Saudi Aramco CISO on increase in cyber-attacks

Saudi Aramco has experienced an increase in attempted cyber-attacks since the final quarter of 2019, Reuters reported.
Saudi AramcoKhalid al-Harbi, chief information security officer (CISO) of Saudi Aramco, said the state-owned oil company has so far successfully countered the cyber-attacks.

“Overall there is definitely an increase in the attempts of (cyber) attacks, and we are very successful in preventing these attacks at the earliest stage possible,” Khalid al-Harbi told Reuters in a telephone interview.

“The pattern of the cyber-attacks is cyclical, and we are seeing that the magnitude is increasing, I would suspect that this will continue to be a trend,” he said.

Saudi Arabia has been the target of frequent cyber-attacks, including the “Shamoon” virus, which cripples computers by wiping their disks and has hit both government ministries and petrochemical firms, the latest of these was in 2017.

Aramco, which pumps 10 percent of global oil supply, experienced its largest cyber attack to date in August 2012, when a Shamoon virus attack damaged around 30,000 computers and was aimed at stopping oil and gas production at the biggest OPEC exporter.

Aramco’s facilities were also attacked in September by drone and missile strikes that shut down 5.7 million barrels per day of output – more than 5 percent of global oil supply. The U.S. blamed Iran for the attack, something Iran has denied.

Harbi also said that there had been attempts to infiltrate Aramco via Emotet, a malware that has been active globally, but it was successfully prevented.

The malware has impacted other small organizations in Saudi Arabia.

Harbi said that identifying the source of the cyber attacks was the most difficult aspect of cyber security.

On Tuesday, Aramco CEO, Amin Nasser, said on the sidelines of a cyber security forum in Riyadh that his company puts cyber security among top corporate risks, “at par with market share loss, disruptive technologies, serious industrial accidents and geopolitical shocks.”

In 2017, Saudi Arabian security officials said that the country had been targeted as part of a wide-ranging cyber espionage campaign observed against five Middle East nations as well as several countries outside the region.

0 0 vote
Article Rating
Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments