The strike on Saudi oil infrastructure highlights the easy vulnerability of such facilities even as the kingdom has splurged billions on sophisticated defense hardware.
Yemen’s Iran-aligned Huthi rebels claimed responsibility for the weekend assault, saying they sent a swarm of drones far across the border, but Washington has squarely blamed Iran.
Here is a round-up of the nation’s key infrastructure potentially exposed to attacks:
Oil facilities
Saudi Aramco, the world’s biggest energy company, operates Ghawar and Safaniyah, two of its biggest oil fields.
While its oil wells, scattered over a vast geographical area, may be a difficult target, its various oil processing facilities are more exposed.
The Abqaiq facility –- one of the two sites targeted on Saturday –- is the “most vulnerable” among them, the Washington-based Center for Strategic and International Studies (CSIS) said in a report.
The Abqaiq plant is the world’s largest oil processing facility, with a capacity of more than seven million barrels per day, according to the company.
Aramco’s vast system of pipelines, pumping stations and its ports along the Persian Gulf and Red Sea are also vulnerable to potential attacks.
The Huthis claimed their drones targeted two oil pumping stations on Saudi Arabia’s key east-west pipeline in May, shutting it down for several days.
The nation’s oil infrastructure is also vulnerable to cyber attacks.
In 2012, Aramco was among the firms hit by Shamoon, an aggressive disc-wiping malware, in what is believed to be the country’s worst cyber attack yet.
Desalination plants
Desalination plants provide more than 70 percent of the kingdom’s drinking water, according to official figures.
Ras al-Khair, the world’s largest desalination plant located on the kingdom’s Gulf coast, is an obvious target.
The kingdom’s water supply could be severely affected in the event of a major attack on the plant.
“Cyber attacks also present a serious threat to Saudi desalination plants like Ras al-Khair,” the CSIS report said.
Electrical grid
Saudi Arabia’s electrical grid has struggled to keep pace with the demands of its rising population and industrial infrastructure.
An attack on the oil and gas industry could severely impact the electrical grid as the kingdom is largely dependent on hydrocarbons as fuel for the electricity sector.
Its network of transformers and substations are vulnerable to explosive attacks, the CSIS report said.
The electrical system can also be disrupted by cyber attacks, it added.
Industrial control systems
Industrial control interfaces that help regulate large-scale infrastructure such as gas pipelines, transportation systems and power transmission networks are also potentially at risk, the CSIS report said.
“All of these components may be vulnerable to attack by direct human interference such as the deployment of malware in the master unit or by poor design or configuration, which opens up the system to remote cyber exploitation,” the report said.
Learn More About Critical Infrastructure Security at SecurityWeek’s ICS Cyber Security Conference

More from AFP
- Hackers Issue ‘Ultimatum’ Over Payroll Data Breach
- Amazon Settles Ring Customer Spying Complaint
- France Punishes Clearview AI For Failing To Pay Fine
- Twitter Celebrity Hacker Pleads Guilty in US
- Pro-Russian Hackers Claim Downing of French Senate Website
- Microsoft Expands AI Access to Public
- Hackers Promise AI, Install Malware Instead
- Australian Finance Company Refuses Hackers’ Ransom Demand
Latest News
- Consolidate Vendors and Products for Better Security
- Pharmaceutical Giant Eisai Takes Systems Offline Following Ransomware Attack
- Vulnerabilities in Honda eCommerce Platform Exposed Customer, Dealer Data
- North Korean Hackers Blamed for $35 Million Atomic Wallet Crypto Theft
- Cisco Patches Critical Vulnerability in Enterprise Collaboration Solutions
- Barracuda Urges Customers to Replace Hacked Email Security Appliances
- Android’s June 2023 Security Update Patches Exploited Arm GPU Vulnerability
- BBC, British Airways, Novia Scotia Among First Big-Name Victims in Global Supply-Chain Hack
