Due to a cyberattack that damaged the whole distribution network, gas stations operated by the National Iranian Oil Products Distribution Company (NIOPDC) in Iran have ceased operations today.
As a result of the incident, several electronic road billboards have been hacked to display messages demanding an explanation or requesting fuel.
The NIOPDC network, which covers the country, has over 3,500 stations and has been providing oil products for over 80 years.
The reason for this disturbance is being investigated, and while there is no public evidence regarding who caused it, Iran is accusing a foreign nation.
A message appearing on the devices saying cyberattack 64411 is a hint, but it might potentially be a false lead.
The note refers to a hack that crippled Iran’s rail operations in July. The attackers also changed the railway message boards to imply that hackers were responsible for train delays or cancellations and displayed the phone number for Supreme Leader Ali Khamenei’s office.
According to SentinelOne’s research, Iran’s railway station system was attacked with malware named Meteor that was specially designed to remove data (file wiper) and had never been seen before.
Some Iranians were left without petrol after waiting for hours for the stations to open after yesterday’s incident. What’s more, according to media sources, customers who sought to obtain discounted fuel at 5 cents a liter or 20 cents per gallon using government-issued cards received the “cyberattack 64411” warning.
Local media first reported that the gas station outage was due to a technical fault, but subsequently clarified that a cyberattack caused the problem.
As per BBC journalists Kian Sharifi and Shayan Sardarizadeh, Iranian state television acknowledged allegations of a cyberattack on gas stations. Iran’s Supreme Council of Cyberspace considers the attack state-sponsored, albeit it’s too early to determine which nation is responsible.
