Israel-linked tech wizards blitz Iran’s petrol stations with cyber storm.

December 18, 2023
1 min read

Key points:

  • An Israeli-linked hacker group, Predatory Sparrow, has claimed responsibility for a major cyber-attack on Iran’s petrol stations.
  • The attack, which knocked out 70% of Iran’s petrol stations, was reportedly a response to “aggression” by Iran and its regional proxies.
  • The group insisted the attack was carried out in a controlled manner to avoid potential damage to emergency services.
  • The cyber-attack led to an interruption in services forcing Iranian customers to buy their fuel manually.

The hacker group, Predatory Sparrow, or “Gonjeshke Darande” in Persian, claimed responsibility for a significant cyber-attack that left approximately 70% of Iran’s petrol stations offline on Monday. In a statement, the group noted that the “controlled” attack was in response to “aggression” by the Islamic Republic and its proxies in the region.

The hacker group made a point of addressing the Iranian supreme leader, Ayatollah Ali Khamenei, stating: “Khamenei, playing with fire has a price.” However, Iran’s civil defence agency, responsible for cyber security, announced it was considering all possibilities for the source of the disruption, including external interference.

Javad Owji, Iran’s oil minister, highlighted that at least 30% of gas stations were functioning, with the rest progressively resolving the disruption in services. He later clarified that 1,650 petrol stations were operational out of a total of 3,800 petrol stations under the ministry’s supervision.

Following the attack, Iranian officials denied suggestions that the attack was a protest against plans to increase fuel prices, a move that incited widespread protests in 2019. This major cyber attack comes two years after a similar incident in October 2021 when Predatory Sparrow also claimed to have disrupted Iran’s fuel services.

The hacker group has previously admitted responsibility for cyber-attacks on the Iranian railway system and the state-owned Khuzestan Steel Company. While the group has a Persian name, there have been ongoing suspicions about the group having close ties to Israel, Iran’s major adversary in the Middle East.

Israel has been involved in a so-called shadow war with Iran for years, with the two sides attacking each other’s ships, ports, and other important infrastructure. However, Israel had not commented on the fuel station hack as of Monday afternoon.

Cyber-security experts said attacks like these typically involve malware or phishing techniques, and sometimes a worldwide team of hackers, underlining the growing capability of cyber criminal gangs to launch large-scale attacks.

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and