Shamoon virus returns in Saudi computer attacks after four-year hiatus
- Wall Street falls as investors ready for Trump's inauguration
- IBM (IBM) Tops Q4 EPS by 13c, FY17 EPS Guidance Beats Consensus
- American Express (AXP) Misses Q4 EPS by 7c, FY17 EPS Guidance Tops Views at Mid-Poinit
- Skyworks Solutions (SWKS) Tops Q1 EPS by 3c, Offers Q2 Guidance, Announces Buyback
- After-Hours Stock Movers 01/19: (SWKS) (QRVO) (NVAX) Higher; (AFMD) (SGYP) (IBM) Lower (more...)
Get access to the best calls on Wall Street with StreetInsider.com's Ratings Insider Elite. Get your Free Trial here.
By Jim Finkle, Tom Finn and Jeremy Wagstaff
(Reuters) - Shamoon, the destructive computer virus that four years ago crippled tens of thousands of computers at Middle Eastern energy companies, was used two weeks ago to attack computers in Saudi Arabia, according to several U.S. cyber security firms.
CrowdStrike, FireEye Inc, Intel Corp's McAfee security unit, Palo Alto Networks Inc and Symantec Corp warned of the attacks, though they did not name any victims. They did not say how much damage had been caused or identify the hackers using Shamoon, which cripples computers by wiping drives used to start machines.
Saudi Arabia said on Thursday that hackers had launched an attack on computers on government bodies and organizations in the transport sector in mid-November, heightening concern about security in the world's largest oil exporter.
Victims included the General Authority of Civil Aviation, the Saudi agency that runs airports, where the attack disrupted work for several days, Bloomberg News reported, citing people familiar with the investigation.
The attack originated outside the country and was one of "several ongoing cyber attacks targeting government authorities," the National Cyber Security Center, an arm of the Ministry of Interior, told state news agency SPA.
The statement did not give details of the identity of the attacker or the damage caused, beyond saying the virus aimed to disrupt servers and plant malicious software in computer systems.
The 2012 Shamoon attack on Saudi Aramco, the world's largest oil company, was widely seen as a watershed event. At the time, U.S. Defense Secretary Leon Panetta said it was probably the most destructive cyber attack on a business. There have since only been a few major attacks with disk-wiping malware, including ones in 2014 on Sheldon Adelson’s Las Vegas Sands Corp and Sony Corp's Hollywood studio.
In the initial Shamoon hacks, images of a burning U.S. flag were left on computers at Saudi Aramco and RasGas Co Ltd. A disturbing image of the body of 3-year-old drowned Syrian refugee Alan Kurdi was used in recent attacks.
The 2012 hackers were likely working on behalf of the Iranian government, said CrowdStrike Chief Technology Officer Dmitri Alperovitch. It is too early to say whether the same group was behind Shamoon 2, he said.
Tehran has been investing heavily in its cyber capabilities since 2010, when its nuclear program was hit by the Stuxnet computer virus, widely believed to have been launched by the United States and Israel.
The malware triggered the disk-wiping to begin at 8:45 p.m. local time on Nov. 17, according to the security firms.
The Saudi business week ends on Thursday, so it appears to have been timed to begin after staff left for the weekend to reduce the chance of discovery and allow maximum damage.
(Reporting by Jim Finkle in Boston, Tom Finn in Doha and Jeremy Wagstaff in Singapore; Editing by Alison Williams and Leslie Adler)
Serious News for Serious Traders! Try StreetInsider.com Premium Free!
You May Also Be Interested In
- On Inauguration Eve, Trumpsters party in the 'swamp' of Washington
- Ex-House speaker sues sex abuse accuser for $1.7 million
- Japan PM aims to strengthen U.S. alliance under President Trump
Create E-mail Alert Related CategoriesReuters
Related EntitiesSheldon Adelson, McAfee Intel Merger
Sign up for StreetInsider Free!
Receive full access to all new and archived articles, unlimited portfolio tracking, e-mail alerts, custom newswires and RSS feeds - and more!