(Source: Miramax Films)
Hackers called themselves the "Cutting Sword of Justice", temporarily crippled company's internal/external networks

The U.S. stands accused of using the Flame malware package to cripple Iran's oil industry.  Now a group of supposed "hacktivists" calling themselves the "Cutting Sword of Justice" claims to have struck back, claiming responsibility for an audacious attack one of the U.S.'s closest oil-producing allies.

Dubbed Shamoon or Disttrack by malware researchers, the malware hit the Saudi Arabian Oil Comp. (Aramco), the world's largest oil producer and privately held company.  The attack occurred on August 15 and compromised approximately 75 percent of the company internal and external network -- 30,000 systems in total -- thanks to replicating malware.

But even as Saudi Aramco brought its internal network and public presence offline to clean up the mess, it says its oil operations were not affected, with CEO Khalid al-Falih writing:

We would like to emphasize and assure our stakeholders, customers and partners that our core businesses of oil and gas exploration, production and distribution from the wellhead to the distribution network were unaffected and are functioning as reliably as ever.

The hacktivist group, which may be responsible, denied they had nation state (such as Iranian) backing, but made it clear the attacks were politically motivated, targeting the Saudi royals.  They said Saudi Araco was target as it was "the largest financial source for Al-Saud regime".  In their Pastebin post, they add that they were "fed up of crimes and atrocities taking place in various countries around the world."
Saudi Arabia
Hackers say they targeted Saudi Aramco for its role in "atrocities...around the world". 
[Image Source: CNBC]

Such claims, like anything online, can be glory seekers taking credit for the work of others.

The company restored the majority of its network this week, although the homepage remains non-working with a placeholder notice:
Saudi Aramco

Researchers at Symantec Corp. (SYMC) and Intel Corp. (INTC) subsidiary McAfee comment that the malware worked by wiping the hard drives of infected machines, including attempting to overwrite the hard-drive to prevent easy data recovery.

Sources: Facebook [Saudi Aramco], Pastebin, The Hacker News

"I f***ing cannot play Halo 2 multiplayer. I cannot do it." -- Bungie Technical Lead Chris Butcher

Most Popular Articles

Copyright 2018 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki