Destructive Cyber Attack On Saudi Kingdom

Uploaded on 2016-12-20 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Transport & Travel

State-sponsored hackers have conducted a "series of destructive attacks" on Saudi Arabia, erasing data and wreaking havoc at the agency running the country’s airports, and hitting five additional targets. 

According to a report, "thousands of computers were destroyed at the headquarters of Saudi’s General Authority of Civil Aviation, erasing critical data and bringing operations there to a halt for several days". This it was claimed was a false-flag operation by a foreign country aiming to escalate tensions between Iran and Saudi Arabia

Several US Internet security companies later suggested the attacks were carried out by hackers using a virus called "Shamoon", which has been linked to the Iranian government. 

Two theories may explain the attacks 

First, they may signify a false-flag operation by a foreign country aiming to escalate tensions between Iran and Saudi Arabia and, by association, the United States. One cannot discount the possibility of Israel’s involvement because Israel would largely benefit from the incident’s aftermath.

A director at the Centre for Strategic and International Studies in Washington maintained that "anyone who did this attack knows it has implications for the nuclear deal - between Iran and the world powers". 

Other states in play

Meanwhile, it is important to remember that Israel has a history of hacking operations. In 2010, the Israelis together with the Americans collaborated in an attack on Iran’s nuclear enrichment plant using the Stuxnet virus.

Second, according to early reports from a Saudi probe - which obviously can be biased - "digital evidence" suggests the attacks emanated from Iran.

Rogue radical elements in the Iranian government could have intentionally acted to create a foreign policy crisis for the Rouhani administration but, Iran's president, Hassan Rouhani, seeks de-escalation in the international relations arena. He relies on the benefits of sanctions relief but requires a peaceful environment to bring Iran out of international economic obscurity, attract foreign investment and end the severe economic recession engulfing the country. 

The actualisation of the Iran nuclear deal between Iran and the world powers, the so-called Joint Comprehensive Plan of Action (JCPOA), strengthened Rouhani’s and the moderate current’s position as a whole in Iran.

The Shamoon virus was the same that devastated Saudi oil company Aramco in 2012. According to the report, Shamoon "overwrites files and renders the infected computers inoperable by destroying the master boot record". It spreads quickly "throughout a network, causing destruction like the digital version of a wildfire".

A secret document from April 2013, written by the US National Security Agency and revealed by the whistleblower Edward Snowden, pointed the finger directly at Iran.

It said: "Iran’s destructive cyber-attack against Saudi Aramco in August 2012, during which data was destroyed on tens of thousands of computers, was the first such attack NSA has observed from this adversary.

It spreads quickly "throughout a network, causing destruction like the digital version of a wildfire"

"Iran, having been a victim of a similar cyber-attack against its own oil industry in April 2012, has demonstrated a clear ability to learn from the capabilities and actions of others." In the past, there have been other suspicious incidents aimed at sabotaging Iran’s foreign relations.

MiddleEastEye:           The Growing Cyber Threat From Iran:         Iran Ministry Of Defense Hacked By Saudi Hacker:
 

 

« Yahoo Hack Affects 1 Billion Accounts
Insurers Are Handling 'hundreds' Of Breach Claims »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

rPeople Staffing

rPeople Staffing

rPeople provides direct placement in all areas of your organization, including and specializing in Technical and Executive hiring.

Malwarebytes

Malwarebytes

Malwarebytes provides artificial intelligence-powered technology that stops cyberattacks before they can compromise computers and endpoints.

Security Audit Systems

Security Audit Systems

Security Audit Systems is a website security specialist providing website security audits and managed web security services.

Equilibrium Security Services

Equilibrium Security Services

Equilibrium Security Services is a specialist cyber security company providing a full spectrum of IT security solutions from consultancy to design & implementation and managed security services.

Cybertech

Cybertech

Cybertech Conference & Exhibition presents commercial problem solving strategies and solutions for the global cyber threat that meet the diverse challenges for a wide range of sectors.

Mantix4

Mantix4

Mantix4’s M4 Cyber Threat Hunting Platform actively defends against cyber threats.

Magix Security

Magix Security

Magix Security assesses the cyber threat, gives you visibility of how vulnerable your business is to attack, and provides cybercrime detection and prevention services.

IBLISS Digital Security

IBLISS Digital Security

How cyber-resilient is your business now? We help companies to continuously answer this never-ending C-level question.

ETSI

ETSI

ETSI is a European Standards Organization dealing with telecommunications, broadcasting and other electronic communications networks and services including cybersecurity.

Sompo International

Sompo International

Sompo International is a global specialty provider of property and casualty insurance and reinsurance services including Cyber & Network Risk.

Centre for Multidisciplinary Research, Innovation & Collaboration (C-MRiC)

Centre for Multidisciplinary Research, Innovation & Collaboration (C-MRiC)

C-MRiC collaborates on initiatives, ranging from national cyber security, enterprise security, information assurance, protection strategy, climate control to health and life sciences.

CyberASAP

CyberASAP

CyberASAP provides expertise, knowledge and support to convert academic ideas into commercial products in the cyber security space.

SurePassID

SurePassID

SurePassID is a provider of highly secure, highly extensible multi-factor authentication (MFA) solutions.

CyberNet Albania

CyberNet Albania

Cybernet Albania has been providing IT support and services to small businesses since 2016. We strive to eliminate your IT issues before they cause downtime and impact your operations.

eMazzanti Technologies

eMazzanti Technologies

eMazzanti Technologies provides IT consulting services for businesses ranging from home offices to multinational corporations throughout the USA and internationally.

RapidSpike

RapidSpike

RapidSpike is the only website monitoring solution that focuses all three key aspects of website health: performance, reliability AND security.