Iranian state media reported on Monday that nearly 70% of gas stations in the country had gone out of service, potentially due to sabotage through cyberattacks. The incident has raised concerns about the vulnerability of Iran’s infrastructure to cyber threats. Israeli media outlets, including the Times of Israel, pointed towards a hacker group called “Gonjeshke Darande” or predatory sparrow as the possible perpetrators behind this attack.
Background on cyberattacks in Iran
Over the years, Iran has faced a series of cyberattacks targeting its crucial infrastructure, including fueling stations, railway systems, and industries. These incidents have exposed the country’s susceptibility to cyber threats.
Notably, even surveillance cameras in government buildings, including prisons, have been compromised in the past, highlighting the pervasive nature of cyber intrusions.
Specific incidents of cyberattacks
In 2022, the notorious hacker group Gonjeshke Darande made headlines when it successfully breached a major steel company based in the southwest of Iran. This incident further underscored the potential damage caused by cyberattacks on Iranian industries. The group’s proficiency in executing these attacks poses a significant challenge to Iran’s cybersecurity efforts.
In 2021, Iran faced another major cyberattack that paralyzed its fuel distribution system, leading to long queues and frustration among motorists. This incident highlighted the vulnerability of Iran’s critical infrastructure, as a single cyberattack managed to disrupt the entire fuel supply chain across the country.
Iran’s response and challenges
Following the infamous Stuxnet computer virus attack, which disrupted thousands of Iranian centrifuges, the country took swift action by disconnecting a substantial portion of its government infrastructure from the internet. This proactive response aimed at minimizing the risk of further cyber intrusions jeopardizing the nation’s critical systems. However, these measures alone cannot completely safeguard against future attacks.
Iran is further challenged by the imposition of Western sanctions, which restrict the country’s access to up-to-date hardware and software. As a result, Iran often relies on Chinese-manufactured electronics and older systems to operate its infrastructure. This dependency on outdated technology increases the vulnerability of its systems and makes them more susceptible to cyber threats.
Another significant challenge lies in the prevalence of pirated software across Iran. Due to limited access to legitimate software, many individuals and organizations resort to using pirated versions, thereby exposing themselves to potential vulnerabilities that cybercriminals can exploit. Strengthening cybersecurity measures, including adopting licensed software, becomes crucial for Iran to mitigate the risks associated with cyberattacks.
The recent widespread service outage of gas stations in Iran has once again highlighted the country’s vulnerability to cyber threats. Previous attacks on vital infrastructure, including the steel industry and the fuel distribution system, have already demonstrated the potential for significant disruptions. Iran’s efforts to disconnect critical systems from the internet and reliance on older technology reflect the challenges it faces due to Western sanctions. To enhance its cybersecurity defenses, Iran must prioritize the acquisition of up-to-date hardware and software, as well as promote a stronger culture of cybersecurity awareness and compliance. Only through comprehensive measures can Iran effectively safeguard its critical infrastructure from cyber intrusions and protect the welfare of its citizens.