At least two companies operating in the Middle East have been hacked with highly destructive malware designed to render their systems inoperable, according to a news report carried by Forbes.
One company, Italy’s Saipem, has admitted that its servers were targeted across the Middle East, Aberdeen and Italy with a variant of a wiper malware known as Shamoon that was discovered in 2012. It was used in a hack that knocked 30,000 computers offline at oil giant Saudi Aramco.
Another victim, a heavy engineering company in the UAE, was detected by Symantec on 10 December, a day before the Saipem hack hit.
It is unclear who is behind the latest attacks, according to cybersecurity experts from Symantec and Chronicle, an Alphabet-owned company.
Symantec research analyst Stephen Doherty said while his company was only aware of two victims, there may be many more.
Operational technology (OT) cyber risk is acute
Siemens and the Ponemon Institute released earlier this year a report titled “ Assessing the cyber readiness of the Middle East’s oil and gas sector”. The report says that operational technology (OT) cyber risk is particularly acute in the Middle East. Given the critical importance of oil and gas to the region’s economies, OT cyber security is an especially pressing topic. The report mentions sophisticated cyber attacks targeting oil and gas organisations (Aramco in 2012) and OT specifically (Triton in 2017).
The financial impacts of these attacks in the Gulf last year were estimated to be more than $1bn. In addition to these financial costs, OT cyber attacks raise significant health, safety and environmental risks to the industry.
The report says that the oil and gas sector is the target of 50% of all cyber attacks in the region. Oil and gas companies in the Middle East are beginning to invest in protecting their assets from cyber intrusions, while lagging behind in terms of awareness and the rate of deploying technology that can protect their operating environment. In the government sphere, regulations intended to address the OT cyber threat are being rolled out, though, admittedly, these are mostly at an early stage.