Destructive Cyber Attack On Saudi Kingdom

Uploaded on 2016-12-20 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Transport & Travel

State-sponsored hackers have conducted a "series of destructive attacks" on Saudi Arabia, erasing data and wreaking havoc at the agency running the country’s airports, and hitting five additional targets. 

According to a report, "thousands of computers were destroyed at the headquarters of Saudi’s General Authority of Civil Aviation, erasing critical data and bringing operations there to a halt for several days". This it was claimed was a false-flag operation by a foreign country aiming to escalate tensions between Iran and Saudi Arabia

Several US Internet security companies later suggested the attacks were carried out by hackers using a virus called "Shamoon", which has been linked to the Iranian government. 

Two theories may explain the attacks 

First, they may signify a false-flag operation by a foreign country aiming to escalate tensions between Iran and Saudi Arabia and, by association, the United States. One cannot discount the possibility of Israel’s involvement because Israel would largely benefit from the incident’s aftermath.

A director at the Centre for Strategic and International Studies in Washington maintained that "anyone who did this attack knows it has implications for the nuclear deal - between Iran and the world powers". 

Other states in play

Meanwhile, it is important to remember that Israel has a history of hacking operations. In 2010, the Israelis together with the Americans collaborated in an attack on Iran’s nuclear enrichment plant using the Stuxnet virus.

Second, according to early reports from a Saudi probe - which obviously can be biased - "digital evidence" suggests the attacks emanated from Iran.

Rogue radical elements in the Iranian government could have intentionally acted to create a foreign policy crisis for the Rouhani administration but, Iran's president, Hassan Rouhani, seeks de-escalation in the international relations arena. He relies on the benefits of sanctions relief but requires a peaceful environment to bring Iran out of international economic obscurity, attract foreign investment and end the severe economic recession engulfing the country. 

The actualisation of the Iran nuclear deal between Iran and the world powers, the so-called Joint Comprehensive Plan of Action (JCPOA), strengthened Rouhani’s and the moderate current’s position as a whole in Iran.

The Shamoon virus was the same that devastated Saudi oil company Aramco in 2012. According to the report, Shamoon "overwrites files and renders the infected computers inoperable by destroying the master boot record". It spreads quickly "throughout a network, causing destruction like the digital version of a wildfire".

A secret document from April 2013, written by the US National Security Agency and revealed by the whistleblower Edward Snowden, pointed the finger directly at Iran.

It said: "Iran’s destructive cyber-attack against Saudi Aramco in August 2012, during which data was destroyed on tens of thousands of computers, was the first such attack NSA has observed from this adversary.

It spreads quickly "throughout a network, causing destruction like the digital version of a wildfire"

"Iran, having been a victim of a similar cyber-attack against its own oil industry in April 2012, has demonstrated a clear ability to learn from the capabilities and actions of others." In the past, there have been other suspicious incidents aimed at sabotaging Iran’s foreign relations.

MiddleEastEye:           The Growing Cyber Threat From Iran:         Iran Ministry Of Defense Hacked By Saudi Hacker:
 

 

« Yahoo Hack Affects 1 Billion Accounts
Insurers Are Handling 'hundreds' Of Breach Claims »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Allegro Software

Allegro Software

Allegro provide secure software for the Internet of Things.

Technology Industries of Finland (TIF)

Technology Industries of Finland (TIF)

Technology Industries of Finland (TIF) is a business and labour market lobbying organization that promotes the competitiveness and business conditions of Finland’s most crucial export industry.

Compass Security

Compass Security

Compass Security is a specialist IT Security consultancy firm based in Switzerland. Services include pentesting, security assessments, digital forensics and security training.

Coro Cybersecurity

Coro Cybersecurity

Coro (formerly Coronet) empowers organizations to protect against malware, ransomware, phishing, and botnets - across devices, users, and cloud applications.

Cyberwrite

Cyberwrite

Cyberwrite was founded to provide underwriters around the world a unique and innovative Cyber Underwriting platform.

Nozomi Networks

Nozomi Networks

Nozomi Networks is a leader in Industrial Control System (ICS) cybersecurity, with a comprehensive platform to deliver real-time cybersecurity and operational visibility.

Seltek Technology Solutions

Seltek Technology Solutions

Seltek provides Digital Forensics, eDiscovery, Cybersecurity Assessments and IT Support services.

Cytomic

Cytomic

Cytomic is the business unit of Panda Security specialized in providing advanced cybersecurity solutions and services to large enterprises.

Mosaic 451

Mosaic 451

Mosaic451 is a bespoke IT managed services provider and consultancy specializing in information security, operations and design.

Knovos

Knovos

Knovos is a leading technology innovator developing solutions for automating, integrating, and innovating Information Governance.

Forever Group

Forever Group

Forever Group is a Managed Services Provider specialising in Telecommunications, IT Support, and Cyber Security.

Exterro

Exterro

Exterro is a leading provider of e-discovery and information governance software specifically designed for in-house legal, privacy and IT teams at Global 2000 and Am Law 200 organizations.

Flatt Security

Flatt Security

Flatt Security is a cyber security startup based in Japan providing security assessments and other cyber security services.

Vercara

Vercara

Vercara offers a purpose-built, global cloud security platform that provides layers of protection to safeguard businesses’ online presence, no matter where an attack comes from or where it is aimed.

Cybersecurity Elastic Laboratory (CEL)

Cybersecurity Elastic Laboratory (CEL)

CEL specialize in providing top-tier services in vulnerability diagnosis and penetration testing, offering a comprehensive suite of solutions to mitigate cyber risks.

CloudBees

CloudBees

CloudBees is building the world’s first end-to-end automated software delivery system, enabling companies to balance governance and developer freedom.