Aramco Hack Aimed at Curbing Oil Production

An August attack on the Saudi Arabian national oil company, Aramco, was reportedly launched in order to hinder oil production at the world’s most valuable company, according to a report published in the New York Times yesterday.

An August attack on the Saudi Arabian national oil company, Aramco, was reportedly launched in order to hinder oil production at the world’s most valuable company, according to a report published in the New York Times yesterday.

The attack damaged some 30,000 company workstations but failed to achieve it primary goal, which, according to Abdullah al-Saadan, the company’s vice president of corporate planning, was to stop the flow of oil and gas from Aramco to local and international markets.Aramco

Despite causing no perceptible interruption to Aramco’s output, which accounts for a tenth of the world’s oil supply according to the Times, the attack was destructive enough that it prompted the company to take its internal network down and its main website offline. These were restored after more than a week of downtime.

A little known hacker group calling itself the “Cutting Sword of Justice” took credit for the attack on the text sharing site Pastebin. They claimed that the attack was in retaliation for Saudi Arabia’s support of “atrocities in various countries around the world.”

A number of security experts and researchers believed that a piece of malware called Shamoon that emerged around the same time was used in the attack. The tool’s ability to destroy files on infected machines and overwrite the master boot record had researchers scratching their heads about the virus’s potential use until news of the hack on Aramco emerged.

Suggested articles

Discussion

  • Vytautasba on

    The ITU's WCIT is being held this week.  Much FUD spreading about the ITU's intention to "take away the internet" from us.  The last time international regulations for telecommunications were changed was in 1988.  The Saudi Aramco attack is just one of many examples showing that the current Internet Governance model is no longer enough to deal with the problems of this changed cyberspace environment.  Some compromise needs to be sought that will preserve as many of the Internet freedoms we are used to and limit the abilities of "bad guys" to execute such attacks.  It is too easy and too attractive for state or state sponsored actors to do damage and then hide in the shadows of cyberspace.  A situation that can get easily out of hand if not addressed.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.