Saudi officials confirmed on Thursday that a new iteration of Shamoon, a malware that targeted oil and gas companies in the Gulf region in 2012, had struck six institutions in the country in November, an attack that Iran likely coordinated.
(BEHROUZ MEHRI/AFP/Getty Images)
The monarchies of the Gulf Cooperation Council (GCC) have survived another brush with cyberwarfare. Several U.S.-based cybersecurity firms reported on Tuesday that a new version of Shamoon -- the same malware that wreaked havoc on oil and natural gas companies in the region in 2012 -- had surfaced, targeting computers in the Middle East. Then on Wednesday, Saudi Arabia confirmed that the latest version of Shamoon had hit six institutions in the kingdom, including its civil aviation authority, which lost significant data and experienced complications for several days after.
In tactics and intent, the latest attack was strikingly similar to the 2012 episode. Like that attack, the recent strike seemed to be intended as a warning to GCC countries, causing data loss without interrupting operations or destroying critical infrastructure. Furthermore, the use of malware against specific targets -- a more sophisticated tactic than, for instance, a distributed denial of service...
To empower members to confidently understand and navigate a continuously changing and complex global environment.