Iran's Maritime Operations Crippled by Sophisticated Cyberattack
Iran's maritime operations have been significantly disrupted following a sophisticated cyberattack. The Israeli Defense Forces (IDF) and a hacking group, Lab Dookhtegan, are suspected to be behind the incident, which targeted at least 60 Iranian ships. The attack, which began in May and June, caused widespread communication disruptions in August.
The hackers meticulously mapped Iran's fleet, gaining persistent access to the network of the Iranian maritime authorities. They manipulated the Falcon system, disabling communications on numerous ships. The attack was particularly damaging as it coincided with new U.S. sanctions on Iranian oil, further impacting the country's maritime operations.
This is the second attack by Lab Dookhtegan this year, following a similar disruption of 116 ships in March. The latest incident has left the affected vessels effectively crippled, with each requiring a complete system reinstall. This process could keep ships idle for weeks or months, causing significant delays and economic losses.
The attackers aimed for permanent damage, overwriting six storage partitions with zeros and wiping logs, configs, and recovery data. This targeted approach hit at least 39 tankers and 25 cargo ships operated by sanctioned Iranian maritime companies. The group gained root access on Linux terminals running iDirect satellite software, demonstrating a high level of technical proficiency.
The cyberattack on Iran's maritime fleet has caused severe disruptions, with ships left unable to navigate, communicate, or even call for help. The attack, which targeted sanctioned companies, has exacerbated the impact of U.S. sanctions on Iranian oil. As the affected vessels undergo repairs, the Iranian maritime industry faces significant challenges in restoring normal operations.
Read also:
- Web3 gaming platform, Pixelverse, debuts on Base and Farcaster networks
- Amazon customer duped over Nvidia RTX 5070 Ti purchase: shipped item replaced with suspicious white powder; PC hardware fan deceived, discovers salt instead of GPU core days after receiving defective RTX 5090.
- Infiltration of Estonian airspace by Russian military aircraft
- Cyber aggression intensifies by China-backed TA415 group, targeting Taiwan's semiconductor production and supply networks
