Home / Software & Gaming / Security / Hacktivists infect 30,000 PCs at Saudi oil company

Hacktivists infect 30,000 PCs at Saudi oil company

For as long as there have been computers, there have been hackers. Moving forward in the 21st century, there seems to be an ever increasing risk of activists, with a political agenda and computer skills, attacking major companies without putting themselves at risk in the streets. KitGuru considers this latest wave of attacks and what it could mean for corporate security in the future.

Roll the clock back around 4,000 years and the small strip of land to the West of Jordan was owned by the Canaanites, a land of merchants. At some point the Israelites conquered the land, followed by the Babylonians and it’s been the same ever since. According to who you speak to, this land is not Israel or Palestine. For the Arab Youth Group (AYG), the area should be Palestine and, they feel, that claim should be backed up by all in the Arab world.

From what you can find on the web, the AYG believes that Saudi Arabia has got into bed with the USA (and, through that relationship, Israel) and turned its back on the plight of the Palestinians. You can read more about it here.

Wikipedia's 'map of ownership' for the region West of Jordan over the last 4,000 years is complex to say the least

So far, this is the kind of discussion and disagreement that you would expect to find anywhere there is contention. But last week, the AYG claims to have launched a huge malware-hack-attack on Saudi Aramco, which is part and parcel of Saudi Arabia and one of the biggest oil companies in the world.

Of the 120,000 PCs said to be inside the company’s network defence system, AYG claims that around 30,000 were hacked and infected with a malware threat called Shamoom. The key attribute of this attack is that, after data has been pulled out of the machine, the system is encouraged to ‘commit suicide’ by destroying its own Master Boot Record (MBR) etc, effectively rendering the PC dead.

Even though this is one of the most destructive hacktivist attacks every launched, the AYG claim that it is only a ‘first step’ against Saudi Arabia. On their blog post, the AYG seem quite clear about what happens next if, in their opinion, the Saudis continue to support Israel:-

“…[We have] Targeted Administrable structures and substructures of Aramco and Also the Stock Exchange of Saudi Arabia. This action has been done in order to warn the Saudi rulers. If the rulers of Saudi Arabia continue to betray the nation, will face more severe action…”

Quite what action would be considered ‘more severe action’ than crippling 30,000 PCs in a company, has not been clarified – but it doesn’t sound good.

Having watched even the most peaceful protests in the UK end in deaths, speaking against the authorities in any country seems fraught with danger – even if you do it peacefully and within the bounds allowed by law/free speech in your country. It’s easy to see how any government’s strong-armed approach to demonstrations in the street, will lead directly to an increase in the kind of attack made by the AYG.

If you were running the Saudi government and were offered the choice between on-going electronic attacks or civil protest against the crown in the streets of Riyadh or Jeddah, what would you choose?

Khalid Al-Falih runs Saudi Aramco which has suffered a huge electronic attack by Arab Youth Group hacktivists


KitGuru says: While riots are clearly wrong, demonstrations that allow normal citizens freedom of speech should be encouraged – if only because they can serve as a pressure valve to allow alternative opinions through into the mainstream. What happened at Saudi Aramco seemed to be disturbingly different. Saudi Aramco might be one of the world’s biggest supporters of Israel or it could be largely indifferent. The question is ‘Who is to say – and who should decide what the consequences will be?’. From what we have seen, the AYG believe that it is their judgement call and that they must also carry out punishment. Now that is a dangerous path.

Comment below or in the KitGuru forums.

Become a Patron!

Check Also

Twitch confirms login credentials were not accessed during hack

Earlier this month, Twitch was hacked, leading to massive data leaks, including streamer payment information, …