Tag Archive for: railway

Indra hacking group blamed for attack on Iranian railway system that trolled country’s supreme leader • Graham Cluley

/in


Indra hacking group blamed for attack on Iranian railway system that trolled country's supreme leader

On 9 July, Iran’s railroad system came under attack from hackers.

The attackers posted messages on station departure boards warning of “long delay[s] because of cyberattack”, and suggesting inconvenienced passengers call “64411” for more information.

64411 is reportedly the telephone number of the office of Ayatollah Ali Khamenei, Iran’s supreme leader.

The following day, Iran’s transport ministry said that its computer systems and website had suffered “widespread disruption…probably due to a cyberattack.”

An analysis by experts at Sentinel One pointed the finger of blame towards MeteorExpress (also known as Meteor), a previously unseen type of wiper malware that wiped computer file systems and locked out users.

Inevitably, Iran wasn’t terribly pleased about having its systems attacked by the hackers, and there have been reports that a subsequent drone attack by Iran against an Israeli-operated oil tanker, which resulted in the death of two crew members, might have been launched in a tit-for-tat response to the cyber attack.

However, an investigation by security researchers at Check Point has concluded that the attack was the work of a hacking gang called Indra that works against the Tehran regime, rather than an attack sponsored by a nation state such as Israel.

Sign up to our newsletter
Security news, advice, and tips.

Was it Israel? Was it Indra? Was it Indra working under the orders of Israel?

It’s hard to be certain.

But whoever was responsible for the attack on Iran’s train system which trolled the country’s supreme leader should probably consider that it’s no laughing matter, and that things could very quickly and seriously escalate.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.

Source…

‘Cyberattack’ hits Iran transport ministry and railway – Middle East Monitor

/in


The website of Iran’s transport ministry was taken down on Saturday by what state television said was a “cyber disruption”, a day after an apparent cyberattack on the state railway company, reported Reuters.

Computer systems of the staff of the Ministry of Roads and Urban Development were the subject of the attack which resulted in the ministry’s portal and sub-portal sites becoming unavailable, the TV channel reported.

It didn’t give any indication of who it believed could have been behind the attack and did not say if any ransom demand had been made.

Train services had been disrupted on Friday, with hackers posting fake delay notices on station boards, state-affiliated news outlets reported. The government-run railway company said only the displays had been affected and that trains ran normally.

Opinion: Middle East nuclear proliferation may be on the way, but the immediate threat is cyberwarfare

Telecommunications Minister Mohammad Javad Azari-Jahromi warned on Saturday of possible ransomware attacks unless vulnerabilities in computer systems were dealt with, Iranian news outlets reported.

In late 2020, Iran said hackers launched large-scale attacks on two of its government institutions, without giving details on the targets or the suspected perpetrators.

Iran says it is on high alert for online assaults, which it has blamed in the past on the United States and Israel. The United States and other Western powers meanwhile have accused Iran of trying to disrupt and break into their networks.

Israel general: Destroying Iran nuclear program harder than destroying Iraq’s, Syria’s

Source…