Bombshell leak shows Iran creating ‘target bank’ for future cyber assaults

Leaked documents show that Iran has taken a keen interest in British, American and French companies and activities. (AP/File Photo)
Leaked documents show that Iran has taken a keen interest in British, American and French companies and activities. (AP/File Photo)
Short Url
Updated 26 July 2021
Follow

Bombshell leak shows Iran creating ‘target bank’ for future cyber assaults

Leaked documents show that Iran has taken a keen interest in British, American and French companies and activities. (AP/File Photo)
  • Papers leaked by an anonymous source reveal Iranian plans to sink cargo ships, blow up gas stations remotely
  • Iran has long sought to become a leading cyber security actor, and the documents provide written proof that this intention comes right from the top

LONDON: Leaked documents have revealed Iran’s secret research into how the Republic’s cyber capacity could be used to sink cargo ships, blow up a petrol station or other forms of cyber assault, according to a report by Sky News.

The leaked documents — a set of internal files — also include information on satellite communications devices used in global shipping, and a computer system that controls lights and other appliances in smart buildings across the world.

They also show that the Islamic Republic has taken a keen interest in British, American and French companies and activities.

Sky News reported that an anonymous source that provided the documents believed that Tehran was collecting this information to identity targets for future cyber attacks.

“They are creating a target bank to be used whenever they see fit,” said the source.

Iran has allegedly been behind a number of attacks in recent weeks, including a years-long effort to trick British, American and other Western security and military officials into revealing sensitive information about their activities.

The papers, marked “very confidential,” also revealed that the Iranian regime is taking part in a concerted effort to make Iran a globally relevant cyber player — and central to this effort is the work of secretive units with the Islamic Revolutionary guards Corps (IRGC) aimed at improving the hermit country’s ability to strike overseas civilians and military infrastructure.

A quote by Supreme Leader Ali Khamene’i, close to the start of the papers, reads: “The Islamic Republic of Iran must become among the world's most powerful in the area of cyber.”

Sky’s source said this statement is the “commander's statement of intent.”

According to the source, the leaked documents came from a subsection of the IRGC’s Shahid Kaveh unit — named after one of the earliest zealots to join Ayatollah Khomeini in the early days of the Islamic republic’s war with Iraq, and who went on to become his personal bodyguard.

The unit, the source said, “are supposed to be rather clandestine. They work on offensive cyber operations globally.”

The reports, divided into five different papers, cover a range of potential attacks the Shahid Kaveh unit is believed to be planning.

That includes publicly-available information on how ballast systems in cargo ships work —‚ an analysis of whether this could be weaponized against the vessel.

"These pumps are used to bring water into the tanks through centrifuges and in order to operate correctly, the task must be completed with precision. Any problems could result in the sinking of the ship,” said the Iranian report, adding: “Any kind of disruptive influence can cause disorder within these systems and can cause significant and irreparable damage to the vessel.”

Another looks into whether fuel pumps in petrol stations, some of which have very lax cyber defenses due to outdated infrastructure, can be used by the IRGC. 

The report said cyber attacks could interfere with the operation of these pumps, and that “(An) explosion of these fueling pumps is possible if these systems are hacked and controlled remotely.”

Iranian agents also looked into using “smart buildings” to cause disruption, and looked into maritime communication devices as another potential means of assault. Both of these avenues of investigation, though, appeared to have come to nothing.

Ben Wallace, Britain's defence secretary, told Sky News that if the documents are authentic then they demonstrate that the UK and its allies are vulnerable to cyber attacks.

"Unless we do something about it, our critical national infrastructure, our way of life could be threatened quite easily," he said.

Cyber warfare is increasingly being seen as a key tool in the future of warfare.

The US, UK, Russia, China, Israel, North Korea and Iran all possess offensive cyber capabilities, but the nature of cyber strategy means it is often difficult to know exactly what a state is capable of.

Aside from the spate of Iranian attacks, other cyber attacks included the massive Solarwinds attack, which unleashed a virus on thousands of US government computer devices, and the Colonial Pipeline ransomware attack, which saw hackers breach an oil pipeline’s systems and demand millions of dollars in exchange for returning control to the pipeline owners.

The pipeline attack alone saw oil prices on America’s West Coast spike, causing widespread panic buying and disrupting the US economy.

General Patrick Sanders, the UK’s top military officer overseeing cyber operations, said Iran is “among the most advanced cyber actors. We take their capabilities seriously. We don’t overstate it. They are a serious actor and they have behaved really irresponsibly in the past.”