Cyber war targets Middle East oil companies

Oct 22, 2012 by Patrick Rahir
A flame from a Saudi Aramco oil installion is seen near the oil-rich area of Khouris, Saudi Arabia, in 2008. Middle Eastern oil and gas companies have been targeted in massive attacks on their computer networks in an increasingly open cyber war where a new virus was discovered just this past week.

Middle Eastern oil and gas companies have been targeted in massive attacks on their computer networks in an increasingly open cyber war where a new virus was discovered just this past week.

The United States and Israel, believed to behind the first campaign that targeted Iran's nuclear programme, are now worried about becoming targeted themselves.

"There have been increasing efforts to carry out cyberattacks on Israel's ," Prime Minister Benjamin Netanyahu said earlier this month, without giving details.

Netanyahu spoke just days after Washington issued a veiled warning to Iran over digital attacks and outlined a new digital warfare doctrine.

US Defense Secretary Leon Panetta also referred publicly for the first time about the "Shamoon" virus that hit Saudi Arabia's state oil company Aramco in August, disabling more than 300,000 computers.

The virus also hit Rasgas, a joint venture between US oil firm Corp and state-controlled Qatar Petroleum.

Panetta called the sophisticated virus "the most destructive attack that the private sector has seen to date."

It took Aramco, the world's biggest oil company, two weeks after the August 15 attack to restore its main internal network, but the group said that oil production had not been disrupted.

However the threat that digital attacks could cripple is real, with Panetta warning of the possibility of a "cyber-Pearl Harbor" to justify a policy of moving aggressively against threats.

A disruption to Saudi Arabia's oil exports could cause oil prices to spike from their already elevated prices and tip the fragile global economy into recession.

In what was interpreted as a veiled threat against Iran, Panetta said the US military "has developed the capability to conduct effective operations to counter (cyber) threats to our national interests."

A senior US administration official, who spoke on condition of anonymity, told AFP the cyber attack on the Gulf oil giants was believed to be carried out by a "state actor" and acknowledged that Iran would be a prime suspect.

US officials have "more than a suspicion" that Iran was to blame for the August attacks, said James Lewis, who has worked for the State Department and other government agencies on national security and cyber issues and who is now a senior fellow at the Center for Strategic and International Studies think tank.

He said the US authorities were used to cyber espionage from Russia and China, but were surprised by the swift rise in Iran's digital warfare capability.

"A lot of people didn't think it would develop this quickly," he said.

However it is unsurprising that Iran would seek a cyber warfare capability after having hundreds of centrifuges used to enrich uranium ruined by the Stuxnet virus in 2010.

Stuxnet marked a transformation for computer viruses, which had previously been used for spying or by organised crime, into a tool for sabotage.

It is widely suspected to have been the work of the United States and Israel, which believe Iran's nuclear programme aims to produce a bomb.

Tehran insists its nuclear programme is for peaceful uses only.

Iran has been victim of other digital attacks as well.

In April it was forced to unplug computers at its Kharg terminal from the Internet after they came under cyber attack, and in November last year an explosion at a missile terminal was attributed by US media to a computer virus.

—Only 'scratched the surface' of cyber warfare in

Kaspersky Labs, which detected the "Flame" and "Gauss" viruses believed behind those attacks, announced Monday it had found a new cyber espionage weapon it dubbed "miniFlame".

It described the virus as "a high precision, surgical attack tool ... designed to steal data and control infected systems during targeted cyber espionage operations."

Kaspersky said "we have only just scratched the surface of the massive cyber espionage operations ongoing in the Middle East. Their full purpose remains obscure and the identity of the victims and the attackers remains unknown."

Christian Harbulot, the head of the Economic Warfare School in Paris, warned that "it is extremely difficult to undo the knot" in what is also a propaganda war.

He said Iran could be behind the "Shamoon" virus, but that "it could be an additional pretext to weaken Iran" which is already under international embargo over its nuclear programme.

For Nicolas Arpagian at France's National Institute of Advanced Security and Justice Studies, the latest attacks "show that arsenal of digital weapons is getting bigger, and that when you have such an arsenal the use of cyberweapons is bound to become more commonplace."

Explore further: Facebook dressed down over 'real names' policy

add to favorites email to friend print save as pdf

Related Stories

Israel facing 'increasing number of cyberattacks'

Oct 14, 2012

Prime Minister Benjamin Netanyahu on Sunday said Israel was facing an increasing number of cyberattacks, just days after Washington issued a veiled warning to Iran over digital attacks on its interests.

Cyber strikes a 'civilised' option: Britain

Jun 03, 2012

Pre-emptive cyber strikes against perceived national security threats are a "civilised option" to neutralise potential attacks, Britain's armed forces minister said Sunday.

Iran oil sector hit by 'cyber attack'

Apr 23, 2012

A voracious virus attack has hit computers running key parts of Iran's oil sector, forcing authorities to unplug its main oil export terminal from the Internet and to set up a cyber crisis team, according ...

Recommended for you

Facebook dressed down over 'real names' policy

10 hours ago

Facebook says it temporarily restored hundreds of deleted profiles of self-described drag queens and others, but declined to change a policy requiring account holders to use their real names rather than drag names such as ...

Yelp to pay US fine for child privacy violation

17 hours ago

Online ratings operator Yelp agreed to pay $450,000 to settle US charges that it illegally collected data on children, in violation of privacy laws, officials said Wednesday.

A Closer Look: Your (online) life after death

Sep 16, 2014

Sure, you have a lot to do today—laundry, bills, dinner—but it's never too early to start planning for your digital afterlife, the fate of your numerous online accounts once you shed this mortal coil.

Web filter lifts block on gay sites

Sep 16, 2014

A popular online safe-search filter is ending its practice of blocking links to mainstream gay and lesbian advocacy groups for users hoping to avoid obscene sites.

User comments : 0