Iranian Regime Hackers Suspected of Cyber Intrusions in Bahrain
Suspected Iranian hackers infiltrated critical infrastructure and government computers in the Persian Gulf nation of Bahrain within the last month, raising fears among leaders in the region that Tehran is stepping up its cyberattacks amid growing tensions, the Wall Street Journal reported on Wednesday.
The intrusions, according to people familiar with them, rose above the normal level of the Iranian regime's cyber activity in the region.
On Monday, hackers broke into the systems of Bahrain’s National Security Agency—the country’s main criminal investigative authority—as well as the Ministry of Interior and the first deputy prime minister’s office, according to one of the people familiar with the matter.
On July 25, Bahrain authorities identified intrusions into its Electricity and Water Authority. The hackers shut down several systems in what the authorities believed was a test run of the Iranian regime’s capability to disrupt the country, the person said. “They had command and control of some of the systems,” the person said.
Around the same time, Aluminum Bahrain—a major employer and one of the world’s biggest smelters—was also hit, the person said. After publication of the Wall Street Journal's article, an executive of the firm, also known as Alba, said it was “not a recipient of a cyberattack.”
Two former U.S. officials familiar with the matter confirmed the cyber breaches in Bahrain, saying that at least three entities had suffered intrusions. One of the former officials said the breaches appeared broadly similar to two hacks in 2012 that knocked Qatar’s natural-gas firm RasGas offline and wiped data from computer hard drives belonging to Saudi Arabia’s Aramco national oil company, a devastating attack that relied on a powerful virus known as Shamoon.
The Bahrain authorities have been provided intelligence by the U.S. and others suggesting Iran's regime is behind the attacks, the people familiar with the matter said. Regional leaders in the Gulf—and security officials in the U.S.—believe the Iranian regime has been increasing its malicious cyber activity since tensions ratcheted up over a series of incidents across the Middle East, people familiar with their discussions told the Wall Street Journal.
It couldn’t be determined how damaging the intrusions in Bahrain have been, or whether the hackers had been expelled from the networks they had compromised.