Iran says its infosec defences foiled oil hack Iran is claiming to have successfully deflected yet another large scale cyber attack on critical infrastructure in the country, this time targeted at its offshore oil installations. A brief report on the Iranian Students’ News Agency site on Monday seemed to accuse Israel and China of being behind an attack on the National …
That it was a state sponsored Israeli attack (given their sophistication with Stuxnet worm, 7 years ago! just think of their advancements since then.) or a few anti-Iranian hackers (based in Israel) who couldn't penetrate the NAT setup of an Iranian oil company...
Hmm let me think about that now.
I don't doubt Stuxnet (and its associated viral colleagues) hit the Iranian Nuke plant badly else Iran would have shouted from the rooftop about how it defeated the Western Imperial Dogs etc..
If the networks were indeed airgapped, the supposed attack would be impossible. Therefore, there would be no story. Iran is, as usual, calling wolf ... Their own incompetence is legendary when it comes to technology. It's a religious thang, methinks. Alas.
"If the networks were indeed airgapped, the supposed attack would be impossible. Therefore, there would be no story"
The story is that Israel are alleged to have attacked Iran's infrastructure again. The success or not of the attack doesn't affect whether or not it took place. If you wont read the article before posting, at least read it after people start calling you out on not having read it.
"...... The success or not of the attack......" Ah, but maybe this was just a diversionary attack whilst the Eeeeevul Jooooooos parachuted Gremlins into their facilities....
So, would you prefer it if Bibi had sent cruise missiles rather than allegedly sending skiddies?
""...... The success or not of the attack......" Ah, but maybe this was just a diversionary attack whilst the Eeeeevul Jooooooos parachuted Gremlins into their facilities...."
That is truly pathetic. That you characterise any criticism as anti-Semitism. It's one of the basest ad hominems. Jewish is not the same as Israeli and one of the lowest cards the Israeli government and its supporters repeatedly plays, is to suggest at any opportunity that the two are the same. This is done - exactly for the reasons that you have just used it - to avoid actually engaging in the argument and instead dismissing it as motivated by prejudice. There is no shortage of Jewish critics of Israeli foreign policy. Are they angry about "Eeeevul Joooooos" as well? Mockery is not argument and nor are personal attacks implying anti-Semitism.
"So, would you prefer it if Bibi had sent cruise missiles rather than allegedly sending skiddies?"
And along with Ad Hominem, we can add False Dichotomy. Yes - Israel is forced to attack other countries infrastructure by virus as their only means of avoiding being forced to send missiles. Of course.
You're smarter than that, Matt.
"What leads you to this conclusion?"
I've had decent discussions (if not very polite ones) with Matt before on the subject of the rights and wrongs of wars. He has been able to correct me in some cases and at least make decent arguments in others. He's certainly capable of making a decent argument. However, 'you criticise Israel, you must be hate Jews" personal attacks, are not amongst them.
For those who can't read for content ... According to Iran, the attack was routed through various IP addresses (that's internet connectivity, no matter how you look at it), and they actually shut off incoming telephone calls to try to block it (that is in no way, shape, or form air-gapped).
Do try to learn a little about system security before commenting on this kind of thing. Ta.
You clearly cannot read Jake, let alone put up a convincing argueement.
"According to Iran, the attack was routed through various IP addresses (that's internet connectivity, no matter how you look at it), and they actually shut off incoming telephone calls to try to block it"
Yes internet connectivity, but where the f'ing hell does it say the SCADA equipment was attached to the internet as you imply in your original post? Please, do point it out, because none of us can see it, in fact the article implies the total opposite.
SCADA in know way means phones and the most likely scenario is they simply took down the SIP trunks or overloaded an internal network. Even if it got to the core network and completely spanked that, if the SCADA machines are not on the same network, they wouldn't be affected.
So don't pull me up on security, if you can't read a 1/2 page article, there would be bugger all way I'd employ you to look after security.
"Yes internet connectivity, but where the f'ing hell does it say the SCADA equipment was attached to the internet as you imply in your original post?"
It says SCADA in the first sentence of the article, towhit "Iran is claiming to have successfully deflected yet another large scale cyber attack on critical infrastructure". You can't attack critical infrastructure over a network without having access to SCADA. (This includes sneaker-net, by the way).
Are you really this clueless, or just trolling?
"......That is truly pathetic. That you characterise any criticism as anti-Semitism. It's one of the basest ad hominems......" Oooh, serious sense of humour failure there! I suggest you go look at some of the lovely proclamations made by Ahm-mad-in-a-dinnerjacket, he only refers to Jews and Zionists whenever he talks about Israel. You know, when he's threatening to wipe them off the map, etc., etc.
".... Mockery is not argument and nor are personal attacks implying anti-Semitism....." All I can suggest is you must be an expert, you having been mocked so often....
".......You're smarter than that, Matt." It seems my humour was simply firing a bit too far over your head. Don't worry, I'll bring it down to the level of "your Momma" jokes if it is more your usual fare.
Yore Momma woz sooooo stoopid she tried the rivum meffod and got h4m0ny instead!
Probably encourages the rest of the world to pay attention to possible hacking of -our- computers from Israel, either government-ordered or private venture. Maybe countermeasures against that particular source of hacking are better developed and more widely available.
Of course lots of computer stuff already says on the licence "This software/hardware must not be sold to Iran or Cuba or other places that our government doesn't agree with". FOSS may be an exception but it's probably illegal to provide even freeware and GPL software to Iran. But mainly they probably have a lot of pirated stuff because they aren't -allowed- to buy it.
"What do Iran gain from telling the world about this alleged attack?"
They are rewarding and feeding their own sense of victimhood. As a regime with few mates, there's few will feel sympathy for them even if this was true. But it becomes nice self justification for their leaders oppressing their population.
It is such a pity. I'm happy to subscribe to a range of generalisations and even stereotypes, one of those is that Iran is full of clever, innovative, hard working people, but unfortunately they are ruled by a bunch of scheming incompetents and religious pseuds, aided by more than a few thugs.
Couldnt agree with you more Led, very smart people over there. It explains why so many want to come to the states and the UK where they are safe from goverment persecution. But if these attacks continue to get reported across the airwaves, more and more "patrioctic" cyber actors will want to defend and take a good ol swing at the west.
I agree that Bibi is using the Cyber option instead of the Cruise missle option
Not sure he has the cruise option. The Iranians have distributed and hardened their assorted defence and nuclear sites, and it is by no means clear that even the sort of Iraq "shock and awe" campaign would derail the programme for any length of time. And in the meanwhile, the West would have stirred up anybody of moslem or Arab origins who wants to feel a victim, so the trouble spreads beyond the Iranian border (and trouble is now Iran's biggest export, because they forgot to place that on the sanctions list). We only have to look at the ridiculous response either to a handful of dull cartoons in middle-of-nowhere Denmark, or to a badly dubbed trailer on Youtube that most of the protesting berks have never even seen, to see what might happen.
For all the claims of US bunker busting technology, it hasn't been operationally proven, and US defence analysts doubt that a military strike is going to be productive. Note as well that any attack on Iran has to not merely sterilise their NBC capabilites, but to neutralise their conventional forces, and as well to degrade their asymmetric capabilities - all without committing any ground forces, given the lessons elsewhere. Even if the West achieved all three of those objectives, the Iranians could close the Straits of Hormuz with perhaps three torpedo launches, and I would wager plenty of money that the West could not guarantee against that.
At the moment the Yanks are trying to ratchet up the rhetoric to persuade the Iranians that the big stick is real, because the Iranians don't think that Obama would use it, particularly whilst he's fighting an election. The military suits have a more pressing concern that their strike option simply isn't as credible as it looks.
It'd be so much better if they all sat down over a few beers and had a chat about this, but that's not going to happen. And (as Syria shows) the Chinese and Russians will seek to cause trouble for the Yanks, regardless of the price in human lives or money, so they'll be encouraging the Iranians, albeit trying not to be seen to, and whilst secretly hoping that Iran doesn't get nuclear weapons.
"Not sure he has the cruise option...." The two likely choices are called Popeye and Delilah, the former also suspected of being available in a submarine-launched variant (the Israelis have a number of German-built Dolphin submarines that could be used to launch Popeyes and/or Harpoon missiles, drones and decoys). AFAIK, Delilahs are air-launched only. Things have moved on from the days of dive-bombing the Osirak reactor with iron bombs. Mind you, the IAF made a fair old mess of the Syrian's Deir ez-Zor "research" reactor with a few F-16s and F-15s and some very conventional bombs back in 2007.
".....The Iranians have distributed and hardened their assorted defence and nuclear sites....." A first strike by Israel is likley to concentrate on a few keys sites. A longer term campaign of cruise missile attacks could then clean up the rest if required. The real Israeli red line is weapon shipment - they can destroy the Iranian weapons if they only have to hit several facilities, but they don't want to have to bomb every Revolutionary Guard bunker and Scud site.
"....And in the meanwhile, the West would have stirred up anybody of moslem or Arab origins who wants to feel a victim...." Those prone to victimhood are already happilly stirring themselves up. The good news for us is they're busy killing each other. And it is highly likely that neighbouring Sunni-dominated countries will turn a blind eye to any Israeli activity as they currently have no love for Shia Iran. Local Iranian puppets like Hamas and Hezbollah will react as predicted, but Israel can cope with them. The biggest loser from Hezbollah's kneejerk reaction will be the Lebanese people. Again.
".....For all the claims of US bunker busting technology, it hasn't been operationally proven...." Saddam had some of the most extensive and expensive deep bunkers the World has seen. The US still pierced and destroyed his C3 setup with the last generation of devices. There is also the fact that the Israelis and/or Septics don't have to destroy the kit as buried kit is just as out of reach until the Iranians can dig it up, and it can keep on being buried.
"....but to neutralise their conventional forces....." Why? Who are they going to attack? Their army is posed to repress their own, not invade Israel. To get to Israel they have to travel across several Sunni-Arab countries with US defence treaties. Iran can randomly pop off lots of missiles at Israeli cities but even AEGIS fired from the USN in the Gulf or Med could handle most of those, let alone Israel's own missile systems (David's Sling, Arrow, Iron Dome). Given the choice - Israel a glowing bowl of glass, or maybe a few thousand civillians die - the Israelis won't hesitate to go for it.
"....the Iranians could close the Straits of Hormuz...." The Iranians have tried that before, it didn't work out too well for them (http://en.wikipedia.org/wiki/Operation_Praying_Mantis).
"......because the Iranians don't think that Obama would use it, particularly whilst he's fighting an election...." And that election will soon be over, freeing up Obambi or the more Israeli-friendly Romney to start operations.
"..... And (as Syria shows) the Chinese and Russians will seek to cause trouble for the Yanks....." Interestingly, the Iranians have started mouthing off against the Chinese, implying that friendship is shot. The Russians are busy trying to shore up Syria and have themselves not gone out of their way to support the Iranians. And the Israelis aren't really too bothered becasue for them the risk of a second Holacaust trumps Moscow getting their knickers in a twist. Besides, the Israelis have been pretty friendly with the Kurds, one of the reasosn the current Islamist Turkish government got so huffy with Israel, and other local actors such as Azerbaijan and Turkmenistan. Having friends on Iran's borders helps Israel.
Some good points well made.
We'll have to disagree on the effectiveness of a strike against Iran's programme - you seem very optimistic in the technology, I believe it will cause damage without destroying the programme. Crucially, the Iranians have the knowledge - most of what they need to do is build and operate, so that particular genie is out of the bottle, even if you eliminate the manufacturing facilities.
The rationale for wanting to neutralise the conventional capabilities is because if Iran is attacked, with sanctions in place, and tacit support from the GCC countries, then unlike during the Iran/Iraq ware, there's nothing for them to lose by closing the Straits with conventional forces. I very much doubt their troops would cross land borders, or that other countries would want their troops on Iranian soil. Although Iran did harm non-combatant vessels in the incident to which you refer, they were not trying to close the Straits to all vessels, because (at the time they started) the US and GCC weren't engaged (which was an undesired outcome), and it would impact their own oil exports if the straits were closed. Since then, Iran has recognised and built on its assymetric capabilities, knowing that it doesn't have the upper hand in technology or heavy weaponry, and sanctions mean that they aren't exporting much now anyway. A brief look at Iranian patrol boat, mini-submarine, and mine layer numbers tells you what their thinking is. I'm sure that they've also noted how vulnerable tankers are on the high seas, given the piracy problems off Somalia, so their options extend well to the West of the straits.
At the moment the situation is that the Iranians continue their bomb making plans, with a declared threat to close the Straits if they are attacked. You mention Iranian counter-attack options against Israel - but given the quality of Iran's missiles I think you'd accept that such attacks would only be symbolic, and if we can work that out then the Iranians will be clear on it. In that respect, if Israel acts alone then the Iranians have fewer choices. If the US and GCC are involved then the Iranians can in their own eyes justify attacks on targets away from Israel and the Straits, like Ras Tanura or Ras Laffan. I take your point about US and Israel's advanced weapons tech; But high tech has been of little use in pacifying Afghanistan. Great if you want a black and white Youtube video of a building being destroyed at night from 12,000 feet, or want to take out a handful of tanks, not so good at area defence along six hundred miles of coast.
I've no doubt Iran would come off worse. But I think there's no good reason to believe that their programme can be killed off if they don't wish to close it off - and there's repercussions with other unstable nuclear powers like North Korea and Pakistan that follow on from any attack on Iran. I think that Iran can and would inflict quite a lot of damage to neighbouring countries energy assets, and attempt to close the Straits. Even the belief that they will try is potent, would you sail a 400,000 tonne oil tanker through if people were throwing weapons at each other?
Regarding the international community, the Russians aren't tied up in Syria, they are merely supplying weapons (incidentally in this respect they are at joint causes with the Iranians). No reason at all that they should help the Americans over Iran, and things become very difficult if the Chinese and Russians refuse to support a UN resolution permitting action. Just because the Iranians might have mouthed off against China, China will still see this through the lens of geopolitics, and ask themselves why they should do anything to help the US, particularly when the US are trying to become more militarily active in the Asia Pacific region, to China's displeasure.
Who loses if Iran closes the Straits, or hits the GCC oil and gas export facilities? Not much direct impact on Russia (probably beneficial for their gas exports). A limited impact on China, that China might accept as the price of the US being poked in the eye (and China has such vast foreign currency reserves that it can sit out a price spike). But the Western economies would be plunged back into recession by the spiking cost of oil and gas. If you were one of the mad buggers running Iran, what would your course of action be?
And all that to push back the Iranian nuclear programme for a few months.
"......I believe it will cause damage without destroying the programme....." Complete destruction is probably out of the question, but making it too painful to Iran to complete is another matter.
"......Crucially, the Iranians have the knowledge...." The core knowledge is pretty much available in most highschool libraries. In the '80s a grad in the US wrote his dissertation around making a home-built nuke, handed in his paper, and then went straight into hiding under FBI guard. Nowadays the FBI probably wouldn't bother. BUT, having the knowledge and being willing to use it is another thing, and the attacks on Iranian scientists have not only thinned out the Iranian knowledge pool but also made others less than keen to get involved. Meanwhile, both Israel and the US have moved to stop other countries assisting Iran, meaning each Iranian scientist assassinated is now an unreplaceable asset.
"....there's nothing for them to lose by closing the Straits with conventional forces...." There actually is a lot for Iran to lose as their economy is still heavily dependent on oil exports. Whilst the rest of the World can ramp up production to get over losing Iranian production, Iran is highly dependent on oil dollars.
".....Although Iran did harm non-combatant vessels in the incident to which you refer......" They had quite a history of attacking shipping belonging to other non-combatant nations (as did Iraq at the time), which is why the USN got involved in the first place.
".....A brief look at Iranian patrol boat, mini-submarine, and mine layer numbers tells you what their thinking is....." The US (and allies) has taken more than a brief look and already has plans for such Iranian strategies. IIRC, the first publicly-released USN studies on defeating swarm attacks were made available in 2002, long after they had been written. With Iran also being cut off from foreign sources of weaponry, they are also unable to re-stock such items as the very expensive and complex mines they bought during the Iran-Iraq war, or the Western-built speedboats they have required.
".....But high tech has been of little use in pacifying Afghanistan....." Well, apart from teh fact the Taleban are have been kicked out of power and driven into the Pakistani hills, you mean? And the Taleban are hiding behind civillians, not sitting in speedboats on open water. Currently the fastest boat the Iranian's have (the cladestinely bought Bradstone Challenger) can be overhauled by every helicopter in the USN arsenal, and long before it gets in range of attacking an USN ship with the anti-tank missiles it has been fitted with.
".....I think that Iran can and would inflict quite a lot of damage to neighbouring countries energy assets....." Very unlikely as, apart from Iran's desire to be seen as a leading Islamic country, nothing would be more likely to result in full-blown US reprisals. Iran would be happy to hit at Israel, but not any neighbours.
"..... But the Western economies would be plunged back into recession by the spiking cost of oil and gas....." Since the US began sanctions the European countries have all being buying oil from other sources (http://www.bbc.co.uk/news/world-europe-16674660). Those other countries would both be happy to supply more oil but also to keep Iran off the market for a longer period as it makes them richer.
I would suggest a quick read here (http://www.cfr.org/iran/iran-wont-close-strait-hormuz/p26960) for a pretty good summation of the Iranian sabre-rattling.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
