News

Publication of a detailed report on passive defense against the attack on the fuel system

Elham Zibaei
January 1, 2024
4 Mins Read
538 Views
0 Comments
fuel system defense

It is stated in this report that the nature of the attacking malware of APT type has been identified and neutralized

According to Iran digital economy annotation, By publishing a detailed report on the cyber incident in the intelligent fuel distribution system, the National Defense Organization announced the sending of the technical report of the attack on the fuel system to the judicial authorities. Non-functional Defense Organization has published this report even though none of these companies took such action after similar incidents that happened to private companies (such as the recent hack of Snappfood or Tapsi).

The investigations carried out in this report show that the nature of the APT-type attacking malware has been identified and neutralized. This malware had infiltrated and planted malware agents in the system through the vulnerability of the payment network. Regarding which group or government this malware belongs to, more digital evidence is needed for definitive attribution.

The Non-Active Defense Organization has also stated in its report that this organization is accountable to the General Staff of the Armed Forces and the Islamic Council for its legal responsibility in “higher supervision, guidance and direction of the policies, programs and approvals of the permanent working group of the Non-Active Defense”.

Of course, he has also emphasized that in this incident, the officials of the fuel network, financial receipt and payment network are directly responsible for the response, and the inactive defense organization has been notified of the implementation of tasks, plans and orders.

In another part of the report, it is stated that the occurrence of cyber incidents caused by technical defects, infiltration and attack is part of the nature of cyberization of infrastructure and services and is a cognate of development, and their occurrence is not only in Iran but in many countries.

This organization has announced in its report that the group of the Ministry of Oil and the National Iranian Oil Products Distribution Company had an acceptable performance in the “time of crisis” sector. It is also said that this incident has improved services to the people within a few hours. The Non-Active Defense Organization claims that a large number of gas stations were still experiencing problems for a few days after the cyber attack.

Other parts of the report are about the consequences and actions of this crisis as follows:

Consequences of the event

The deactivation of fuel terminals, the deactivation of IPC and the loss of the ability to monitor the consumption and sale of petroleum products are among the consequences of this incident.

In another part of this organization’s report, the actions of the passive defense organization of the country in three stages before, during and after the crisis have been examined.

Pre-crisis measures

• Conducting cyber drills and exercises at Iran’s National Oil Products Distribution Company with a focus on the intelligent fuel system in 2020. (one year before the first attack)

• Sending the report of the drills along with perceived threats, discovered vulnerabilities and short and medium term security solutions to the Ministry of Petroleum and the National Cyber ​​Space Center

• Notification of the emergency security plan of the intelligent fuel system to the Ministry of Petroleum (after the first attack)

• Communicating the necessary measures in different situations of cyber threats based on warnings and alerts to the National Oil Products Distribution Company

• Sending the audit report of the emergency security plan to the National Cyberspace Center (after the first attack

Actions during the crisis

In the morning of the cyber incident, the National Defense Organization took over the management and direction of the incident investigation committee, and important decisions were made with the presence and cooperation of the relevant trustees.

First step: immediate investigation and informing the people

Second stage: separating the system from fuel supply and implementing the continuity plan

Disconnection of all network components connected to the country’s smart fuel system network

Removing the fuel distribution network and pumps from the system mode for manual execution

50% of manual operation in the first 6 hours after the accident

90% manual implementation within 24 hours after the incident

Out of a total of 4396 locations, 614 locations that were not connected to the payment network were not damaged.

The third step: investigating the origin of the accident, the origin of the accident

Fourth step: Implementation of emergency security measures

Post-crisis measures

• Evaluation of the defense and restart of the intelligent fuel system and notification of permanent protection

• Documenting and determining the minors and the guilty and introducing them to the relevant authorities

Share Article

Follow Me Written By

Elham Zibaei

Other Articles

No Comment! Be the first one.

Leave a Reply

Your email address will not be published. Required fields are marked *

Sign up for our free newsletter

We’ll be in your inbox every weekend with all the week’s top business news, Videos, Podcasts, etc from IDEA.

Please enable JavaScript in your browser to complete this form.

Copyright © 2024 Iran Digital Economy Annotation All rights reserved.