In what may be an effort by the United States and Israel to disrupt oil exports, the backbone of Iran's increasingly battered economy, the computer systems of the ministry and the Iran National Oil Co. were attacked Sunday by a virus the ISNA news agency identified without elaboration as "Viper."
Key installations were knocked out for a time. Iranian media reported the ministry was forced to disconnect key oil facilities, including control systems at the terminal on Kharg Island in the northern Persian Gulf that handles 90 percent of Iran's oil exports.
Terminals on the islands of Gheshm and Kish in the southern gulf were also hit by the virus. However, oil industry sources reported that oil was being loaded Monday at Kharg.
The semi-official Mehr news agency reported that oil production -- pegged by Tehran at around 2 million barrels per day -- wasn't affected by the virus that crippled the internal computer systems at the ministry and the state oil company.
The ministry has called in a "cyber crisis committee" that includes 50 of Iran's leading computer experts who were mobilized in 2010 when the country's nuclear program was crippled by the Stuxnet virus.
That was the first major cyberattack on the Islamic Republic to be reported but some Western specialists say the virus was first unleashed against Iran's nuclear infrastructure in 2009.
Those attacks are widely believed to have been the work of Israel's intelligence services, perhaps aided by the Americans, who have been waging a covert campaign to sabotage Iran's nuclear program and assassinate key scientists.
No authoritative account of who invented and deployed Stuxnet or how it was inserted into the Iranian nuclear program to disable the centrifuge cascades at Natanz in central Iran has surfaced.
The centrifuges are vital components of the uranium-enriching process that's at the heart of the nuclear weaponization program.
Western cyber engineers say the Iranians have been able to neutralize Stuxnet and have purged the malware from the nuclear industry.
Sunday's attack was apparently the most intense of a series of cyberstrikes that began early in April.
Who was responsible isn't known but the United States and Israel are widely seen as the likely instigators.
"We're making progress in neutralizing this cyberattack," said Hamdollah Mohammadnejad, deputy oil minister in charge of civil defense.
Iran's media has reported that Sunday's attack, the heaviest in the latest series, corrupted all the data stored in the Oil Ministry's computer system.
But it said the core data on the oil industry was safe because it was stored on backup systems.
It remains to be seen whether there will be more cyberattacks on the oil industry but the Americans clearly want to step up the pressure on Iran.
Cyber experts say Stuxnet has at least four "cousins" developed on a single platform whose origins go back to 2007, the Russian computer security firm Kaspersky Lab disclosed in December.
One of these is the data-stealing Trojan virus known as Duqu, which was also used to attack Iranian computer systems following the Stuxnet episode.
Iran's oil exports have been cut because of the sanctions imposed by the United Nations in June 2010 because of Tehran's refusal to cease uranium-enrichment for the United States and its allies say is a clandestine weapons program. Iran denies that.
Recent oil industry figures suggest exports have fallen badly from some 2.2 million bpd in February to 1.9 million bpd in March. That means a drop in annual oil earnings of around $30 billion.
The International Energy Agency said that output could tumble to levels last seen during the 1980-88 war with Iraq.
As sanctions drive off Iran's oil customers, it reportedly has been forced to use half its fleet of 25 supertankers and five of its nine smaller tankers to store some 33 million barrels of oil at anchor in the gulf.
The pressure on Iran will intensify greatly in June and July when U.S. and EU sanctions are scheduled to be tightened.