According to the Washington Post and many other news outlets, On May 9, operations at Iran’s new Shahid Rajaee port terminal came to an abrupt halt as computers that regulate the flow of vessels, trucks and goods all crashed at once creating massive backups on waterways and roads leading to the facility.
As more details of the attack emerge, it seems that the attack was carried out by Israeli operatives, presumably in retaliation for an earlier attempt to penetrate computers that operate rural water distribution systems in Israel (neither country officially confirmed being involved in attacks against the other).
Radiflow has previously assessed and reviewed the direct cyber-attack on OT assets with a goal to disrupt normal water supply and management to Israeli citizens.
Although some sources commented that the attack was not sophisticated in technical terms, Radiflow has highlighted some aspects of it which indicated a high-level of expertise and planning.
The attack also revealed the poor state of readiness of water facilities in general: through our dealing with water infrastructure operators worldwide, we can safely assert that the majority of water facilities in the world are not sufficiently protected to cope with such hacking operations.
[inject id=’code-47fd23f73a9caecab1e206306adae7f9′]
Additionally, the bar for cyber conflicts between national adversaries is constantly rising, and although the signal that was given to Iranians (according to the Washington Post) notes that cyber-attacks on civilian critical infrastructures are unacceptable, we believe that cyber criminals are always looking to gain a foothold in OT networks – whether in preparation for a later disruption, or as a potential target for extortion of operators. Therefore, OT cyber-threat assessment and detection are critical to secure any organisations OT cyber security posture.
Harmonizing risk and consequence strategies across IT and OT environments for greater cyber resilience
Strengthening OT Resilience: Protecting Critical Systems in a Rapidly Evolving Threat Environment
Quarterly ICS Security Report 2024 Q3