Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

Hackers Tried to Cause Saudi Petrochemical Plant Blast: NYT

Cyber-attackers tried to trigger a deadly explosion at a petrochemical plant in Saudi Arabia in August and failed only because of a code glitch, The New York Times reported.

Cyber-attackers tried to trigger a deadly explosion at a petrochemical plant in Saudi Arabia in August and failed only because of a code glitch, The New York Times reported.

Investigators declined to identify the suspected attackers, but people interviewed by the newspaper unanimously said that it most likely aimed to cause a blast that would have guaranteed casualties. A bug in the attackers’ code accidentally shut down the system instead, according to the report.

The cyber-attack — which could signal plans for other attacks around the world — was likely the work of hackers supported by a government, according to multiple insiders interviewed by the newspaper.

All sources declined to name the company operating the plant as well as the countries suspected to have backed the hackers, The New York Times said.

Security experts however told the newspaper that Iran, China, Russia, Israel and the United States had the technical capacity to launch an attack of that magnitude.

There was no immediate comment from Saudi Arabia, which has come under frequent cyber-attacks, including “Shamoon”, the aggressive disc-wiping malware that hit the Saudi energy sector in 2012.

Saudi Aramco, the world’s biggest oil company, was among the firms hit by Shamoon, which was believed then to be the country’s worst cyber-attack yet.

Advertisement. Scroll to continue reading.

US intelligence officials at the time said they suspected a link to the kingdom’s regional rival Iran.

But the August attack was “much more dangerous” than Shamoon, according to The New York Times, and likely aimed to send a political message — investigators said the code had been custom-built with no obvious financial motive.

Tasnee, the Saudi Arabian industrialisation company, had also been attacked by hackers in January 2017, according to Tasnee officials and researchers with the Symantec cybersecurity company interviewed by the newspaper.

The attack destroyed the company’s hard drives, wiped all data and replaced it with the now-iconic image of Aylan Kurdi, the Syrian boy in a red T-shirt who washed up dead on the Turkish coast.

Saudi Arabia was also hit by Powershell malware targeting government computers in November.

Learn More about Industrial Cybersecurity at SecurityWeek’s ICS Cyber Security Conference

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

ICS/OT

The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

ICS/OT

Wago has patched critical vulnerabilities that can allow hackers to take complete control of its programmable logic controllers (PLCs).

ICS/OT

Cybersecurity firm Forescout shows how various ICS vulnerabilities can be chained for an exploit that allows hackers to cause damage to a bridge.

ICS/OT

More than 1,300 ICS vulnerabilities were discovered in 2022, including nearly 1,000 that have a high or critical severity rating.

ICS/OT

Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.

Cybersecurity Funding

Internet of Things (IoT) and Industrial IoT security provider Shield-IoT this week announced that it has closed a $7.4 million Series A funding round,...

ICS/OT

Siemens and Schneider Electric address nearly 100 vulnerabilities across several of their products with their February 2023 Patch Tuesday advisories.