Cyberattacks on Saudi Aramco


Saudi Aramco has seen an increase in attempted cyberattacks since the final quarter of 2019, which the company so far successfully countered, the state oil giant’s chief information security officer told Reuters.

“Overall there is an increase in cyberattack attepts and we are successful in preventing them at the earliest stage possible,” Khalid al-Harbi said.

“The pattern of attacks is cyclical and we are seeing the magnitude increasing, I suspect this trend will continue ,” he said, without giving details of who was behind the attacks.

Saudi Arabia is the target of frequent cyberattacks, including the “Shamoon” virus, which cripples computers by wiping disks and has hit government ministries and petrochemical firms, the latest in 2017.

Aramco, which pumps 10% of global oil supply, experienced its largest cyberattack to date in August 2012, when a Shamoon virus attack damaged around 30 000 computers and aimed at stopping oil and gas production at the biggest OPEC exporter.

Aramco facilities were attacked in September by drone and missile strikes that temporarily shut down 5.7 million barrels per day of output – more than five percent of global oil supply. The US blamed Iran for the attack, which Iran denied.

Harbi said there were attempts to infiltrate Aramco via Emotet, a malware globally active , but it was prevented.

Malware impacted small organidations in Saudi Arabia, he said, without elaborating.

Harbi said identifying the source of cyberattacks was the most difficult aspect of cyber security.

Aramco CEO, Amin Nasser, said on the side-lines of a cyber security forum in Riyadh his company puts cyber security among top corporate risks, “on par with market share loss, disruptive technologies, serious industrial accidents and geopolitical shocks.”

In 2017, Saudi Arabian security officials said the country was targeted as part of a wide-ranging cyber espionage campaign against five Middle East nations and several countries outside the region.