MINA reported Wednesday that Iran’s nuclear facilities have suffered a cyber attack that diabled their computers and played music from the rock band AC/DC.
A new worm targeted Iran’s nuclear program, closing down the “automation network” at the Natanz and Fordo nuclear facilities. MINA cites the story was reported on the F-Secure Security Labs web site.
The substance of the text appears to be thus:
“I am writing you to inform you that our nuclear program has once again been compromised and attacked by a new worm with exploits which have shut down our automation network at Natanz and another facility Fordo near Qom.
According to the email our cyber experts sent to our teams, they believe a hacker tool Metasploit was used. The hackers had access to our VPN. The automation network and Siemens hardware were attacked and shut down. I only know very little about these cyber issues as I am scientist not a computer expert.
There was also some music playing randomly on several of the workstations during the middle of the night with the volume maxed out. I believe it was playing ‘Thunderstruck’ by AC/DC”.
The virus also prompted several of the computers on site to play the song “Thunderstruck” by AC/DC at full volume in the middle of the night, according to the e-mail, part of which is published in English on the website.
F-Secure Security Labs, which is linked to F-Secure Oyj (FSC1V), the Finnish maker of security and cloud software, said that while it was unable to verify the details of the attack described, it had confirmed that the scientist who reported them was sending and receiving the e-mails from within Iran’s Atomic Energy Organization.
Iran’s nuclear program and oil facilities have been subject to a succession of cyber attacks that the Foreign Ministry said in May were launched by hostile governments as part of a broader “soft war.” Iran accuses the U.S. and Israel of trying to sabotage its technological progress. Both countries say Iran’s nuclear activities may have military intent, an allegation that Iran denies.
Call me a cynic if you will, but I suspect that this is one story that cannot, or will not be confirmed or denied. One has to question the authenticity of the emails purportedly originating from a “scientist” the AEOI.