Agency Attacked: Parastoo Hacks the IAEA

Julia Rothchild
By Julia Rothchild February 14, 2013 20:13

The server containing the stolen information is located at the International Atomic Energy Agency’s headquarters in Vienna, Austria. Courtesy of csmonitor.com.

The International Atomic Energy Agency (IAEA) reported recently that one of its servers had been hacked and that the names and contact information of nuclear experts working for the agency had been published online. A previously unknown group named “Parastoo,” — Farsi for “swallow” — claimed responsibility.

Parastoo opened its public post with the statement, “Israel owns a practical nuclear arsenal, tied to a growing military body and is not a member of internationally respected nuclear biochemical and chemical agreements.” This was followed by a list of email addresses for 100 IAEA nuclear experts, as well as a request that the experts listed sign a “petition demanding an open IAEA investigation into activities at Dimona,” the location of Israel’s Negev Nuclear Research Center. The remainder of the group’s statement, posted in all caps on cryptome.org, lacks basic English grammar conventions and is written in mostly informal language.

The hacker group’s name, “Parastoo,” is also the word for “sparrow” in Farsi. Courtesy of treklens.com.

Exactly how the hackers were able to gain access to the server has not been revealed, but Parastoo included the IP address 161.5.7.253 and “Vienna,” the location of the IAEA’s headquarters, in its post.

In an interview with CBS News, IAEA spokesperson Gill Tudor said the information was stolen from an “old server” that had been previously shut down. She also stated in an email that the IAEA is doing “everything possible to help ensure that no further information is vulnerable.”

The International Atomic Energy Agency is a UN organization that aims to prevent use of nuclear power for military purposes. Courtesy of freelogovectors.net.

A second post appeared on Parastoo’s webpage a few days after the first. It includes links to satellite images supposedly stolen from IAEA servers, as well as a list of IAEA subdomains Parastoo claims to have “under control.” In the post, the group boasts of its members’ anonymity, and emphasizes the IAEA’s lack thereof by listing more contact information for the agency’s employees. In both posts, the group condemns Israel’s nuclear power research and calls for the IAEA to investigate, calling Israel the “real threat of world peace” (in context, clearly meant to describe Israel as a threat to world peace).

It is unclear whether the IAEA has implemented any changes to its cyber security since the system was infiltrated. The UN general assembly very recently approved a resolution urging Israel to allow the IAEA to inspect its nuclear program and to join the Nuclear Nonproliferation. While the resolution does reflect the opinion of the UN, it does not legally oblige Israel to change its policies. Israel thus far has chosen not to reveal anything more about its nuclear capabilities.

Julia Rothchild
By Julia Rothchild February 14, 2013 20:13