the attack.

Recurring attacks

A story that is reminiscent of that of the Bushehr nuclear site, infected by Stuxnet in 2010 then in 2018. Later, in April 2021, it was the Natanz uranium enrichment plant which this time This is the cost of a cyberattack. The latter came after the official inauguration of the latest more efficient centrifuges, and in a period of diplomatic turmoil with the United States to reconsider the 2015 nuclear agreement rejected by the Trump administration.

While the morale of the country is far from being in good shape, this attack accentuates the economic problems encountered by the population. Some cash-only gas stations not part of the subsidy card network continued to pump fuel. In addition, Ouest France announces that of the 4,300 service stations across the country, only 220 have been able to be reconnected to the central distribution system, the spokesperson for the national company explained to the official IRNA agency in the morning. distributor of petroleum products, Fatemeh Kahi.

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %
Docker Publishes Its 1st Public Post Mortem On An Internal Incident Previous post Docker publishes its 1st public post-mortem on an internal incident
Cyberinsurance: Instigating Crime Or Helping Security? Next post Cyberinsurance: instigating crime or helping security?