Cyber Attack Directed at National Organizations of Saudi Arabia

Media Division | January 26, 2017

Saudi Arabia was hit by a detrimental hack 5 years ago that was called the world’s worst cyberattack.  This attack was upon Saudi Aramco, one of the largest oil companies that supplies a large percentage of the world’s oil.  35,000 computers had been destroyed or partially wiped, and sent the company back to using typewriters and faxes.  Now, a recent attack has Saudi Arabia standing on guard to defend from a repeat of that incident.

On Monday, Saudi’s labor ministry and human resources development fund was attacked. The attack in 2012 employed a virus called Shamoon 2, which can render computers inoperable because it overrides the hard disk with trash, and the most recent attack employed the same method.  The Computer Emergency Response Team, which is the security team that protects Saudi Arabia’s infrastructure, issued a warning on Tuesday stating, “Following a recent cyberattack which targeted several national organizations, this is an urgent call for your cybersecurity team to be on the alert for Shamoon 2 and ransomware attacks that could possibly cripple your organization’s systems.”  Fortunately, no customer data was affected, and the hack was limited to some web pages and user terminals.  It was uncertain how the attack in 2012 had gotten in, but from new information obtained, it appears it was through emails.

This is not the only recent attack that has been directed at Saudi Arabia.  In November, Shamoon was employed in attacks on six organizations in government, transportation, energy, and manufacturing realms.

Who Was Behind the Attack?

The perpetrator behind the attack is unknown at this time, but it has been suspected that it is a nation state.  The reality is that it may not even be the same entity from the 2012 attack, as other threat actors could be copying the malware.  U.S. Intelligence had quietly pointed fingers at Iran in the 2012 attack.  But, there is currently no concrete evidence of the origination point of this week’s attack.

Technology and cyber space are relied on for a multitude of critical systems and infrastructure within countries, as well as individual organizations.  The protection of systems and prevention of cyber attacks is of the utmost importance with the magnitude of damage that these attacks can potentially cause.  Whether an organization is protecting critical client data, funds, or intellectual property, Massive Alliance provides several services to prevent cyber attacks from damaging assets.

Massive's Media Division publishes timely news and insights based on current events, trends, and actionable cross-industry expertise.