- VA apologizes to forgotten Marine veteran locked in Fla. clinic, forced to call 911
- U.S. social and economic trends on worrisome track, survey finds
- McDonald nomination unanimously referred to full Senate
- Chuck Norris honorary chairman of NRA voter registration campaign
- GOP outraged Obamacare investigators able to get coverage with fake IDs
- Family removed from Southwest flight over tweet about rude agent, dad says
- Michael Bloomberg thumbs FAA ban, plots course to Israel
- California bans full-contact football practices in off-season
- Thune: Downed fighter jets show more evidence of separatist capabilities
- Obama tells DNC fundraising crowd: ‘I’m not overly partisan’
Virus origin in Gulf computer attacks in question
Question of the Day
“My guess would be that it was another Shamoon attack,” said Jeffrey Carr, the head of Taia Global, a computer security firm in McLean, Virginia.
Carr believes hackers working on behalf of the Iranian government were behind both attacks. He notes similarities between Shamoon and a virus that previously struck Iran, suggesting that Iran-linked hackers may have created Shamoon by adapting computer code from the earlier virus.
A number of Iranian groups have the skills to carry out an attack of this scope and may be using false claims of responsibility to obscure Tehran’s involvement, he said.
Iranian officials have not commented publicly on the latest viruses to hit the region. But Iran appears to be building up corps of pro-regime hackers, including a secretive “Cyber Army” thought to be linked to the country’s powerful Revolutionary Guard. Lebanon’s Iran-backed militant Hezbollah group is also believed to count skilled hackers among its ranks.
Tehran has been on the receiving end of a series of computer attacks in recent years.
Iranian technicians cut off Internet links to Iran’s Oil Ministry, rigs and the hub for nearly all the country’s crude exports earlier this year as they tried to battle malicious software known as Flame, which was able to steal information and spy on users.
In 2010, a virus called Stuxnet tailored to disrupt Iran’s nuclear centrifuges caused some setbacks within its uranium enrichment labs and infected an estimated 16,000 computers, Iranian officials say.
Alexander Klimburg, a computer security expert at the Austrian Institute for International Affairs, said the latest attacks against Saudi Arabia and Qatar are more complex than those typically employed by “hacktivist” groups seeking to highlight particular political or social causes.
He agrees that Iran might be involved, though he acknowledges it is difficult to know for sure.
“There has been an Iranian strategy … to interrupt the flow of oil out of the Strait of Hormuz,” he said. “Nobody’s ever said they’d do it just with fast boats,” a reference to the armed Revolutionary Guard craft that ply the Persian Gulf.
But other experts have their doubts.
Vitaly Kamluk, chief malware expert at Russian security company Kaspersky Lab, said that while the attacks appear to be acts of sabotage, there was no firm evidence that they were linked, nor was it known who exactly might be behind them.
“Attribution,” he said, “is extremely hard in cyberspace.”
TWT Video Picks
Retailer pays a price for getting too close to Obama
- House task force to recommend National Guard on border, faster deportations
- CARSON: Costco and the perils of mixing politics and business
- Obama orders Pentagon advisers to Ukraine
- HURT: The cost of 'free' water in Detroit
- Two Ukrainian fighter jets shot down
- David Perdue defeats Jack Kingston in Georgia Republican Senate primary runoff
- DEACE: How to go from civil rights icon to bigot in one quote
- Beretta moving to Tennessee over Maryland gun laws
- IRS seeks help destroying another 3,200 computer hard drives
- D.C. appeals panel deals big blow to Obamacare subsidies
Obama's biggest White House 'fails'
Celebrities turned politicians
Athletes turned actors
20 gadgets that changed the world
Fighting in Iraq