Destructive Cyber Attack On Saudi Kingdom

Uploaded on 2016-12-20 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Transport & Travel

State-sponsored hackers have conducted a "series of destructive attacks" on Saudi Arabia, erasing data and wreaking havoc at the agency running the country’s airports, and hitting five additional targets. 

According to a report, "thousands of computers were destroyed at the headquarters of Saudi’s General Authority of Civil Aviation, erasing critical data and bringing operations there to a halt for several days". This it was claimed was a false-flag operation by a foreign country aiming to escalate tensions between Iran and Saudi Arabia

Several US Internet security companies later suggested the attacks were carried out by hackers using a virus called "Shamoon", which has been linked to the Iranian government. 

Two theories may explain the attacks 

First, they may signify a false-flag operation by a foreign country aiming to escalate tensions between Iran and Saudi Arabia and, by association, the United States. One cannot discount the possibility of Israel’s involvement because Israel would largely benefit from the incident’s aftermath.

A director at the Centre for Strategic and International Studies in Washington maintained that "anyone who did this attack knows it has implications for the nuclear deal - between Iran and the world powers". 

Other states in play

Meanwhile, it is important to remember that Israel has a history of hacking operations. In 2010, the Israelis together with the Americans collaborated in an attack on Iran’s nuclear enrichment plant using the Stuxnet virus.

Second, according to early reports from a Saudi probe - which obviously can be biased - "digital evidence" suggests the attacks emanated from Iran.

Rogue radical elements in the Iranian government could have intentionally acted to create a foreign policy crisis for the Rouhani administration but, Iran's president, Hassan Rouhani, seeks de-escalation in the international relations arena. He relies on the benefits of sanctions relief but requires a peaceful environment to bring Iran out of international economic obscurity, attract foreign investment and end the severe economic recession engulfing the country. 

The actualisation of the Iran nuclear deal between Iran and the world powers, the so-called Joint Comprehensive Plan of Action (JCPOA), strengthened Rouhani’s and the moderate current’s position as a whole in Iran.

The Shamoon virus was the same that devastated Saudi oil company Aramco in 2012. According to the report, Shamoon "overwrites files and renders the infected computers inoperable by destroying the master boot record". It spreads quickly "throughout a network, causing destruction like the digital version of a wildfire".

A secret document from April 2013, written by the US National Security Agency and revealed by the whistleblower Edward Snowden, pointed the finger directly at Iran.

It said: "Iran’s destructive cyber-attack against Saudi Aramco in August 2012, during which data was destroyed on tens of thousands of computers, was the first such attack NSA has observed from this adversary.

It spreads quickly "throughout a network, causing destruction like the digital version of a wildfire"

"Iran, having been a victim of a similar cyber-attack against its own oil industry in April 2012, has demonstrated a clear ability to learn from the capabilities and actions of others." In the past, there have been other suspicious incidents aimed at sabotaging Iran’s foreign relations.

MiddleEastEye:           The Growing Cyber Threat From Iran:         Iran Ministry Of Defense Hacked By Saudi Hacker:
 

 

« Yahoo Hack Affects 1 Billion Accounts
Insurers Are Handling 'hundreds' Of Breach Claims »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Zeneth Technology Partners

Zeneth Technology Partners

Zeneth is a consulting firm providing information technology and cybersecurity services to federal and commercial clients.

IOTA Foundation

IOTA Foundation

The IOTA Foundation is a non-profit R&D organisation focused on developing the next generation of protocols for the connected world.

MAD Security

MAD Security

MAD Security is a premier provider of information and cybersecurity solutions that combine technology, managed security services, support and training.

ALTR

ALTR

ALTR provide software-embedded solutions for data security and privacy.

Curricula

Curricula

Curricula's cyber security awareness training delivers short relatable security stories to your employees. We make learning cyber security simple and fun.

WisePlant

WisePlant

WisePlant's portfolio of solutions and services includes process measurement, secure automation, industrial cybersecurity, functional safety and more.

Illuma Labs

Illuma Labs

Illuma Labs delivers real-time voice authentication and fraud prevention solutions.

QuoLab

QuoLab

QuoLab empowers security professionals to analyze, investigate and respond to threats within an integrated ecosystem.

SecureData

SecureData

SecureData provide professional data recovery services, digital forensics, data recovery software and FIPS 140-2 Level 3 Validated hardware encrypted drives.

Cranfield University

Cranfield University

Cranfield Defence and Security are at the forefront of their fields, offering capabilities ranging from cyber security and digital warfare to robotics, forensic sciences and simulation and analytics.

Xperience

Xperience

Xperience solves our clients’ toughest challenges by delivering business efficiency through digital transformation solutions across cloud, managed IT, CRM and ERP.

Trusted Cyber Solutions

Trusted Cyber Solutions

Trusted Cyber Solutions is an independent Cyber Security and Risk Management consultancy.

Custodia Continuity

Custodia Continuity

Custodia Continuity manage your Security, Backup, Continuity and Compliance. You get on with your business.

NetHope

NetHope

NetHope is a membership-based organization serving the international nonprofit humanitarian, development, and conservation sector through digital transformation.

Kivera

Kivera

Kivera enforces your organisation governance and security policies across cloud deployments preventing misconfigurations turning into attack vectors.

ETI-NET

ETI-NET

ETI-NET is the worldwide leader in managing critical data for industries that never stop.