About these ads
Home > Security > Another Massive Cyber Attack in Middle East

Another Massive Cyber Attack in Middle East


Update August 17: More details about Shamoon, the malware targeting Saudi Aramco and other Middle East companies belonging to Energy Sector. Apparently the destructive details unveiled yesterday are confirmed.

Upate August 27: Saudi Aramco Admits 30K workstations affected.

I have just received a couple of tweets from an unknown user @cyberstrikenews providing more details about the latest Cyber Attack in Middle East targeting Saudi Arabian Oil Company (Saudi Aramco).

The Oil Company declared that “production had not been affected” and even if the virus affected some computers, it did not penetrate key components of the network. The company also said it would return to normal operating mode soon.

From the information I have received (I cannot verify the integrity of the source, so I report the data integrally), the situation appears quite different:

  • The company has about 40000 computer clients and about 2000 servers, the destructive virus was known to wipe all information and operation system related files in at least 30000 (75%) of them all data lost permanently.
  • Among the servers which (were) destroyed are the company main web server, mail server (smtp and exchange), and the domain controller which as the central part of their network.
  • All clients are permanently shut down and they will not be able to recover them in a short period.
  • The main company web site ( http://www.aramco.com ) was down during 24 hours and at last they redirected it to an outside country web site called “www.saudiaramco.com”.

Apparently the web site has just been restored to normal operation redirecting the user to Saudi Aramco.

After Stuxnet, Duqu, Flame and Gauss, yet another confirm that there is no cyber peace in middle East!

References:

http://pastebin.com/p5C4mCCD

http://pastebin.com/5YB3TUH1

About these ads
  1. saud
    August 16, 2012 at 3:19 pm

    the problem is contributed to the current management as tey are the worest one that is putting alot of pressure on the employees.

  2. Geoffrey Nicoletti
    February 13, 2013 at 3:04 am

    This is weak compared to the next attack more closely designed off of Stuxnet, foolishly not self-destructive by the Israelis (8200 unit) and NSA engineers. The next attack must have defenses in place: flash drives removed wherever you can and where you can’t, then physically locked flash drives. Digital signed code. The future attack can have a payload that physically destroys equipment…have backup equipment at hand to replace, despite the cost. NSA has to protect you as it does power grid in America and NSA has to protect banks and backbones and nuclear facilities. Defense is not hard; deterrence is impossible. Once Bluffdale operates we are all safer against the nuclear digital weapon now out there in the wild…making botnets look like a bow and arrow.

  1. December 16, 2012 at 12:28 pm
  2. January 2, 2013 at 5:05 pm
  3. January 11, 2013 at 11:57 am

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 2,996 other followers