Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Stuxnet Infected Chevron’s Network in 2010

The infamous Stuxnet virus infected Chevron’s network in 2010, according to a report from The Wall Street Journal. The oil giant told the paper that they believe the infection was not intended, noting that the government wasn’t aware of how far the infection spread.

The infamous Stuxnet virus infected Chevron’s network in 2010, according to a report from The Wall Street Journal. The oil giant told the paper that they believe the infection was not intended, noting that the government wasn’t aware of how far the infection spread.

Mark Koelmel, Chevron’s general manager of the earth sciences department told the Journal, “I don’t think the U.S. government even realized how far it had spread,” adding, “I think the downside of what they did is going to be far worse than what they actually accomplished.”

Oil Companies in Malware AttacksChevron said that the virus was detected on their network in 2010, and was immediately addressed without incident. The Journal speculated that the Chevron infection was the result Stuxnet’s release on a larger network. However, the story marks the first time a U.S. company has acknowledged that they were impacted by the government sanctioned malware.

The same story also cited U.S. officials who blamed Iranian malware authors for the creation of the Shamoon virus that attacked Saudi oil giant Aramco. The impact of the Shamoon attack was noted by said U.S. Secretary of Defense Leon Panetta in a speech last month.

“All told, the Shamoon virus was probably the most destructive attack that the private sector has seen to date,” he said.

In June, excerpt from a book written by the New York Times’ David Sanger was published on the NYT’s website, recounting how the Obama administration took over a project started during the second Bush administration targeting Iran. This project, code-named Olympic Games, was purely technical and resulted in what the world knows today as Stuxnet.

From the Times’ report:

“Mr. Obama decided to accelerate the attacks — begun in the Bush administration and code-named Olympic Games — even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran’s Natanz plant and sent it around the world on the Internet. Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name: Stuxnet.”

Related: Disttrack/Shamoon Sabotage Malware Wipes Data At Unnamed Middle East Energy Organization

Related: Saudi Arabia’s National Oil Company Kills Network After Cyber Attack

Written By

Click to comment

Expert Insights

Related Content

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Malware & Threats

Cybercrime in 2017 was a tumultuous year "full of twists and turns", with new (but old) infection methods, a major return to social engineering,...

Malware & Threats

Norway‎-based DNV said a ransomware attack on its ship management software impacted 1,000 vessels.

Cybercrime

Security researchers with Juniper Networks’ Threat Labs warn of a new Python-based backdoor targeting VMware ESXi virtualization servers.