Quick Hits

Website of Israeli Oil Refinery Taken Offline by Pro-Iranian Attackers

The apparent pro-Iranian Cyber Avengers posted images of BAZAN Groups's SCADA systems, diagrams, and programmable logic controller (PLC) code.

The website of Israel's largest oil refinery is inaccessible after it was attacked by an Iranian hacktivist group called Cyber Avengers.

BAZAN Group, formerly known as Oil Refineries Ltd, has been inaccessible for several days, with its websites either being refused by the company's servers, or timing out requests. According to Energy Portal, the website was accessible from within Israel, indicating the possibility of a geo-block imposed by BAZAN to counter the cyberattack.

Cyber Avengers claimed responsibility for the attack, which does not appear to have affected the operational technology environment. However, in an ominous move, the group released screenshots of BAZAN's SCADA systems, which are used to monitor and operate industrial control systems (ICS). The leaked information included diagrams of various systems and code for the refinery's programmable logic controllers (PLCs), which are used to physically control critical industrial equipment.

Apparently a pro-Iranian hacktivist group, the group stated that they breached BAZAN's network by exploiting a vulnerability in a firewall. The group posted a message on Telegram saying, "Since 2020 we've blown u up a lot, but the worst is yet to come."

Editors' Choice
Tara Seals, Managing Editor, News, Dark Reading
Jim Broome, President & CTO, DirectDefense
Nate Nelson, Contributing Writer, Dark Reading