Israel linked to cyber attack on Iranian port

Iranian port

Last week Iranian officials confirmed that a cyber attack had been carried out on the country’s largest sea port. Now, officials in the United States are linking Israel to the attack on the Iranian port.

The attack on May 9 targeted the Shahid Rajaei port near Bandar Abbas and the Strait of Hormuz. Officials say that while the attackers failed to penetrate the Ports and Maritime Organization’s systems they were able to infiltrate and damage a number of private operating systems at the ports. It brought shipping traffic at the Iranian port to a halt and continued to disrupt traffic for days afterward.

According to a May 18 report in the Washington Post, Israeli operatives carried out the May 9 attack. The Post article claims the cyber attack was an act of retaliation in response to an April 23 attack on Israel’s water infrastructure. Iran was reportedly linked to the April 23 cyber attack.

“Assuming it’s true, this is in line with Israeli policy of aggressively responding to Iranian provocation, either kinetically or through other means,” Dmitri Alperovitch, a cybersecurity policy fellow at the Harvard Belfer Center and founder and former chief technology officer of CrowdStrike, a cybersecurity firm, told the Post. “Any time you see Iranian escalation, as with their buildup of rocket capacity in Syria, you have consistently seen Israeli retaliation with bombing runs on those positions. So it appears they have now applied that doctrine in cyberspace.”

The article also claims the attack on the Iranian port was more disruptive than Iranian officials previously indicated.

“The Washington Post was shown satellite photographs depicting miles-long traffic jams on highways leading to the Shahid Rajaee port on May 9. In a photograph dated May 12, dozens of loaded container ships can be observed in a waiting area just off the coast,” the article says.

These recent attacks are only the latest in a long history of tensions between Iran and Israel. Most notably, in June 2010, Iran was the victim of a cyber attack on its nuclear facility. The facility was infiltrated by the cyber worm Stuxnet which targeted its industrial control systems.

The attack was linked to the United States and Israel. It’s believed to have destroyed an estimated 1,000 nuclear centrifuges and also spread beyond the plant to allegedly infect over 60,000 computers.

Similarly, Israel says it has thwarted numerous cyber attacks from Iran. In 2014, an Israel Defense Forces official told news outlet Haaretz that Iranian hackers launched numerous cyber attacks against Israel’s internet infrastructure during the nation’s military campaign in Gaza.

“They made a very intense cyber effort during the operation unlike any we had seen before, in terms of its scope and the type of targets,” the senior officer told Haaretz.

Additionally at the CyberTech conference in 2019, Prime Minister Benjamin Netanyahu said Iranian hackers target the country daily.

“Iran attacks Israel on a daily basis,” he said. “We monitor these attacks, we see these attacks and we foil these attacks all the time.”

And Iran isn’t just targeting Israel. Hackers tied to the country have been linked to cyber attacks targeting operations fighting the COVID-19 pandemic. Earlier this month, hackers linked to Iran targeted staff at U.S. coronavirus drug manufacturer Gilead Sciences. Hackers linked to Iran have also attempted to break into the World Health Organization.

“An increasing number of malicious cyber actors are exploiting the current COVID-19 pandemic for their own objectives,” the United Kingdom’s National Cyber Security Centre and the United States Department of Homeland Security Cybersecurity and Infrastructure Security Agency said in a joint statement. “In the UK, the NCSC has detected more UK government branded scams relating to COVID-19 than any other subject. Although, from the data seen to date, the overall levels of cyber crime have not increased, both the NCSC and CISA are seeing a growing use of COVID-19 related themes by malicious

Share on facebook
Share on google
Share on twitter
Share on linkedin
Share on whatsapp

Author

Join 10,000 OT/ICS Security professionals

Get the latest industrial cybersecurity news and insights direct to your inbox.