Iran’s Steel Industry under a Cyberattack

Written by Mike Boutwell

August 26, 2022

The Khuzestan Steel Company, one of the largest steel enterprises in Iran, was the target of a massive cyberattack on Tuesday, bringing the entire industry to a screeching halt.

As Tehran gets ready to resume nuclear discussions with the world’s powers, it is unclear what the full extent of the impact could be on Iran’s economy or even on its military or nuclear industries.

The hacktivist group known as Predatory Sparrow, which is still relatively unknown, claimed credit for the attack. This group also claimed credit for a large hack in October 2021 that targeted the country’s petrol stations.

Omree Wechsler, a cyber security expert at Tel Aviv University, stated during the university’s Cyber Week that the hack was noteworthy due to the fact that the nature of the large industrial systems that were compromised would have most likely required intelligence penetration of the facilities, and possibly also physical penetration.

In this particular instance, Predatory Sparrow or anyone else who might have been responsible for carrying out the hack may have some sort of connection with a nation-state that possesses a major intelligence organization, such as Mossad, for instance.

Check Point has hypothesized that some anti-Iran hacktivist groups may receive assistance from nation-states. In addition to Israel, the Islamic Republic may also be the target of a cyberattack from the United States of America, the Kingdom of Saudi Arabia, the United Arab Emirates, and other nations that have significant cyber capabilities.

Having said that, the Mossad is not the only organization that has been responsible for big attacks; other groups, such as the anti-regime Iranian dissidents of Indra, have also been involved.

Earlier, significant instances of online attacks.

Steel facilities were rendered inoperable for a period of time that was not specified. As a result, Iran’s claims were either likely false or were referring to the fact that it had avoided the possibility that the facilities could have been damaged to a greater extent.

On the 26th of October, 2021, there was an unexpected power failure at each and every one of Iran’s 4,300 petrol stations across the country.

A networked system that allowed Iranians all throughout the country to acquire fuel at subsidized prices via government-issued cards was rendered inoperable as a result of the cyberattack that was carried out.

Users of subsidized gas cards who attempted to make a purchase received the error message “cyberattack 64411” when they attempted to make the purchase. This was the number to call for the hotline that the office of Ayatollah Ali Khamenei operated, the Supreme Leader of Iran.

In a post on Telegram, Predatory Sparrow explained that it carried out the breach as retaliation to “the cyber actions by Tehran’s terrorist dictatorship against the people in the region and around the world.”

In contrast, the director of Iran’s Civil Defense Organization, Brigadier General Gholamreza Jalali, stated, “We are yet unable to say forensically, but analytically I believe it was carried out by the Zionist regime, the Americans, and their agents.”

The evidence that the hack had multiple purposes beyond the tensions it produced between the regime and the people lends credence to this argument.

The Iranian government became aware that the hackers may have gained access to sensitive information regarding the country’s oil exports.

To put it another way, the perpetrators of the cyberattacks may have obtained a highly guarded state secret regarding the method by which Iran circumvents international sanctions.

You May Also Like…