US: Iran is to blame for cyberattacks

US: Iran is to blame for cyberattacks

Summary: A former U.S. government official says that Iranian hackers are to blame for cyber warfare in the Persian Gulf.

SHARE:
3

According to an unnamed former U.S. government official, American authorities "firmly believe" that Iran is to blame for recent cyberattacks against gas and oil companies in the Persian Gulf. 

The Associated Press reports that the hackers were "likely supported" by the Tehran government. One possible reason for the cyberattacks is retaliation after the U.S. government laid economic sanctions at the country's door.

As the investigation is classified as a secret, the official elected to remain anonymous when speaking to the publication. However, he did say that due to the level of resources required to execute the attacks, there was some involvement at a national state level.

The comment came to light moments before Defense Secretary Leon Panetta spoke to a gathering of business leaders in New York on Thursday. By doing so, Panetta became the first official from the American government to publicly acknowledge the attacks taking place in the Persian Gulf. Calling them "probably the most destructive cyberattacks the private sector has seen to date", the official hinted -- without linking directly to these incidents -- that the U.S. has the ability to counterattack such activity, and would not fail to take action if necessary.

"Potential aggressors should be aware that the United States has the capacity to locate them and to hold them accountable for actions that may try to harm America," Panetta said.

The cyberattacks in question hit oil firms Aramco and Qatari, and natural gas producer RasGas. The Shamoon virus attacks computer systems through a network, and is able to wipe files and destroy data by overwriting them -- one example inserting a burning U.S. flag, whereas another used scrambled data.

burningflag140912co

The unnamed official said that the attacks were likely to be state-sponsored, but Kaspersky Lab researchers consider at least one of the attacks -- 30,000 workstations targeted at Aramco -- as nothing more than a "quick and dirty" job completed by amateurs.

Attacks like 'Flame' are in an entirely different league.

A disparity between Panetta's statement that "more than 30,000 computers that it infected were rendered useless and had to be replaced," which "virtually destroyed 30,000 computers" is Aramco's official response, which said that "the virus affected about 30,000 workstations. The workstations have since been cleaned and restored to service."

Panetta also lamented America's private sector investment in cybersecurity, stating that a presidential excutive order was being considered "while we wait for Congress to act." The example of the Persian Gulf attacks were offered as a warning -- if slightly inaccurate -- for American businesses to make sure their cybersecurity protocols were up to scratch.

Some have argued that legislation will expand the government's regulatory power, which will adversely affect businesses struggling in a fragile economy.

The official finished by pressing the group to support tougher measures, by saying:

"Before September 11, 2001 the warning signs were there. We weren't organized. We were't ready. And we suffered terribly for that lack of attention. We cannot let that happen again. This is a pre-9/11 moment."

Panetta has offered no new information on the Pentagon's cyber capabilities, although he did mention that over $3 billion a year is being invested in countering these threats. Cybersecurity expert James Lewis told the AP that while the official was careful with his phrasing, the message was not only loud and clear for the American businessman, but Iran.

"It's not something where people are throwing down the gauntlet, but I think Panetta comes pretty close to sending a clear warning (to Iran): We know who it was, maybe you want to think twice before you do it again. I think the Iranians will put two and two together and realize he's sending them a message."

Topics: Security, Government US

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

3 comments
Log in or register to join the discussion
  • Flame

    Wasn't Flame considered to be perpetrated by the US government? Seems like the Iranians are retailating now. I wonder if anyone considered the consequences of opening this Pandora's Box.
    MajorlyCool
  • cut them off at the border

    Future sanctions should include killing their link to the internet. Can't connect, can't hack.
    kethler
    • Ain't your adolescent

      How are you gonna cut access? This ain't your adolescent kid(s) scenario, this is probably a couple dozen hackers with global wide access, presuming, of course, that this isn't just a pile of inflammatory huey.
      Gigazap