According to the report, the targets have included several American oil, gas and electricity companies, which government officials have refused to identify.
- Study: Stuxnet strengthened Iranian nuclear program
- Hackers target Israeli websites
- IDF says engaged in 'constant cyber battle'
The goal is not espionage, they say, but sabotage. Government officials describe the attacks as probes looking for ways to seize control of critical processing systems.
Investigators began looking at the attacks several months ago, and when the Department of Homeland Security issued a vaguely worded warning this month, a government official told The New York Times that “most everything we have seen is coming from the Middle East.”
Government officials and outside experts on Friday confirmed a report in The Wall Street Journal that the source of the attacks had been narrowed to Iran.
They said the evidence was not specific enough to conclude with confidence that the attacks were state-sponsored, but control over the Internet is so centralized in Iran that they said it was hard to imagine the attacks being done without government knowledge.
According to the New York Times, while the attackers have been unsuccessful to date, they have made enough progress to prompt the Homeland Security warning, which compared the latest threat to the computer virus that hit Saudi Aramco, the world’s largest oil producer, last year.
After investigations, American officials concluded that the Aramco attack, and a subsequent one at RasGas, the Qatari energy company, were the work of Iran.
Taken together, officials say, the attacks suggest that Iran’s hacking skills have improved over the past 18 months. The Obama administration has been focused on Iran because the attacks have given the Iranian government a way to retaliate for tightened economic sanctions against it, and for the American and Israeli program that aimed similar attacks, using a virus known as Stuxnet, on the Natanz nuclear enrichment plant.
President Obama (Photo: MCT)
That effort, code-named Olympic Games, slowed Iran’s progress for months, but also prompted it to create what Iran’s Islamic Revolutionary Guards Corps calls a cyber corps to defend the country.
This week Iran denied being the source of any attacks, and said it had been a victim of American sabotage. In a letter to the editor of The Times, responding to a May 12 article that reported on the new attacks’ similarity to the Saudi Aramco episode, Alireza Miryousefi, the head of the press office of the Iranian mission to the United Nations, wrote that Iran “never engaged in such attacks against its Persian Gulf neighbors, with which Iran has maintained good neighborly relations.”
“Unfortunately, wrongful acts such as authorizing the 2010 Stuxnet attack against Iran have set a bad, and dangerous, precedent in breach of certain principles of international law,” he wrote.
The New York Times said that American officials have not offered any technical evidence to back up their assertions of Iranian authorship of the latest attacks, but they describe the recent campaign as different from most attacks against American companies - particularly those from China - which quietly siphon off intellectual property for competitive purposes.
The new attacks, officials say, were devised to destroy data and manipulate the machinery that operates critical control systems, like oil pipelines. One official described them as “probes that suggest someone is looking at how to take control of these systems.”
According to the report, the White House would not confirm that Iran was the source, but Laura Lucas, a spokeswoman for the National Security Council, said that “mitigating threats in cyberspace, whether theft of intellectual property or intrusions against our critical infrastructure” was a government wide initiative and that the United States would consider “all of the measures at its disposal - from diplomatic to law enforcement to economic - when determining how to protect our nation, allies, partners, and interests in cyberspace.”
- Receive Ynetnews updates
directly to your desktop