WASHINGTON, D.C./TEHRAN – Head of the Iranian Civil Defense Organization, Brigadier General Gholamreza Jalali, stated that the United States has most likely been behind the large-scale cyberattack that recently targeted the Iranian infrastructure.
On February 8, the Iranian internet service suffered hours of disruption in what telecom authorities said was the result of DDoS cyberattack that the Iranians side says was “dealt with swiftly”. The powerful distributed denial-of-service (DDoS) attack caused connection issues for users, according to officials.
Brigadier General Jalali declared, in a televised interview on Thursday night, the unsuccessful DDoS attack probably originated from the United States.
“It’s very difficult and time-consuming to trace the source of a cyber attack. The Telecommunication Infrastructure Company is currently studying and looking for the source of the recent cyber attack against the country … but our analysis is that the US was the origin,” Jalali said.
“The Americans’ cyberattack has been foiled by our cyber defense unit,” he said, but at the same time warned that the recent attack might have been carried out to study the feasibility of a bigger attack.
“Since Americans failed to give a military response to our recent shoot-down of their unmanned aerial vehicle in the Iranian waters as well as our missile attack on Ain al-Assad base [in Iraq], they are responding to our country through continued economic pressure and cyberattacks,” Jalali noted.
“We have managed to control their cyberattacks, and they have failed to damage any section,” he said, adding, however, that the Islamic Republic must accelerate its efforts to launch its National Information Network in a bid to maintain services in case of bigger attacks.
Although the February 8 DDoS (Distributed Denial-of-Service) attack was dealt with immediately using the Iranian Information Technology Fortress, known as DEJFA, it still affected several service providers in Iran, including two notable mobile operators.
DDoS attackers normally use hijacked or virus-infected computers to target websites. During such attacks, websites become unreachable after an unusually large number of requests for information are sent to them, causing the servers that host them to fail.
Iran had previously reported cyberattacks sponsored by the United States and the Israeli regime that has targeted its key information infrastructure. DDoS attacks in September targeted Iranian websites that were involved in cryptocurrency trade. Authorities said those attacks were 20 times more powerful than similar attacks in other countries.
In a tweet on Sunday, Iranian Deputy Minister of Communications and Information Technology Hamid Fattahi announced that the country has repulsed the most extensive cyberattack against its infrastructures on Saturday.
“The hired hackers carried out the most extensive attack experienced in Iran’s history against the country’s infrastructures,” Fattahi wrote on his twitter page.
He warned that the hackers are after distorting the entire internet in Iran, adding, “The (recent) attack was repelled and the hackers are facing firewalls.”
The Iranian internet service suffered hours of disruption on Saturday in what telecoms authorities say was the result of DDoS cyberattack that was “dealt with swiftly”. A senior telecom ministry official said that a powerful distributed denial-of-service (DDoS) attack that began 11:54 a.m local Iranian time on Saturday caused users to experience connection issues.
Sajjad Bonabi said that the attack had affected several service providers in Iran, including two notable mobile operators. He said in a post on Twitter that the DDoS attack was dealt with immediately using the Iranian Information Technology Fortress, known as DEJFA.
“Through an intervention by DEJFA and cooperation of colleagues in Infrastructure Company, the communications are now in a normal condition,” said Bonabi who himself is the deputy head of Iran’s Telecommunication Infrastructure Company.
The official later posted another tweet saying that the last service provider affected by the attacks had reported normal conditions later on Saturday.