Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Saudi Arabia’s National Oil Company Kills Network After Cyber Attack

Saudi Aramco, Saudi Arabia’s national oil company and the largest in the world, has confirmed that is has been hit by a cyber attack that resulted in malware infecting user workstations, but did not affect other parts of its network.

Saudi Aramco, Saudi Arabia’s national oil company and the largest in the world, has confirmed that is has been hit by a cyber attack that resulted in malware infecting user workstations, but did not affect other parts of its network.

“On Wednesday, Aug. 15, 2012, an official at Saudi Aramco confirmed that the company has isolated all its electronic systems from outside access as an early precautionary measure that was taken following a sudden disruption that affected some of the sectors of its electronic network,” the company wrote in a statement.

“The disruption was suspected to be the result of a virus that had infected personal workstations without affecting the primary components of the network.”

Iran Oil Ministry Hit By Cyber Attack

The company did not comment on the vector of attack or who may behind it, but insists its core operations have not been impacted as a result of the security breach.

“Saudi Aramco confirmed the integrity of all of its electronic network that manages its core business and that the interruption has had no impact whatsoever on any of the company’s production operations,” the statement said.

“The company employs a series of precautionary procedures and multiple redundant systems within its advanced and complex system that are used to protect its operational and database systems.”

The company said its IT team anticipates normal operations of its network soon.

Founded in 1933, Saudi Aramco says is has operations that span the globe and range from exploration and producing to refining, and says that it currently provides about one in every 10 barrels of crude oil the world consumes each day day. Since 1998 the company says it has added more than 3.8 million barrels per day to worldwide crude oil production. 

The incident follows an attack on systems at the National Iranian Oil Company back in April, when a virus was detected inside the control systems of Kharg Island oil terminal, which also resulted in the company taking its systems offline.

“Attacks on critical infrastructure are more common than many think. Because of a lack of disclosure in these industries many incidents ranging from sabotage and intellectual property theft to extortion go unreported,” Brian Contos, security director & consumer security strategist at McAfee told SecurityWeek in April.

“There is a strong expectation that we are going to see more attacks targeting critical infrastructure around the world,” Contos added. “Most organizations within critical infrastructure operate with a mix of legacy and modern equipment leveraging applications and protocols that facilitate both. This duality makes their assets vulnerable to a wider range of attacks than organizations in industries like retail and finance.”

In response to continued cyber attacks against its networks and facilities, Iran earlier this month said it plans to move key ministries and state bodies off the public Internet to protect them from such attacks.

Related: Are Industrial Control Systems Secure?

Related: Industrial Control Systems are 10 Years Behind Enterprise IT on Security, Say Experts

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Cyberwarfare

Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.

Malware & Threats

Security researchers are warning of a new wave of malicious NPM and PyPI packages designed to steal user information and download additional payloads.

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Malware & Threats

Cybercrime in 2017 was a tumultuous year "full of twists and turns", with new (but old) infection methods, a major return to social engineering,...