Cyber attacks loom over KSA, UAE, Qatar oil firms
A Middle East-based group of hackers has issued a threat warning of cyber attacks against oil, gas and energy companies
A Middle East-based group of hackers has issued a threat warning of cyber attacks against oil, gas and energy companies in the Middle East, security firm Symantec has revealed.
The threat, made by Anonymous, a politically- motivated group of hacktivists, states that they are planning to attack before, during, and after June 20, 2014.
This is due to Anonymous disagreeing with the US dollar being used as the currency to buy and sell oil, Symantec said. According to the security firm, governments that may be attacked include those in Saudi Arabia Kuwait and Qatar.
Some of the possible company targets include Kuwait Oil Company, Petroleum Development Oman, Qatar Petroleum, Saudi Aramco, ADNOC, ENOC and Bahrain Petroleum Company.
While there are limited details regarding the tools that will be used, based on previous observations, Symantec said the attacks will most likely include distributed denial of service (DDoS) attacks, phishing/spear-phishing emails, intrusion and data-theft attempts, vulnerable software exploration, web application exploits, and website defacement.
“Public announcements by these groups are often used as a means to gain notoriety or media attention and can be of highly volatile credibility,” the company said.
The Middle East’s petrochemical industry has been vulnerable to cyber attacks over the last few years, and Saudi Aramco, the world’s biggest oil producer, was hit by a major virus infection in August 2012. Security experts have warned that the region is not well-prepared to deal with cyber crime and is susceptible to attacks.
Symantec said it has detection measures in place regarding the recent threat and also issued some recommendations:
Use a layered approach to securing your environment, including enterprise-wide security monitoring.
Deploy network intrusion detection/prevention systems to monitor network traffic for malicious activity.
Ensure all operating systems and public facing machines have the latest versions and security patches, and antivirus software and definitions up to date.
*This article was originally published in Saudi Gazette on June 18, 2014.