Skip to comments.Oil Giant Saudi Aramco Struggles To Recover From Hack Attack ( Nasty Virus messes with MBR )
Posted on 08/24/2012 2:51:50 PM PDT by Ernest_at_the_Beach
The largest company in the world is blocking outside access to its communication systems as it continues to struggle to get systems back online following a suspected cyber attack earlier this month.
On 15 August, Saudi Aramco said it had isolated all its electronic systems from outside access as an early precautionary measure that was taken following a sudden disruption that affected some of the sectors of its electronic network.
The disruption was suspected to be the result of a virus that had infected personal workstations without affecting the primary components of the network, Saudi Aramco said over Facebook.
It claimed the interruption had no impact on any of its oil production operations, saying IT experts anticipated resuming normal operations of its network soon.
Yet today systems remain isolated. TechWeekEurope attempted to telephone the company, only to be greeted by a recorded message reiterating what the company said nine days ago.
Supposed hacktivists have claimed the hit on the oil giant, saying they would hit the company again tomorrow (25 August). The group said it was fed up of crimes and atrocities taking place in various countries around the world, in a post on Pastebin. They said they were targeting the House of Saud, the ruling royal family of Saudi Arabia, and targeted Aramco as it was the largest financial source for Al-Saud regime.
The group, calling itself the Cutting Sword of Justice, claimed to have hacked Aramco systems in several countries before sending a virus across 30,000 computers achieving a 75 percent infection rate of all the companys systems. It refuted suggestions that a nation state was behind the attack.
The attack hit just before warnings of a new piece of malware called Shamoon or Disttrack, which was designed to infect a systems Master Boot Record (MBR), making it un-bootable.
Prelude to Iran doing something?
I agree. This has Iran written all over it.
If this really was some anarchist type group of dweebs I'd have to say "good for them, deserving target."
Secondly I would say "been nice knowin' ya."
I disagree. I think it’s a warning shot by Israel across Saudi’s bow telling them not to interdict Israeli planes flying sorties to Iran.
“We can bring down your country, Saudi, if you stop our planes” - Bibi.
One of our biggest customers. We automate a lot of their facilities.
Do you work at Siemens?
< / rimshot >
Someone posted a thread a few hours ago ‘Communications down in mid east?’ and right now is the 25th over there.
I’ll be cryin my eyes out while I search for the thread in grief for the poor Saudis.
Has anyone heard of communications interruptions in mid east today?
sniff tearing up
< / rimshot >”
How did you guys get the virus in their system without them knowing?
“fed up of crimes and atrocities taking place in various countries around the world”
Glad to see everyone else knows who’s responsible for it too.(Spit!)
I wonder why it’s just being reported today, when they’ve been “shut down” since the 15th, according to their facebook page. Seems to be taking a looong time to repair.
Guess they are looking for the Master boot record.....LOL
Nasty virus stuff needs a separate thread and its own headline.
Iran or Syria