- The Washington Times - Thursday, December 1, 2016

Saudi Arabia said Thursday that its government was subjected to a significant cyberattack last month believed to have been waged using a variant of the same malware that crippled its state-owned oil company in 2012.

The kingdom confirmed being thoroughly targeted by a recent, wide-ranging rash of cyberattacks after multiple security firms reported on Wednesday that a ravaging computer virus unleashed against the nation’s energy sector four years earlier has recently re-emerged.

A previously undisclosed assault against Saudi Arabia’s transportation sector was one of “several ongoing cyberattacks targeting government authorities” in recent weeks, the National Cyber Security Center, an arm of the Ministry of Interior, told the state-run Saudi Press Agency.

Operations inside the headquarters of Saudi’s General Authority of Civil Aviation were brought to a standstill for several days after thousands of its computers were recently destroyed by the Shamoon virus, Bloomberg reported on Thursday citing sources who spoke on condition of anonymity.

Shamoon overwrites computer files in order to render machines inoperable as it spreads from device to device. When deployed against Saudi Aramco in 2012, the virus wiped data off over 30,000 computers before it forced infected machines to display an image of a burning United States flag. Unlike that relatively contained attack, however, Bloomberg’s sources described the recently waged systematic assault as the equivalent of “detonating a cyber weapon inside the networks of several targets at once.”

Security firms including CrowdStrike, Palo Alto Networks and Symantec reported being aware of the malware’s recent emergence prior to the Saudi government acknowledging the cyberattacks to state media Thursday.

“Why Shamoon has suddenly returned again after four years is unknown,” the Symantec Security Response team said on its blog. “However, with its highly destructive payload, it is clear that the attackers want their targets to sit up and take notice.”

In addition to the Saudi Aramco attack, investigators have traced the Shamoon virus to a campaign waged in 2014 against Sheldon Adelson’s Las Vegas Sands Corp. after the billionaire casino magnate endorsed using nuclear weapons against Iran. U.S. Director of National Intelligence James Clapper later directly attributed that attack to Iranian hackers.

Sign up for Daily Newsletters

Manage Newsletters

Copyright © 2019 The Washington Times, LLC. Click here for reprint permission.

Please read our comment policy before commenting.


Click to Read More and View Comments

Click to Hide