SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Stuxnet Infected Chevron’s Network in 2010

The infamous Stuxnet virus infected Chevron’s network in 2010, according to a report from The Wall Street Journal. The oil giant told the paper that they believe the infection was not intended, noting that the government wasn’t aware of how far the infection spread.

The infamous Stuxnet virus infected Chevron’s network in 2010, according to a report from The Wall Street Journal. The oil giant told the paper that they believe the infection was not intended, noting that the government wasn’t aware of how far the infection spread.

Mark Koelmel, Chevron’s general manager of the earth sciences department told the Journal, “I don’t think the U.S. government even realized how far it had spread,” adding, “I think the downside of what they did is going to be far worse than what they actually accomplished.”

Oil Companies in Malware AttacksChevron said that the virus was detected on their network in 2010, and was immediately addressed without incident. The Journal speculated that the Chevron infection was the result Stuxnet’s release on a larger network. However, the story marks the first time a U.S. company has acknowledged that they were impacted by the government sanctioned malware.

The same story also cited U.S. officials who blamed Iranian malware authors for the creation of the Shamoon virus that attacked Saudi oil giant Aramco. The impact of the Shamoon attack was noted by said U.S. Secretary of Defense Leon Panetta in a speech last month.

“All told, the Shamoon virus was probably the most destructive attack that the private sector has seen to date,” he said.

In June, excerpt from a book written by the New York Times’ David Sanger was published on the NYT’s website, recounting how the Obama administration took over a project started during the second Bush administration targeting Iran. This project, code-named Olympic Games, was purely technical and resulted in what the world knows today as Stuxnet.

From the Times’ report:

“Mr. Obama decided to accelerate the attacks — begun in the Bush administration and code-named Olympic Games — even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran’s Natanz plant and sent it around the world on the Internet. Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name: Stuxnet.”

Advertisement. Scroll to continue reading.

Related: Disttrack/Shamoon Sabotage Malware Wipes Data At Unnamed Middle East Energy Organization

Related: Saudi Arabia’s National Oil Company Kills Network After Cyber Attack

Written By

More from

Latest News

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Webinar Beyond VPN Replacement: Other ZTNA superpowers CISOs Should Know
Tuesday, August 22, 2023

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.

Register

Webinar: Scaling Software Supply Chain Security: Driving Actionable SBOM Management with the OpenSSF S2C2F OSS Specification
Thursday, September 7, 2023

Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.

Register

Expert Insights

Related Content

Ransomware Alerts Ransomware Alerts

Cybercrime

Cyber Insights 2023 | Ransomware

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

February 2, 2023
Comodo Forums Hacked via Recently Disclosed vBulletin Vulnerability

Cybercrime

Comodo Forums Hacked via Recently Disclosed vBulletin Vulnerability

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

October 1, 2019
Stop, Collaborate and Listen: Disrupting Cybercrime Networks Requires Private-Public Cooperation

Cybercrime

Stop, Collaborate and Listen: Disrupting Cybercrime Networks Requires Private-Public Cooperation

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

February 1, 2023
Microsoft OneNote Abuse for Malware Delivery Surges

Malware & Threats

Microsoft OneNote Abuse for Malware Delivery Surges

Threat actors are increasingly abusing Microsoft OneNote documents to deliver malware in both targeted and spray-and-pray campaigns.

February 10, 2023
VMware zero-day CVE-2023-20867 exploited VMware zero-day CVE-2023-20867 exploited

Malware & Threats

VMware ESXi Servers Targeted in Ransomware Attack via Old Vulnerability

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.

February 6, 2023
VMware Patches VM Escape Flaw Exploited at Geekpwn Event

Application Security

VMware Patches VM Escape Flaw Exploited at Geekpwn Event

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

December 13, 2022
Play Ransomware Group Used New Exploitation Method in Rackspace Attack

Cybercrime

Play Ransomware Group Used New Exploitation Method in Rackspace Attack

The recent ransomware attack targeting Rackspace was conducted by a cybercrime group named Play using a new exploitation method, the cloud company revealed this...

January 5, 2023
Recently Patched IBM Aspera Faspex Vulnerability Exploited in the Wild

Malware & Threats

Recently Patched IBM Aspera Faspex Vulnerability Exploited in the Wild

A vulnerability affecting IBM’s Aspera Faspex file transfer solution, tracked as CVE-2022-47986, has been exploited in attacks.

February 15, 2023