Stuxnet 2.0? Iran claims Israel launched new cyber attacks
Last week, Iran’s chief of civil defense claimed that the Iranian government had fought off Israeli attempts to infect computer systems with what he described as a new version of Stuxnet—the malware reportedly developed jointly by the US and Israel that targeted Iran’s uranium-enrichment program. Gholamreza Jalali, chief of the National Passive Defense Organization (NPDO), told Iran’s IRNA news service, “Recently, we discovered a new generation of Stuxnet which consisted of several parts… and was trying to enter our systems.”
On November 5, Iran Telecommunications Minister Mohammad-Javad Azari Jahromi accused Israel of being behind the attack, and he said that the malware was intended to “harm the country’s communication infrastructures.” Jahromi praised “technical teams” for shutting down the attack, saying that the attackers “returned empty-handed.” A report from Iran’s Tasnim news agency quoted Deputy Telecommunications Minister Hamid Fattahi as stating that more details of the cyber attacks would be made public soon.
Jahromi said that Iran would sue Israel over the attack through the International Court of Justice. The Iranian government has also said it would sue the US in the ICJ over the reinstatement of sanctions. Israel has remained silent regarding the accusations.
The claims come a week after the NPDO’s Jalali announced that President Hassan Rouhani’s cell phone had been “tapped” and was being replaced with a new, more secure device. This led to a statement by Iranian Supreme Leader Ayatollah Ali Khamenei, exhorting Iran’s security apparatus to “confront infiltration through scientific, accurate, and up-to-date action.”
While Iran protests the alleged attacks—about which the Israeli government has been silent—Iranian hackers have continued to conduct their own cyber attacks. A recent report from security tools company Carbon Black based on data from the company’s incident-response partners found that Iran had been a significant source of attacks in the third quarter of this year, with one incident-response professional noting, “We’ve seen a lot of destructive actions from Iran and North Korea lately, where they’ve effectively wiped machines they suspect of being forensically analyzed.”