Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Stuxnet Infected Chevron’s Network in 2010

The infamous Stuxnet virus infected Chevron’s network in 2010, according to a report from The Wall Street Journal. The oil giant told the paper that they believe the infection was not intended, noting that the government wasn’t aware of how far the infection spread.

The infamous Stuxnet virus infected Chevron’s network in 2010, according to a report from The Wall Street Journal. The oil giant told the paper that they believe the infection was not intended, noting that the government wasn’t aware of how far the infection spread.

Mark Koelmel, Chevron’s general manager of the earth sciences department told the Journal, “I don’t think the U.S. government even realized how far it had spread,” adding, “I think the downside of what they did is going to be far worse than what they actually accomplished.”

Oil Companies in Malware AttacksChevron said that the virus was detected on their network in 2010, and was immediately addressed without incident. The Journal speculated that the Chevron infection was the result Stuxnet’s release on a larger network. However, the story marks the first time a U.S. company has acknowledged that they were impacted by the government sanctioned malware.

The same story also cited U.S. officials who blamed Iranian malware authors for the creation of the Shamoon virus that attacked Saudi oil giant Aramco. The impact of the Shamoon attack was noted by said U.S. Secretary of Defense Leon Panetta in a speech last month.

“All told, the Shamoon virus was probably the most destructive attack that the private sector has seen to date,” he said.

In June, excerpt from a book written by the New York Times’ David Sanger was published on the NYT’s website, recounting how the Obama administration took over a project started during the second Bush administration targeting Iran. This project, code-named Olympic Games, was purely technical and resulted in what the world knows today as Stuxnet.

From the Times’ report:

“Mr. Obama decided to accelerate the attacks — begun in the Bush administration and code-named Olympic Games — even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran’s Natanz plant and sent it around the world on the Internet. Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name: Stuxnet.”

Related: Disttrack/Shamoon Sabotage Malware Wipes Data At Unnamed Middle East Energy Organization

Advertisement. Scroll to continue reading.

Related: Saudi Arabia’s National Oil Company Kills Network After Cyber Attack

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Hear from experts as they explore the latest trends, challenges and innovations in Attack Surface Management.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Janet Rathod has been named VP and CISO at Johns Hopkins University.

Barbara Larson has joined SentinelOne as Chief Financial Officer.

Amy Howland has been named Partner and CISO at Guidehouse.

More People On The Move

Expert Insights