Iran denies role in Gulf cyber attacks

Iranian officials have denied any role in recent cyber-attacks against oil and gas companies in the Arabian Gulf and say they welcome a probe of the case.

Beta V.1.0 - Powered by automated translation

TEHRAN // Iranian officials denied any role in recent cyberattacks against oil and gas companies in the Arabian Gulf and said they welcomed a probe of the case, a semi-official news agency reported yesterday.

Mahdi Akhavan Bahabadi, secretary of the National Center of Cyberspace, denounced as "politically motivated" US allegations of an Iranian link to the Shamoon virus that hit the Saudi Arabian state oil company Aramco and the Qatari natural gas producer RasGas, according to remarks carried by ISNA.

"We interpret the issue politically and in light of US domestic issues as well as the [US presidential] election," he said.

The virus can spread through networked computers and ultimately wipes out files by overwriting them. In the August attack it replaced them with images of burning American flags. The US defence secretary Leon Panetta said they rendered more than 30,000 computers useless, calling them probably the most destructive cyber-attacks the private sector has seen to date.

Last week a former US government official said American authorities believe that Iranian hackers, likely supported by the government, were responsible. US agencies have been assisting in the Gulf investigation and concluded that the level of resources needed to conduct the attack showed there was some degree of involvement by a nation state, said the former official, speaking on condition of anonymity.

"American officials have said they are able to discover the source of the recent cyberattacks. We do welcome this and announce our readiness for any international cooperation to find the source of the attacks," Mr Bahabadi said.

He said Tehran had already offered help to boost the companies' cybersecurity, as Iran has itself recently been the target of cyberattacks on its offshore oil platforms.

In a major cybersecurity speech on Thursday, Mr Panetta issued a veiled warning to Tehran that Washington was ready to take preemptive action to protect US computer networks.

American officials had "more than a suspicion" that Iran was to blame for the August attacks, and possibly recent denial of service attacks on some US banks, said James Lewis, who has worked for the State Department and other government agencies on national security and cyber issues.

US government officials had concluded that Iran likely launched the attack in retaliation for US-led sanctions over its nuclear programme and a cyber sabotage campaign reportedly backed by Washington, he said.

In his speech, Mr Panetta referred to the Shamoon virus for the first time publicly.

The Pentagon chief spoke of "foreign actors" probing sensitive US networks and cited denial of service attacks on some large US financial companies in recent weeks.

While he reiterated US concerns about cyber threats linked to Russia and China, Mr Panetta said Iran was building up its digital capabilities.

In the same speech to business executives in New York, Mr Panetta said the United States had improved its ability to track the origin of digital attacks and suggested the military stood ready to take preemptive action in cyberspace to protect vital networks.

Iran has advanced its digital warfare capacity faster than US officials had anticipated, Mr Lewis said, though the attack on Saudi Aramco was relatively unsophisticated.

Two weeks after the August 15 cyberattack on Saudi Aramco, the company announced it had restored its main internal network and that the assault had not disrupted oil production.

The firm targeted in Qatar, RasGas, is a joint venture between the American oil firm Exxon Mobil Corp and state-controlled Qatar Petroleum.

Iran periodically reports the discovery of viruses and other malicious programs in government, nuclear, oil and industrial networks. Last week, Tehran said it had successfully blocked a cyberattack on the computer network of its offshore drilling platforms. It briefly shut down part of its oil facilities because of a cyberattack in May.

Iran blames Israel and the United States for the attacks. Israel has done little to deflect suspicion that it uses viruses against Iran.

* With additional reporting by Agence France-Presse