Saudi Aramco, Saudi Arabia’s national oil company and the largest in the world, has confirmed that is has been hit by a cyber attack that resulted in malware infecting user workstations, but did not affect other parts of its network.
“On Wednesday, Aug. 15, 2012, an official at Saudi Aramco confirmed that the company has isolated all its electronic systems from outside access as an early precautionary measure that was taken following a sudden disruption that affected some of the sectors of its electronic network,” the company wrote in a statement.
“The disruption was suspected to be the result of a virus that had infected personal workstations without affecting the primary components of the network.”
The company did not comment on the vector of attack or who may behind it, but insists its core operations have not been impacted as a result of the security breach.
“Saudi Aramco confirmed the integrity of all of its electronic network that manages its core business and that the interruption has had no impact whatsoever on any of the company’s production operations,” the statement said.
“The company employs a series of precautionary procedures and multiple redundant systems within its advanced and complex system that are used to protect its operational and database systems.”
The company said its IT team anticipates normal operations of its network soon.
Founded in 1933, Saudi Aramco says is has operations that span the globe and range from exploration and producing to refining, and says that it currently provides about one in every 10 barrels of crude oil the world consumes each day day. Since 1998 the company says it has added more than 3.8 million barrels per day to worldwide crude oil production.
The incident follows an attack on systems at the National Iranian Oil Company back in April, when a virus was detected inside the control systems of Kharg Island oil terminal, which also resulted in the company taking its systems offline.
“Attacks on critical infrastructure are more common than many think. Because of a lack of disclosure in these industries many incidents ranging from sabotage and intellectual property theft to extortion go unreported,” Brian Contos, security director & consumer security strategist at McAfee told SecurityWeek in April.
“There is a strong expectation that we are going to see more attacks targeting critical infrastructure around the world,” Contos added. “Most organizations within critical infrastructure operate with a mix of legacy and modern equipment leveraging applications and protocols that facilitate both. This duality makes their assets vulnerable to a wider range of attacks than organizations in industries like retail and finance.”
In response to continued cyber attacks against its networks and facilities, Iran earlier this month said it plans to move key ministries and state bodies off the public Internet to protect them from such attacks.