Iran Confirms Malware Attack on Petrochem Plants

Iran Confirms Malware Attack on Petrochem Plants
Iran Confirms Malware Attack on Petrochem Plants

Marzieh Shahdaei, managing director of National Petrochemical Company confirmed on Sunday that two unnamed petrochemical complexes were recently attacked by malicious software.

Shahdaei added that no link had been found between the detected malware and back-to-back fires that broke out in two major petrochemical complexes over the past few weeks, ISNA reported.

“Cyberattacks have always posed a threat to our complexes, which explains why the Civil Defense Organization authorities must be vigilant,” said Shahdaei, who also is a deputy oil minister.

According to Gholamreza Jalali, head of Iran's Civil Defense Organization, Iran has detected and removed malware from two of its petrochemical complexes, yet there is still no proof whether recent petrochemical fires were caused by cyber attacks.

Stressing that during inspection of the petrochemical plants, a type of industrial malware was detected and the necessary precautionary measures taken, Jalali implied that the malware at the two plants was inactive and seemingly did not play a role in the fires.

The National Cyberspace Council announced last week that it was investigating whether the recent petrochemical fires were triggered by a cyber attack.

Bijan Namdar Zanganeh, the oil minister, said last week that most of the fires in petrochemical plants had occurred because the privatized petrochemical companies had cut their budgets for health and safety inspections.

On July 6, a massive fire broke out in Bouali Sina Petrochemical Complex in the southern oil province of Khuzestan in what was described as the largest incident in the oil/gas industry in recent times.

The fire was put out after three days. Officials said the conflagration was triggered by leak of paraxylene, a highly flammable fuel. Nine people were injured. In a similar incident there was another blaze at the Bistoon Petrochemical Company in Kermanshah Province which was extinguished within hours.

  Cyber Attacks

Iran's energy industry has been on the receiving end of a series of cyber attacks in the past few years. According to reports, the US and Israel attempted to covertly sabotage Iran's nuclear program in 2009 and 2010 with the infamous Stuxnet computer virus.

According to Mohammad Reza Farajipour, an advisor on cyber affairs at the Civil Defense Organization, more than 80% of the world’s oil and gas companies have been the target of cyber attacks over the past 12 months, of which 50% have successfully damaged the companies which had problems in diagnosing the attacks.

Farajipour believes that managers of oil companies should be equipped with techniques and tactics of information technology management so as to secure the digital environment, minimize vulnerability and defend against serious attacks.

Proposing measures refineries can take to protect their equipment and infrastructure against cyber attacks, the official said, “Identification and valuation of capital in the cyber field, diagnosis of vulnerable points of refineries, assessing consequences of cyber risks and defining methods to reduce those consequences, are measures managers should take.”