Insiders suspected in Saudi cyber attack

Reuters reports: One or more insiders with high-level access are suspected of assisting the hackers who damaged some 30,000 computers at Saudi Arabia’s national oil company last month, sources familiar with the company’s investigation say.

The attack using a computer virus known as Shamoon against Saudi Aramco – the world’s biggest oil company – is one of the most destructive cyber strikes conducted against a single business.

Shamoon spread through the company’s network and wiped computers’ hard drives clean. Saudi Aramco says damage was limited to office computers and did not affect systems software that might hurt technical operations.

The hackers’ apparent access to a mole, willing to take personal risk to help, is an extraordinary development in a country where open dissent is banned.

“It was someone who had inside knowledge and inside privileges within the company,” said a source familiar with the ongoing forensic examination.

Hackers from a group called “The Cutting Sword of Justice” claimed responsibility for the attack. They say the computer virus gave them access to documents from Aramco’s computers, and have threatened to release secrets. No documents have so far been published.

Reports of similar attacks on other oil and gas firms in the Middle East, including in neighboring Qatar, suggest there may be similar activity elsewhere in the region, although the attacks have not been linked.

Facebooktwittermail