One of the world’s largest oil producers, Saudi Aramco, has confirmed that it was hit by a major cyber-attack earlier this month, but says it’s now fixed the 30,000 affected workstations.
The company says that the virus originated ‘from external sources’, adding that its primary enterprise systems of hydrocarbon exploration and production were unaffected, as they operate on isolated network systems. Production plants were also fine, as these control systems are also isolated.
“We addressed the threat immediately, and our precautionary procedures, which have been in place to counter such threats, and our multiple protective systems, have helped to mitigate these deplorable cyber threats from spiraling,” says Khalid A Al-Falih, president and CEO of Saudi Aramco.
“Saudi Aramco is not the only company that became a target for such attempts, and this was not the first nor will it be the last illegal attempt to intrude into our systems, and we will ensure that we will further reinforce our systems with all available means to protect against a recurrence of this type of cyber-attack.”
He assured customers that the company was still able to meet its commitments.
A group calling itself the Cutting Sword of Justice has claimed responsibility for the attacks. According to a post on Pastebin, it was acting in retaliation for ‘crimes and atrocities’ in Syria and other Middle-Eastern countries, which it claims are indirectly funded by Aramco.
And Rob Rachwald, director of security strategy at Imperva, says the attack marks a dangerous step in hacktivism, representing the first significant use of malware, rather than DDoS attacks.
“In the last couple of years, it became very popular to single out the Chinese, US and Israeli governments for cyber-warfare. However, with the Aramco attack, it wasn’t a government, it wasn’t an agency nor a company. This time it was hacktivists working for a political and social cause,” he says.
“In other words, a group of hobbyists and hacktivists with several very strong minded developers and hackers achieved results similar to what we have allegedly seen governments accomplish. Does this mean that the power of the hacktivism has become so strong that it can compete with government cyber warfare organizations?”