The interior ministry, which joined Aramco’s investigation into the attack that affected some 30,000 of the firm’s computers, said it was carried out by organized hackers from several different foreign countries.
“The attack targeted the whole economy of the country, not just Aramco as an entity,” said Abdullah al-Saadan, who headed the company’s inquiry team.
“The aim was to stop pumping oil and gas to domestic and international markets,” he told reporters.
Interior ministry spokesman General Mansur al-Turki said the joint investigation had established that an “organized group launched the attack from outside the kingdom and from different countries.”
“It is in the interest of the investigation not to reveal any results,” he told reporters, stressing that “no Aramco employees or contractors were involved in the hacking.”
On Aug. 27, Aramco said it had restored its main internal network after the Aug. 15 attack, which it described as a “malicious virus that originated from external sources.”
The state-owned group which runs all Saudi Arabia’s oil production said at the time that its oil exploration and production were unaffected “as they operate on isolated network systems.”
Saudi Aramco also confirmed that investigations were still underway to find out the origins of a virus named “Shamoon.”
Back then. The company’s investigations have so far found “speculations,” not hard facts, concerning the virus, and said it would not comment on any rumors circulated about the origins of the virus.
Aramco said it was able to clean the networks affected by the “Shamoon” virus, which damaged about 30,000 computers by malware infestation. About 85 percent of the company’s devices had their hardware destroyed.