Iran is showcasing successful cyberattacks afflicting its enemies to distract from its cyber security woes on the home front.
SETH J. FRANTZMAN
OCTOBER 27, 2021 11:45
In the wake of reports that Iran suffered a cyber attack that led to the disruption of gas stations, the Iranian media has been tasked with putting a positive face and spin on the problem. So what is the best defense? A good offense.
Iran’s Tasnim News claimed that six months ago there was a massive cyber attack on a US fuel network. It quotes US media as reporting on the Colonial Pipelines incident in which a US fuel pipeline was shut down. According to reports at the time on May 14 the company had paid a “cyber-criminal gang” to prevent a data leak.
“One of the fuel transmission lines of the American company ‘Colonial’ was attacked by the ransomware of a hacker group living in Eastern Europe called ‘Darkside’” Iran’s media says.
The Biden government declared a state of emergency on Sunday, May 9, 2021, and he himself stated that he was concerned about the possible scale of the accident. The hackers seized 100 gigabytes of network information, Tasnim says. 10,000 gas stations were affected because they ran low on fuel.
This is Iran’s answer to its own cyber failure and the disruptions at home. It wants to make it seem like “this happens everywhere.” Iran media therefore also put out reports about a hospital in Israel that suffered a cyber attack and other cyber incidents in Israel. The implication from these reports, at Fars News, is that Israel is suffering cyberattacks. Iran claims to rely on “Zionist” media for its reports. It claims that a “hacker group had leaked intelligence files related to the regime’s army, which included information about hundreds of soldiers.” It claimed the cyber incident revealed details of soldiers in a “combat battalion of forces of the Zionist army.”
Iran Gas prices 298.88 (credit: AP)
The report on Fars news website in Iran even links to the Ynet article in Hebrew from Wednesday morning. The article refers to the “Moses staff” hacker group and a cyberattack that “published alleged IDF information files containing names, telephone numbers” and other details. This report also noted a previous report in 2019 that “Israel says Iran hacked ex-general [Benny] Gantz’s phone.”
Iran’s media is thus playing up hacking and cyberattacks abroad, particularly targeting Israel and the US to distract from its apparent own failures regarding cyber security. Iran has done this in the past. When Iran was hit by mysterious explosions and fires that embarrassed the regime and seemed to harm sensitive infrastructure, its media would be tasked to write about wildfires and explosions in the US as if to say “see these things happen everywhere.” Iran may also be pretending that it is linked to these incidents abroad, even though Iran doesn’t play up the Iranian angle. In short, Iran wants the plausible deniability of not being behind cyberattacks abroad. Evidence shows anyway that incidents that Iran media refer to are those done by hackers in Eastern Europe or Russia, not necessarily ascribed to Iran. There is no evidence Iran is behind some of the incidents it has linked to in the US.
Content retrieved from: https://www.jpost.com/middle-east/iran-news/cyber-insecurity-iran-highlights-other-cyber-attacks-after-gas-disruptions-683230.