Cyberattack in Iran Targets IoT Infrastructure

On October 26, 2021, the whole of Iran was hit by a cyber attack that targeted Internet-of-Things infrastructure. Gas pumps and billboards were the main targets affected. We explore details of the incident and analyze what this tells us about infrastructure and cybersecurity.
Share on linkedin
Share on twitter
Share on facebook

On October 26th, Iran was hit with a cyberattack that halted operations at all gas stations in the country. Iranians typically use government-issued electronic cards to purchase gas but the cards were rendered unusable by the attack. When drivers swiped their cards, gas pumps displayed a message that read “cyberattack 64411.” The number is associated with a government-run hotline that answers questions relating to Islamic law.

In addition to gas stations, the attack simultaneously targeted digital billboards throughout the country, causing them to display angry messages. One, directed at Iran’s President read, “Khamenei! Where is our gas?” Another, referencing the home of past leader Ayatollah Ruhollah Khomeini, said, “Free gas in Jamaran gas station.”

Though a perpetrator has not yet been identified, the Iranian government supposed that the purpose of the attack was to make “people angry by creating disorder and disruption.” By the following day, most gas services had been restored.

What Does This Mean for Cybersecurity?

Over the past few years, cities and countries have built up infrastructure around internet-connected machines and devices, called the Internet of Things or IoT. Iran’s electronic gas cards and digital billboards are examples of IoT. Other cities and countries have set up digital help kiosks, ‘smart’ traffic lights, and internet-connected public transportation. 

IoT has been hugely useful in improving efficiency, safety, and overall experience for the people of many localities. However, the risk that accompanies it is that more elements of vital infrastructure are made vulnerable to cyberattack. The U.S. experienced a similar attack last spring, which shut down its largest source of gas, the Colonial Pipeline, and caused shortages across the country. 

As more systems are modernized with internet connectivity and ‘smart’ features, local and national governments must be sure to secure them against cyberattacks.

What’s Next?

While Iran’s IoT infrastructure was back in state control by the following day, this incident has served as a wake-up call to cyber experts across the world.

The cyber news outlet ThreatPost interviewed corporate and government members of the cyber community to gain insight on how this attack is being viewed. Most notably, Nasser Fattah, North America steering committee chair for third-party risk-management commented that, “the incident demonstrates that attacking common consumer goods, like gas, can quickly have an immediate impact on the economy. Think of delivery trucks, due to shortage of gas, now cannot deliver goods to the market. Such cyberattacks can also have a ripple effect in society that can lead to riots and mayhem.”

We’ll be interested to see how countries around the world take initiative to level up their cybersecurity defenses over the coming years.




Related Articles