The attackers are located in several foreign countries, investigators say
Abdullah Al-Saadan, Saudi Aramco’s VP for corporate planning, and Saudi Interior Ministry spokesman, Major General Mansour al-Turki, have revealed the results of the investigation into the cyberattack that hit the oil giant’s systems back in August.Initial reports said that some of the company’s employees might have aided the attackers, but Al-Turki has stated that the attack was planned and executed by a group whose members are based in several foreign countries.
“The attack originated from foreign soil, and at this point in time we do not wish to reveal the names of the countries and the identities of the hackers for fear of compromising the ongoing investigations and legal proceedings against them,” Al-Turki said, cited by Eurasia Review.
Al-Saadan, who is the head of the team that investigated the attack, explained that the operation’s goal wasn’t just to cause damage to Saudi Aramco, but also “to stop the flow of oil and gas to domestic and international markets.”
He claims that the attackers’ objective was to disrupt the oil supply, but they didn’t manage to reach this goal because of the mechanisms set in place to handle such attacks.
For an entire month, the cybercriminals had attempted, and failed, to penetrate the company’s systems before they finally managed to do it by relying on spear phishing.
Authorities are currently trying to track down the attackers and bring them to justice. They’re even prepared to seek the aid of foreign agencies, including the Interpol, to help them accomplish this task.
The attack that hit Saudi Aramco back in August disrupted around 30,000 computers with the aid of the malware known as Shamoon.
Several hacker collectives have taken credit for the breach, including one that calls itself the “Cutting sword of justice.”
As a result of the incident, Saudi Arabia will instate a special cyber operations center, whose main role will be to tackle cybercrime and terrorism.