Analysis: Iran’s energy sector is now a high-stakes espionage target

Iran Petroleum Oil MinistryThe state-owned energy sector of Iran, one of the world’s most lucrative, has become a major target of international espionage since the imposition of new sanctions by the United States this year. The purpose of Washington’s sanctions is to limit the Islamic Republic’s ability to export energy, and by doing so end the country’s reliance on its primary source of income. It is estimated that Tehran’s energy exports have fallen by about 80 percent during the past year, and may continue to fall if the US has its way. This means that American and Iranian intelligence agencies are currently engaged in an intense war of espionage that concentrates on what remains of Iran’s oil exports. Iran continues to entice international buyers by selling energy at below-market prices, while sales are facilitated through the use of throwaway bank accounts that are difficult to trace. Exports are then carefully smuggled into overseas destinations through a variety of means.

In an article published last week, The New York Times’ Farnaz Fassihi explains that every snippet of information about Iran’s oil industry has now become “a prized geopolitical weapon” in a “a high-stakes global game of espionage and counterespionage”. Fassihi quotes a recent statement by Iran’s Minister of Petroleum Bijan Zanganeh that “information about Iran’s oil exports is war information”. That includes information on how Iran manages to deliver its exports abroad and how it gets paid for doing so. Once the US tightened its sanctions on Tehran, Iranian energy officials began to suspect that most inquiries to purchase oil were from foreign spies in search of information on the methods of transaction, writes Fassihi. So the Ministry of Petroleum stopped allowing thousands of freelance energy brokers to mediate between it and buyers. It proceeded to concentrate all transactions into the hands of fewer than five vetted individuals with prior tenure in the Iranian Revolutionary Guards Corps and other vetted government agencies. It also began to train Ministry officials on security and counterespionage protocols.

When the Iranians made it difficult to access information through the Ministry of Petroleum, foreign spy agencies changed their tactics, writes Fassihi. They used foreign academic researchers, including PhD students, who offered payments in hard cash for information on Iranian oil export methods that would help them in their research. Others descended on Tehran offering visas to the US, alcohol, prostitutes, and cash payments ranging from $100,000 to over $1 million in exchange for intelligence on the Iranian energy export sector. There is an atmosphere of paranoia in the Iranian capital, writes Fassihi, and the process of purchasing oil from Iran resembles a Hollywood spy thriller. Representatives of foreign buyers are asked to come to Tehran in person and are regularly required to switch hotels in the middle of the night. Additionally, once a transaction is agreed upon, the buyer’s representative is required to stay at a Petroleum Ministry safe house until the funds are transferred into Iranian government coffers. After that, the representative is allowed to leave, writes Fassihi.

Author: Joseph Fitsanakis | Date: 13 August 2019 | Permalink

Iran announces arrest of 16 oil ministry officials for spying for CIA

Iran Petroleum Oil MinistryIranian state media announced on Sunday the arrest of 16 officials in the country’s Ministry of Petroleum, allegedly for sabotaging Iranian energy policy. It is not known whether these arrests are in any way connected with Tehran’s announcement last week that it had dismantled “one of the most complicated” espionage operations by the United States Central Intelligence Agency in several countries. According to the state-owned Fars News Agency, the 16 officials were arrested over the weekend in synchronized pre-dawn raids. All of them had managerial positions in Iran’s oil industry —including in the areas of exploration, production and distribution of Iran’s oil and petrochemical products inside the country as well as abroad.

The report about the latest arrests cited Hossein Ali Haji Deligani, a senior legislator representing the most conservative political wing in the Iranian parliament. Deligani said that the ministry employees “operated under a woman”, whom he did not name. Working in concert, the employees had been “able to influence […] the oil ministry to put off important decisions” and to “make wrong decisions”. These decisions were “in line with the enemies’ goals and against Iran’s national interest”, and ultimately delivered “a blow to the country in the United States economic war against Iran”, said Deligani. He did not elaborate on the topic and did not discuss whether the arrests were linked to the dismantling of an alleged CIA cyber espionage operation, which Iran announced last week.

Sunday’s announcement by the Fars News Agency comes two days after the execution of Jalal Haji Zavar, an employee of Iran’s Aerospace Industries Organization, which operates under the Iranian a unit of the Ministry of Defense. Zavar was executed on Friday after a military court found him guilty of having committed espionage against Iran on behalf of the CIA. Media reports said that unspecified incriminating documents and “spying equipment” were found in Zavar’s home.

Author: Joseph Fitsanakis | Date: 25 June 2019 | Permalink

Comment: Who authored computer virus that ‘dwarfs Stuxnet’?

Flame virus code segmentBy JOSEPH FITSANAKIS | intelNews.org |
When the Stuxnet computer virus was detected, in 2010, it was recognized as the most sophisticated malware ever created. It had been specifically designed to sabotage Siemens industrial software systems, which were used in Iran’s nuclear energy program. Not surprisingly, most Stuxnet-infected computers were in Iran. Now a new, massive and extremely sophisticated piece of malware has been detected in computers belonging to the Iranian National Oil Company and Iran’s Ministry of Petroleum. It is called Flame and, according to antivirus company Kaspersky Lab, which first spotted the virus last week, it is “one of the most complex threats ever discovered”. Simply consider that Stuxnet, which caused unprecedented waves of panic among Iranian cybersecurity experts, was 500 kilobytes in size. Flame is over 20 megabytes in size, consisting of 650,000 lines of code; it is so complex that it is expected to take programming analysts around a decade to fully comprehend. The two are different, of course. Stuxnet was an infrastructure-sabotaging malware, which destroyed hundreds —maybe even thousands—of Iranian nuclear centrifuges. Flame, on the other hand, appears to be an espionage tool: it aims to surreptitiously collect information from infected systems. What connects them is their intended target: Iran. We now have Stuxnet, the most complex sabotaging malware ever discovered, which must have taken dozens of programmers several months to create, and Flame, the world’s most powerful cyberespionage tool ever detected by computer security experts. And both have been primarily directed at Iranian government computers. Read more of this post