A cyberattack was launched in the midst of Israel-Hamas war. (Credit: Bigstock)
Hacker group Predatory Sparrow claimed responsibility on social networks last Monday for the cyberattack that had just targeted Iran's fuel distribution system, disrupting 70 percent of the entire network. The incident prevented Iranians from using their bank cards to pay for their subsidized petrol withdrawals.
In October 2021, the hacker group claimed responsibility for a similar attack, during which Iran's national gas station payment system was also taken offline. During the attack, they allegedly hacked digital billboards on roads, causing them to display a message saying "Khamenei, where's our fuel?," addressing the country's supreme leader.
On Monday, the group addressed the Iranian leader again, claiming responsibility for the attack: "As we warned you before, we will respond to your malicious provocations in the region." The incident comes in the midst of the Israel-Hamas war, which also involves the pro-Iranian Lebanese Hezbollah, and amid the Houthi rebels’ attacks in the Red Sea and Gulf of Aden.
Who's behind Predatory Sparrow?
Presenting itself under its Persian name Gonjeshke Darande, the Predatory Sparrow group displays a precise grasp of risks, while having a consequent impact. In June 2022, it claimed responsibility for a fire at a steelworks in Iran, describing its action as a response to unspecified "aggression" from the Islamic Republic. The group then asserted that the target company, along with two others targeted that same month, was continuing its activities despite the international sanctions to which it was subject, specifying that it carried out its cyberattacks "with caution, to protect innocent people.” This suggests that "the group is either directed or sponsored by a nation-state,” a manager at Check Point Software, a company specializing in cyber research, told the BBC in July 2022.
The entity suspected [to be behind the cyber attacks] is Israel, which has been waging a shadow war against Iran for decades, including on the cyber front. Many experts link the group to Israel, although no official affiliation is recognized.
The cyber-attacks, such as the one on the steelworks in 2022 that caused physical damage, are rare. The last such operation against Iran, in 2010, was considered by many observers to have been carried out by Israel, with the support of the US. Both are firmly opposed to the Islamic Republic obtaining nuclear weapons. This was because the target included Iran's nuclear program facilities at Natanz, which had been infected by the Stuxnet computer virus. The virus is said to have caused considerable damage to the centrifuges used to enrich uranium, considerably slowing down the development of Iran's nuclear capabilities.
Cyberwar in the background
The cyber-attack on the gas stations took place in the midst of the Israel-Hamas war, triggered by Hamas's al-Aqsa Operation on Oct. 7. In this war, the United States is Israel's staunch ally, while Iran supports Hamas. Iranian Oil Minister Javad Owji accused Israel and the United States of orchestrating the attack. He accused "the Zionist enemy and America" of "wanting to cause problems for people because they have suffered defeats on other fronts.” This was a sort of response to a warning addressed by Predatory Sparrow to Ali Khamenei on social networks: "Playing with fire has a price."
"The Israeli government refused to comment on the incident," wrote Amwaj media outlet. In contrast, Israel's National Cyberspace Directorate (INCD) accused hackers allegedly linked to Iran and Hezbollah of targeting an Israeli hospital three weeks earlier, during which confidential data was compromised. This suggests a link with the cyberattack on gas stations in Iran.
This article was originally published by L'Orient-Le Jour.