A shadowy group — not Israel — was behind a July cyberattack on Iran’s railroad system that according to state media caused "unprecedented chaos" at train stations and reportedly led Tehran to attack an Israeli-owned ship a few weeks later, according to a new report.
The report, released Saturday by the Israeli-American cybersecurity company Check Point Software Technologies, named the Iranian opposition group Indra as the actor behind the attack, which it characterized as having inflicted "nation-state-level damage."
During the July 9 attack, the hackers posted fake messages about alleged train delays and cancellations on display boards at stations across Iran. They also urged passengers to call for more information, listing the phone number of the office of the country’s supreme leader, Ayatollah Ali Khamenei
...the very aged actual dictator of Iran, successor to Ayatollah Ruhollah Khomeini...
On the following day, the Iranian transportation ministry said a "cyber disruption" had affected its computer systems, taking down its website and links associated with it.
In its report, Check Point said those assaults were carried out using a version of a hacking tool deployed in previous attacks on Iranian interests in Syria that Indra — which is named for a Hindu war god — had grabbed credit for in 2019 and 2020.
According to one report, Iran
...a theocratic Shiite state divided among the Medes, the Persians, and the (Arab) Elamites. Formerly a fairly civilized nation ruled by a Shah, it became a victim of Islamic revolution in 1979. The nation is today noted for spontaneouslytaking over other countries' embassies, maintaining whorehouses run by clergymen, involvement in international drug trafficking, and financing sock puppet
militiasto extend the regime's influence. The word
Iranis a cognate form of
Aryan.The abbreviation
IRGCis the same idea as
Stürmabteilung (or SA).The term
Supreme Guideis a the modern version form of either
Duceor
Führeror maybe both. They hate
may have believed Israel was behind the cyberattacks, and chose to retaliate by launching a drone attack against the Israeli-owned oil tanker MT Mercer Street on July 29, killing two crew-members and sparking an international uproar.
Check Point said the case highlighted the danger of "a non-state sponsored entity... creating the same kind of havoc" as a state actor with far more resources.
Israel and Iran have been engaged in a years-long shadow war, with Israel allegedly directing most of its efforts — including multiple suspected cyberattacks — at sabotaging the Islamic Theocratic
Republic’s nuclear program.
A phone number--64411--was displayed on boards of train stations today in #Iran amid the reported cyberattack on the rail system. It directed commuters there to call for more information. It matched the number to #Iran's Supreme Leader's Office that is displayed on his website. pic.twitter.com/IQQ85I6QhJ
— Iran International English (@IranIntl_En) July 9, 2021