Never pass up a chance to sit down or relieve yourself. -old Apache saying

Sunday, October 28, 2012

Aramco hacker

I consider myself to be somewhat well-informed, but I totally missed this story, which is rather huge. 

It's likely that Iran was behind this cyber-attack on Aramco, the Arab-American Oil Company.  Iran is perhaps the last major player that still has a repressive and dangerous government, well, except for Saudi Arabia themselves.  Iran gets pissed because the Saudis cooperate "too much" with the Americans. 

The Iranian people yearn to be free from the yolk of the mullahs, and it will happen someday.  Better sooner than later, in this case.  And, if it could happen on Obama's watch, well, I'm sure the Republicans would find a way to blame him for it.

In Cyberattack on Saudi Firm, U.S. Sees Iran Firing Back

The hackers picked the one day of the year they knew they could inflict the most damage on the world’s most valuable company, Saudi Aramco.


On Aug. 15, more than 55,000 Saudi Aramco employees stayed home from work to prepare for one of Islam’s holiest nights of the year — Lailat al Qadr, or the Night of Power — celebrating the revelation of the Koran to Muhammad.

That morning, at 11:08, a person with privileged access to the Saudi state-owned oil company’s computers, unleashed a computer virus to initiate what is regarded as among the most destructive acts of computer sabotage on a company to date. The virus erased data on three-quarters of Aramco’s corporate PCs — documents, spreadsheets, e-mails, files — replacing all of it with an image of a burning American flag.

United States intelligence officials say the attack’s real perpetrator was Iran, although they offered no specific evidence to support that claim. But the secretary of defense, Leon E. Panetta, in a recent speech warning of the dangers of computer attacks, cited the Aramco sabotage as “a significant escalation of the cyber threat.” In the Aramco case, hackers who called themselves the “Cutting Sword of Justice” and claimed to be activists upset about Saudi policies in the Middle East took responsibility.

But their online message and the burning flag were probably red herrings, say independent computer researchers who have looked at the virus’s code.

Immediately after the attack, Aramco was forced to shut down the company’s internal corporate network, disabling employees’ e-mail and Internet access, to stop the virus from spreading.

It could have been much worse. An examination of the sabotage revealed why government officials and computer experts found the attack disturbing. Aramco’s oil production operations are segregated from the company’s internal communications network. Once executives were assured that only the internal communications network had been hit and that not a drop of oil had been spilled, they set to work replacing the hard drives of tens of thousands of its PCs and tracking down the parties responsible, according to two people close to the investigation but who were not authorized to speak publicly about it.

read the rest here.

No comments: