The Iranian Oil Ministry has acknowledged that a virus outbreak has compromised servers and Web sites used by the Ministry, but denies that any non-public data was exposed.
The notice, which was posted on the Web site for the Oil Ministry on Monday, quotes a Ministry of Petroleum spokesman as saying Ministry was well defended against cyber attacks and that Ministry data was “not damaged in the attack,” which affected “user information” only and damaged hard disks on infected systems.
“Public servers are isolated from the main servers,” preventing damage to sensitive Oil Ministry data, the statement read.
The Web site described the attack as coming from a “virus,” but Kaspersky Lab’s research team said the source of the infection wasn’t known late Monday. The BBC reported that the Oil Ministry was forced to disconnect key facilities following the attack on Sunday. Those facilities include the massive Kharg Island oil terminal, a conduit through which around 90% of the country’s oil exports flow.
The attack comes amid heightened tensions between the West and Iran over that country’s nuclear ambitions. Smarting under international economic sanctions and fearing a military strike by the U.S. or its allies designed to degrade its nuclear enrichment facilities, the Islamic Republic has threatened to cut off the Straight of Hormuz, a key conduit for oil exports from the Gulf. In response, the U.S. has moved two aircraft carrier groups to the Gulf and promised to keep the straight opened to traffic.
Iran was, famously, the target of the Stuxnet worm, which was believed to be a creation of Western governments interested in delaying the country’s progress towards a nuclear weapon. The country is also known to have been targeted by other malware in recent months.