Iran: Petrol stations paralysed by Israel-linked cyberattack
A cyberattack crippled Iran’s petrol stations on Monday, leading to long queues of cars snaking around the country seeking fuel.
Initially, Iranian officials refrained from confirming the cyberattack.
"There's no shortage of gasoline or diesel, and price hikes are not on the agenda. This disruption is a technical problem," the spokesperson of the industry association said.
"We urge people, if not in immediate need of gasoline, to refrain from visiting petrol stations until the issue is completely resolved."
According to the Republican Guard-affiliated Tasnim news agency, the smart fuel system that the majority of petrol stations in the country use was disconnected at 9.40 am.
New MEE newsletter: Jerusalem Dispatch
Sign up to get the latest insights and analysis on Israel-Palestine, alongside Turkey Unpacked and other MEE newsletters
Jalil Salari, deputy oil minister, said around 60 percent of stations were experiencing disruption – later raising that number to 90 percent in a separate interview.
'Since the Zionist enemy and America have received a blow on other fronts, they wanted to challenge Iran in this way but, this conspiracy will be thwarted'
- Javad Owji, oil minister
"Special teams are working across the country, and it will likely take six to seven hours for petrol stations to return to normal. By the day's end, we anticipate a full restoration," Salari said.
Oil Minister Javad Owji said the cyberattack was an attempt by Iran’s enemies to “inflict suffering”, suggesting Israel and the United States had carried it out in response to the war on Gaza and related regional turmoil.
“However, immediate manual activation of gas supply stations commenced after the system was cut off," he said.
"Since the Zionist enemy and America have received a blow on other fronts, they wanted to challenge Iran in this way but, this conspiracy will be thwarted."
Yemen’s Iran-aligned Houthi movement has disrupted international shipping in the Red Sea by attacking ships it claims are Israeli-linked.
Meanwhile, Lebanon’s Hezbollah has engaged with Israeli forces on the Lebanon-Israel border daily since the 7 October Hamas-led attack on Israel, and Iraqi paramilitaries have struck bases hosting US troops.
Claiming responsibility
A group calling itself Predatory Sparrow has claimed responsibility for the cyberattack.
On X, formerly Twitter, the group said: “We, the Predatory Sparrow group, once again targeted the national fuel supply system of the Islamic Republic of Iran.”
Tasnim said the group was affiliated with Israel and noted a similar incident happened in November 2021. According to the news agency, efforts were made to secure the operating system used by petrol stations after that attack.
“It seems that the oil ministry should answer why they have not been able to establish the necessary deterrence,” it wrote.
Similarly, one of Iran’s major steel companies said it had fought off a cyberattack in June last year. Predatory Sparrow claimed responsibility, saying it was a response to the "aggressions of the Islamic Republic".
Roots of the vulnerability
Mahdi Moslehi, a network security expert, told Entekhab news site that outdated cyberinfrastructure was the cause of repeated attacks. He said over-simple passwords and outdated operating systems in some government systems are easily exploited by hacker groups.
According to a cybersecurity expert and researcher, Iranian systems have numerous vulnerabilities due to the authorities’ strict limitations on people’s free access to the internet and social media platforms.
'Our infrastructure remains underprepared, we possess minimal defence mechanisms, resulting in severe damage during attacks'
- Iranian IT expert
He told Middle East Eye that many IT experts left the country in response to these restrictions, and many organisations in the public and private sector had faced security challenges as a consequence.
Another IT expert told MEE: "Unfortunately, individuals in government information security departments lack sufficient expertise and often get the job based on their contacts."
The expert said senior officials and managers lack skills when it comes to cybersecurity, and if the government wanted better protection “it should begin removing its top managers in the field of data security".
"Our infrastructure remains underprepared, we possess minimal defence mechanisms, resulting in severe damage during attacks. Since 2010, critical national infrastructures, especially in the oil and energy sector, have been targeted.
"Recent years have witnessed complex and destructive attacks in transportation and international trade," the IT expert said.
“If governmental companies and organisations do not strengthen their cyber defence system and do not pay attention to this issue, they will for sure face more destructive attacks.”
Middle East Eye delivers independent and unrivalled coverage and analysis of the Middle East, North Africa and beyond. To learn more about republishing this content and the associated fees, please fill out this form. More about MEE can be found here.