Iran threatens to counter cyber warfare with legal action

Haaretz

Iran plans to take legal action against anyone proved to be linked to cyber-attacks against its public computer networks or national infrastructure systems, the semi-official Fars news agency reported Wednesday.

Head of the Iranian Presidential Center for International Legal Affairs Majid Jafarzadeh told Fars that Iran has been consulting legal experts with the intention of suing those responsible for the cyber-attacks it came under in recent years.

“We’ll take this issue as high as we can in the Justice system," said Jafarzadeh. Currently, he said, they are waiting for crucial information that will allow Iran to identify those responsible for the cyber-attacks.

Iran's threat of taking legal actions is considered as part of efforts to defend the country against cyber-attacks described by Eugene Kaspersky, founder of the largest antivirus company in Europe, as the “most dangerous innovation of the 21st century.”

The Iranian cabinet announced over the weekend that all government websites would be moved to domestic servers by September, in an effort to reduce the risk of hacking and in order to reduce Iran's dependence on a network which is controlled "by one or two countries."

The only other country to own such internal computer network, not linked to any global networks, is North Korea.

A new virus had attacked nuclear facilities in Natanz and Fordo, a scientist at the Atomic Energy Organization of Iran claimed three weeks ago. The computer virus, he said, was able to shut down command and control equipment based on the Scada system manufactured by Siemens. The attack was similar to that of the Stuxnet virus, which was successful in compromising the same system in 2010.

Using a remote access point, the scientist explained, the hackers were able to access a virtual private network (VPN) and paralyze the Siemens hardware and other automated systems at the facilities. The scientist added that from time to time, the workstations played heavy metal music at deafening levels. “I believe they were playing ‘Thunderstruck’ by AC/DC,” the scientist wrote.

Last June Iran said it had been under a massive cyber-attack. Iran accused Israel, the United States and Britain as being behind the attack, which they said took place “only days after the nuclear talks between Tehran and the West began.”

Iran’s Communications, Information and Technology Minister Reza Taqipour reported in July that his country had “successfully contended with sophisticated spyware and foiled a cyber-attack against state facilities.”

Taqipour said that two types of viruses were used in the attack – one targeting the public network, while the other was used for surveillance. The spyware was described by the minister as “developed by governments and also sent by governments,” with the objective of spying on strategic state facilities and infrastructure.

"All of the attacks were foiled and our preparedness to confront such threats is growing every day," he said, adding that at times Iran is subject to some 2 million simultaneous attacks.

Cyber-warfare against Iran first made headlines in 2010 after the Stuxnet computer virus was detected. The virus was designed to damage command and control systems in Scada-based facilities. It took months until the Iranians were able to patch the system's security breaches and to repair the damages done to the uranium-enrichment centrifuges at Natanz.

Subsequently, Iran reported it was attacked by two other spyware programs which were also attributed by many to Israel and the United States. One of the spywares, named Duqu, was primarily used for surveillance; Flame, the second, used cyber-attack tools and was able to erase data from hosting computers.