Iranian Police say they have traced the attackers of the oil plant computers back in US and now expect American authorities to disclose the identities of the IPs, so Iran can sue them for sabotage. The case was pursued by the Iranian foreign ministry and the Interpol.
â€œ2 American IPs were identified in the (cyber) attack against the oil ministry,â€ said Seyed Kamal Hadianfar , Head of Information Production and Exchange Department of the Police, as quoted by Iranian Fars News Agency.
The hackers allegedly tried to infiltrate the Oil Ministry’s main servers on April 23 by installing malware to steal and destroy information. The virus was detected inside the control systems of Kharg Island, in charge of most Iranian crude oil exports.
Governmental representatives admitted some minor public data had been breached, mainly including user information. A few days later, an Iranian official announced authorities had identified the hidden agenda of the cyber attack, but couldnâ€™t disclose it without jeopardizing the investigation.
The information about the American IPs comes soon after a New York Times report that the Obama administration was behind the Stuxnet attack that hamstrung an Iranian nuclear research facility. Discovered in June 2010, Stuxnet was the first worm specifically designed to target industrial plants.
A month before the Oil Ministry servers were breached, Iran announced it will build up its cyber security measures by establishing a Supreme Council of Cyberspace and a National Center for Cyberspace to gain complete knowledge about the activities in cyberspace on domestic and international scales.