A Saudi energy company has lately confirmed that its computer networks were targeted by a cyberattack. But perhaps more important is the discovery of Gauss, malware believed to be related to the Stuxnet worm that attacked Iran's nuclear centrifuges in 2009.
More evidence has surfaced that the Middle East has become a cyberspace free-fire zone, with revelations about a destructive new cyberattack on at least one energy company and the exposure of a sophisticated cyberespionage program aimed at Lebanese banks.
Saudi Arabia's national oil company, Saudi Aramco, confirms reports that its computer networks were shut down last week by a malware attack. While its business network was impaired, the "interruption has had no impact whatsoever on any of the company’s production operations," Aramco reported on Facebook Aug. 15.
The next day, computer security firm Symantec announced that an energy firm it would not identify had been targeted by malware that made any computer it infected unusable by wiping clean sectors of the hard drive. There has been no reported connection between Saudi Aramco and the Symantec announcement.
The new software attack weapon, dubbed Shamoon by cybersecurity researchers, is the most recent in a series of attacks targeting key infrastructure in the Middle East region. Stuxnet, discovered in 2010, wrecked nuclear centrifuges in Iran, while its brethren, Duqu and Flame, were designed to clandestinely steal network data.
The Saudi Aramco attack and the Symantec report are reminiscent of Iran's claim that its oil terminal facilities were hit in April by a software weapon it called "Wiper." But analysis comparing the Iranian malware with the just-discovered Shamoon weapons shows them to be unrelated in terms of their authorship, according to Kaspersky Labs, a Moscow-based cybersecurity company.
Page 1 of 4