Iran’s nuclear energy agency confirms email server hacked

The Atomic Energy Organization of Iran on Sunday confirmed that an email server at its  Bushehr Nuclear Power Plant was hacked. The organization blamed a foreign country, but an Iranian hacking group that goes by the name Black Reward has claimed responsibility for the breach.

The Atomic Energy Organization said that the IT group serving the Bushehr plant has examined and issued a report on the breach, and denied any sensitive information being exposed. The energy agency said the hack was intended to gain the attention of the public and media.

“It should be noted that the content in users’ emails contains technical messages and common and current daily exchanges,” according to a statement on the organization’s website. “It is obvious that the purpose of such illegal efforts, which are carried out of desperation, is to attract public attention.”

The Bushehr plant’s IT group has taken preventative measures in the wake of the hack, according to the atomic energy group.

Despite the energy organization’s claims that the email hack was the result of nation-state cyberespionage, an Iranian hacking group that goes by the name Black Reward posted on Telegram and Twitter that it had hacked information about Iran’s nuclear activity at the Bushehr plant. The group claimed in posts on Saturday—a day before Atomic Energy Organization’s confrmation of the breach—that the hack was in support of the ongoing nationwide protests over the death of a young woman, Mahsa Amini, in police custody.

Amini was taken into custody by the government’s morality police for allegedly not wearing her hijab properly. Her death in custody has sparked violent clashes between demonstrators and authorities for the last few weeks. 

Black Reward threatened to release hacked information in 24 hours unless the authorities released political prisoners and people arrested during the recent unrest.

On Sunday, the group posted a link to their Telegram channel, from where the information can be downloaded. The information is a “cleaned, browser-viewable version” of about 85,000 email message, “perfect for researchers and journalists,” the group said on Twitter.

The group claimed the leaked information included management and operational schedules of different parts of the Bushehr power plant, along with visas and passport information of Iranian and Russian nuclear experts working there, financial receipts, as well as agreements with local and foreign organizations.

The Bushehr nuclear power plant was built using Russian technology in 2011 and is Iran’s first nuclear plant situated along the Persian Gulf. This weekend’s cyberattack on Bushehr was not the first time Iran’s nuclear program has been targeted.

Stuxnet, a malicious worm first uncovered in 2010 had targeted and caused substantial damage to Iran’s nuclear program by infecting Windows PCs in the country’s Natanz nuclear  facility. It is believed to be a cyberweapon built jointly by the US and Israel. Stuxnet reportedly ruined almost one-fifth of Iran’s nuclear centrifuges by infecting over 200,000 computers and causing 1,000 machines to physically degrade. 

If the claims of Black Reward are true, then revealing the operations of the country’s nuclear infrastructure might pave the way for more attacks like Stuxnet. 

 In addition, any correspondence regarding agreements between local and foreign organizations and Iran’s Atomic Energy Organization is sure to be scrutinized by international agencies, as the nation’s nuclear program is under the inspection to verify safety and ensure it is not developing any nuclear weapon.