Destructive Cyber Attack On Saudi Kingdom

Uploaded on 2016-12-20 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Transport & Travel

State-sponsored hackers have conducted a "series of destructive attacks" on Saudi Arabia, erasing data and wreaking havoc at the agency running the country’s airports, and hitting five additional targets. 

According to a report, "thousands of computers were destroyed at the headquarters of Saudi’s General Authority of Civil Aviation, erasing critical data and bringing operations there to a halt for several days". This it was claimed was a false-flag operation by a foreign country aiming to escalate tensions between Iran and Saudi Arabia

Several US Internet security companies later suggested the attacks were carried out by hackers using a virus called "Shamoon", which has been linked to the Iranian government. 

Two theories may explain the attacks 

First, they may signify a false-flag operation by a foreign country aiming to escalate tensions between Iran and Saudi Arabia and, by association, the United States. One cannot discount the possibility of Israel’s involvement because Israel would largely benefit from the incident’s aftermath.

A director at the Centre for Strategic and International Studies in Washington maintained that "anyone who did this attack knows it has implications for the nuclear deal - between Iran and the world powers". 

Other states in play

Meanwhile, it is important to remember that Israel has a history of hacking operations. In 2010, the Israelis together with the Americans collaborated in an attack on Iran’s nuclear enrichment plant using the Stuxnet virus.

Second, according to early reports from a Saudi probe - which obviously can be biased - "digital evidence" suggests the attacks emanated from Iran.

Rogue radical elements in the Iranian government could have intentionally acted to create a foreign policy crisis for the Rouhani administration but, Iran's president, Hassan Rouhani, seeks de-escalation in the international relations arena. He relies on the benefits of sanctions relief but requires a peaceful environment to bring Iran out of international economic obscurity, attract foreign investment and end the severe economic recession engulfing the country. 

The actualisation of the Iran nuclear deal between Iran and the world powers, the so-called Joint Comprehensive Plan of Action (JCPOA), strengthened Rouhani’s and the moderate current’s position as a whole in Iran.

The Shamoon virus was the same that devastated Saudi oil company Aramco in 2012. According to the report, Shamoon "overwrites files and renders the infected computers inoperable by destroying the master boot record". It spreads quickly "throughout a network, causing destruction like the digital version of a wildfire".

A secret document from April 2013, written by the US National Security Agency and revealed by the whistleblower Edward Snowden, pointed the finger directly at Iran.

It said: "Iran’s destructive cyber-attack against Saudi Aramco in August 2012, during which data was destroyed on tens of thousands of computers, was the first such attack NSA has observed from this adversary.

It spreads quickly "throughout a network, causing destruction like the digital version of a wildfire"

"Iran, having been a victim of a similar cyber-attack against its own oil industry in April 2012, has demonstrated a clear ability to learn from the capabilities and actions of others." In the past, there have been other suspicious incidents aimed at sabotaging Iran’s foreign relations.

MiddleEastEye:           The Growing Cyber Threat From Iran:         Iran Ministry Of Defense Hacked By Saudi Hacker:
 

 

« Yahoo Hack Affects 1 Billion Accounts
Insurers Are Handling 'hundreds' Of Breach Claims »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

InAuth

InAuth

InAuth Security Platform delivers advanced device identification, risk detection, and analysis capabilities to help organizations limit risk and reduce fraud.

DCIT

DCIT

DCIT is a specialist in providing comprehensive consulting and auditing services in the field of information technology, PROVYS development software and security system AuditSquare.

CICRA

CICRA

CICRA is Sri Lanka's pioneering cyber security training and consultancy provider.

Innovative Solutions (IS)

Innovative Solutions (IS)

Innovative Solutions is a specialized professional services company delivering Information Security products and solutions for Saudi Arabia and the Gulf region.

redGuardian

redGuardian

redGuardian is a DDoS mitigation solution available both as a BGP-based service and as an on-premise platform.

Cycode

Cycode

Cycode is the industry’s first source code control, detection, and response platform.

Amadeus Capital Partners

Amadeus Capital Partners

Amadeus Capital Partners offers over 20 years’ experience in technology investment. Our areas of focus include AI & machine learning and cyber security.

Griffeshield

Griffeshield

Griffeshield is a company specialised in new information technologies used to protect Intellectual Property.

NuCrypt

NuCrypt

NuCrypt is developing technology that is applicable to ultrahigh security data encryption as well as key distribution.

Outseer

Outseer

Outseer is a leading technology company in the fight against payments fraud. Outseer reliably determines authentic customers from fraudulent behavior.

NI Cyber Security Centre

NI Cyber Security Centre

NI Cyber Security Centre works to make Northern Ireland cyber safe, secure and resilient for its citizens and businesses.

Mayer Brown

Mayer Brown

Mayer Brown is a global law firm. We have deep experience in high-stakes litigation and complex transactions across industry sectors including the global financial services industry.

PCCW Global

PCCW Global

PCCW Global is a leading communications service provider, offering mobility, voice and data solutions to multinational enterprises, telecomms partners, cloud and application service providers.

Allure Security

Allure Security

Allure Security AI-driven brand protection scans more of the online world for faster, more accurate detection & removal of spoof websites, social media & mobile apps -- before customers fall victim.

NST Cyber

NST Cyber

NST Cyber provides comprehensive Threat Exposure Management to Global banks and Forbes 2000 companies.

Prequel

Prequel

Prequel is your real-time problem detection and resolution platform, powered by the global reliability community.