The monarchies of the Gulf Cooperation Council (GCC) have survived another brush with cyberwarfare. Several U.S.-based cybersecurity firms reported on Tuesday that a new version of Shamoon -- the same malware that wreaked havoc on oil and natural gas companies in the region in 2012 -- had surfaced, targeting computers in the Middle East. Then on Wednesday, Saudi Arabia confirmed that the latest version of Shamoon had hit six institutions in the kingdom, including its civil aviation authority, which lost significant data and experienced complications for several days after.
In tactics and intent, the latest attack was strikingly similar to the 2012 episode. Like that attack, the recent strike seemed to be intended as a warning to GCC countries, causing data loss without interrupting operations or destroying critical infrastructure. Furthermore, the use of malware against specific targets -- a more sophisticated tactic than, for instance, a distributed denial of service...
