We reported back in October about the damage swell of Saudi Aramco, Saudi Arabia’s oil company, which fell victim to a cyberattack. Some new details have been revealed by a few investigating/reporting organizations…
The New York Times reported the following yesterday:
The attack on Saudi Aramco — which supplies a tenth of the world’s oil — failed to disrupt production, but was one of the most destructive hacker strikes against a single business.
“The main target in this attack was to stop the flow of oil and gas to local and international markets and thank God they were not able to achieve their goals,” Abdullah al-Saadan, Aramco’s vice president for corporate planning, said on Al Ekhbariya television. It was Aramco’s first comments on the apparent aim of the attack.
Hackers from a group called Cutting Sword of Justice claimed responsibility for the attack, saying that their motives were political and that the virus gave them access to documents from Aramco’s computers, which they threatened to release. No documents have yet been published.
The “Cutting Sword of Justice” made a post on PasteBin.com about taking credit for the attack.
We explained previously that most of the cyberattacks this year have been aimed at erasing data on energy companies’ computers. However, renewed thoughts of Aramco are showing the want by hackers to stop the flow of production. Good thing it got sorted out.
The New York Times reported about the damages of the attacks on Saudi Aramco, a Saudi Arabian oil firm. The article stated the following, blaming Iran for the attacks on Saudi Aramco along with supporting evidence:
That morning, at 11:08, a person with privileged access to the Saudi state-owned oil company’s computers, unleashed a computer virus to initiate what is regarded as among the most destructive acts of computer sabotage on a company to date. The virus erased data on three-quarters of Aramco’s corporate PCs — documents, spreadsheets, e-mails, files — replacing all of it with an image of a burning American flag.
United States intelligence officials say the attack’s real perpetrator was Iran, although they offered no specific evidence to support that claim. But the secretary of defense, Leon E. Panetta, in a recent speech warning of the dangers of computer attacks, cited the Aramco sabotage as “a significant escalation of the cyber threat.” In the Aramco case, hackers who called themselves the “Cutting Sword of Justice” and claimed to be activists upset about Saudi policies in the Middle East took responsibility.
Intelligence officials are still investigating the nature of the RasGas hack also, because it is related to this attack, which involved a malware called Shamoon.
The investigations of Saudi Aramco and RasGas, Qatar’s top natural gas firm, are coming together. Most of the cyberattacks this year have been aimed at erasing data on energy companies’ computers. More updates to come.
- How hackers attacked Saudi oil company’s computers (seattletimes.com)
- US Increasingly Convinced Iran Behind Attack On Saudi Aramco (techweekeurope.co.uk)
- Shamoon Virus that Attacked Saudi Aramco is the Most Dangerous to Date (oilprice.com)
Various parts of the Islamic Republic were disrupted yesterday (their Internet access) after hackers attacked Iran’s infrastructure and communications companies. “Yesterday we had a heavy attack against the country’s infrastructure and communications companies which has forced us to limit the Internet,” the secretary of the High Council of Cyberspace, Mehdi Akhavan Behabadi, is said by Reuters as having told the Iranian Labour News Agency about the issues.
Some officials claim that their Internet access in Iran is constantly disrupted by cyberattacks, however, the ones yesterday were the most noticeable. This attack would be one of the largest cyberattacks so far, after several gigabytes of traffic overwhelmed the Iranian infrastructure. This is still widely accusative that the US and Israel could be involved, as a response to the nuclear program developed by Iran.
It is noticed also that the cyberwar is heating up for Iran, and that Iran could be constructing counterattacks, such as the recent one against US banks. All of these concentrated attacks are all part of military plans, which are developing “cyber warriors” or a “cyber army”. As always, news about cyberwar will continue to be on this blog.