Technology Sectors

Market Sectors

Aramco cyber attack intel declassified to show threat to private industry

Thu, 2012-10-25 02:57 PM

Rosenbach, Weatherford

U.S. intelligence on the devastating malware attack that crippled the Saudi Arabian oil company Aramco’s computers last August was declassified to illustrate the looming threat of cyber assault to private industry, said a Department of Defense official.

The attack, carried out by a piece of malware called Shamoon, reportedly destroyed over 50,000 of the oil giant’s computers, wiping away email, documents, spreadsheets and other files, replacing them with an image of a burning U.S. flag.

The attack was first revealed in a speech by Secretary of Defense Leon Panetta in mid-October when he called it “a significant escalation of the cyber threat” that could endanger U.S. power, water and transportation systems. “All told, the Shamoon virus was probably the most destructive attack that the private sector has seen to date,” he said.

The DoD got the information on the attack declassified to show private U.S. companies that the Cyber threat landscape had suffered a tectonic shift, said Eric Rosenbach, deputy assistant secretary of defense for Cyber policy at the Department of Defense. “Aramco was a foreshadowing,” he said on a panel discussion at the SINET D.C. Showcase on Oct. 25 in Washington on DHS, DoD and private industry Cyber responsibilities. “It marked a change. It showed more [Cyber] hygiene was needed. Several thousand U.S. companies had similar hygeine,” he said.

“We wanted to put the challenge back on the private sector,” he said later in the discussion.

In the days after the Aramco attack, the Department of Homeland Security was quickly in close contact with the companies in its 18 critical industry sectors to insure they hadn’t been affected or attacked, said Mark Weatherford, DHS deputy under secretary for Cyber security, National Protection and Programs Directorate (NPPD) speaking on the same panel. “We’ve been afraid of something like that,” he said.

Weatherford said his agency emphasized to infrastructure companies to evaluate how a Shamoon attack would look in their industry sectors. “This was a devastating attack. We’re looking to raise the bar in preparation for another,” he said.

Tags:

Upcoming Events

Event Details	Dates of Event
SANS Austin 2013	May 19 - 24
DoD VA Healthcare Training Forum	May 20 - 23
Transport and Logistics of Hazardous Material	May 27 - 28
Southwest Microwave Seminar	May 28 - 28
Border Management Southwest Summit	May 29 - 31
Cyber Security Conference & Expo	May 30 - 30
Mobile Device Security Summit 2013	May 30 - Jun 6
Security Analytics Summit 2013	May 30 - Jun 6
Cyber Security Conference & Expo	May 30 - 30
Southwest Microwave Seminar	May 30 - 30
SANS Malaysia @ MCMC 2013	Jun 3 - 8
2013 SIA Government Summit	Jun 4 - 5
Southwest Microwave Seminar	Jun 4 - 4
NCT: CBRNe Israel, 4 - 6 June 2013, Tel Aviv	Jun 4 - 6
SEL Modern Solutions Power Systems Conference	Jun 5 - 7
Mission Command	Jun 10 - 12
Cyber Securty Brainstorm	Jun 11 - 11
EDGE Summit 2013	Jun 11 - 11
IPv6 Summit 2013	Jun 14 - 16
SANSFIRE 2013	Jun 15 - 22
Oak Ridge National Laboratory's 2nd Biosurveillance Symposium	Jun 17
Biodetection Technologies 2013	Jun 18 - 19
Southwest Microwave Seminar	Jun 18 - 18
Cyber Defense and Network Security Summit	Jun 24 - 26
Vanguard Security & Compliance 2013	Jun 24 - 27
SANS Canberra 2013	Jul 1 - 13
Border Management & Technologies Summit	Jul 2 - 5
SANS Rocky Mountain 2013	Jul 15 - 20
SANS Mumbai 2013	Jul 22 - 27
SANS San Francisco 2013	Jul 29 - Aug 3
SANS Boston 2013	Aug 5 - 10
Cyber Security for Government	Aug 12 - 14
SANS Thailand 2013	Aug 19 - 31
SANS Virginia Beach 2013	Aug 19 - 30
Maritime Security 2013 West	Aug 19 - 21
930gov: Strategic Buying at Year-End Showcase	Aug 21 - 21