• 2 minutes Oil Price Could Fall To $30 If Global Deal Not Extended
  • 5 minutes Middle East on brink: Oil tankers attacked off Oman
  • 8 minutes CNN:America's oil boom will break more records this year. OPEC is stuck in retreat
  • 4 hours Emissions Need To Be Halved To Avoid 3C Warming
  • 17 mins Iran downs US drone. No military response . . Just Destroy their Economy Completely. Can Senator Kerry be tried for aiding enemy ?
  • 3 hours The Pope: "Climate change ... doomsday predictions can no longer be met with irony or disdain."
  • 2 hours Here We Go: New York Lawmakers Pass Aggressive Law To Fight Climate Change
  • 7 hours Coal Boom in Asia is Real and a Long Trend
  • 3 hours Summit in Pyongyang: China's Xi Says World Hopes North Korea-U.S. Talks Can Succeed
  • 4 hours Pioneer CEO Said U.S. Oil Production would be up to 15 mm bbls/day NOW if we had the pipelines. Permian pipelines STARTING Q3
  • 13 hours Solar Panels at 26 cents per watt
  • 6 hours Huge UK Gas Discovery
  • 19 hours The Magic and Wonders of US Shale Supply: Keeping energy price shock minimised: US oil supply keeping lid on prices despite global risks: IEA chief
  • 19 hours Magic of Shale: EXPORTS!! Crude Exporters Navigate Gulf Coast Terminal Constraints
  • 18 hours US to become net oil exporter in November: EIA
  • 17 hours Ireland To Ban New Petrol And Diesel Vehicles From 2030
  • 16 hours US Shale Drilling lacks regulatory body.
Canada’s Oil Patch Faces Investor Exodus

Canada’s Oil Patch Faces Investor Exodus

Capital investment across Canada’s oil…

Virus That Haunted Aramco In 2012 Is Back

Cybersecurity

A variant of the Shamoon malware that hit Saudi Aramco’s servers six years ago is back, Axios reports, citing a release from the cybersecurity unit of Alphabet, Chronicle. According to the Chronicle release, the company had detected a file infected with Shamoon in its database VirusTotal.

The malware, Chronicle said, was uploaded from Italy and is different from the previous two variants. Those moved through networks via pre-programmed credentials while this one stays on the computer it is installed on first. There is no command and control infrastructure that would allow the attackers to communicate with the virus, and what the virus does this time is encrypt all files irreversibley rather than replacing them with politically significant images, Axios reports.

While the cybersecurity experts at Chronicle figure out what the malware is all about this time, they do note it comes on the heels of a report from Italy’s oilfield services major Saipem that it had become the target of a cyberattack, with the most severe blow suffered by its network in the Middle East.

Reuters quoted Saipem’s head of digital and innovation operations, Mauro Piasere, as saying the company’s servers in the UAE, Saudi Arabia, and Kuwait had been affected by malware, with the origin of the attack Chennai, India.

“The servers involved have been shut down for the time being to assess the scale of the attack,” Piasere said.

Chronicle’s experts, for their part, said "While Chronicle cannot directly link the new Shamoon variant to an active attack, the timing of the malware files comes close to news of an attack on an Italian energy corporation with assets in the Middle East."

In January 2017, Saudi Arabia issued a warning to local organizations that the Shamoon virus that had hit state-held oil giant Saudi Aramco in 2012 has resurfaced in a new variant. The Shamoon 2, which completely wiped out computer disks, reportedly targeted 15 government agencies and private organizations, state media reported at the time.

By Irina Slav for Oilprice.com

More Top Reads From Oilprice.com:



Join the discussion | Back to homepage

Leave a comment

Leave a comment

Oilprice - The No. 1 Source for Oil & Energy News