Saudi Aramco restores internal network after virus attack

State oil producer Saudi Aramco said Sunday it has restored all its main internal network services that were impacted by a virus which infected thousands of employee computers in mid-August.

“We addressed the threat immediately, and our precautionary procedures, which have been in place to counter such threats, and our multiple protective systems, have helped to mitigate these deplorable cyber threats from spiraling,” said Khalid Al-Falih, president and CEO of Saudi Arabia, in a statement published on the company’s Facebook page.

In the statement, al-Falih reiterated that its primary enterprise systems of hydrocarbon exploration and production were unaffected and said the company continues to investigate the causes of the incident and those responsible for it.

One of Saudi Aramco’s websites, www.aramco.com, which was taken offline soon after the attack, was back up Sunday with a message apologizing to users for any inconvenience.

“Our computer systems were hacked, and this virus appears to be coming from outside and not from someone inside Aramco, but an investigation to find out what happened is still ongoing,” one Saudi source told Reuters about the attack.

“Only personal computers were affected and until now some of these computers aren’t working…This does not include any sensitive information related to production and no damage was done to any of the systems controlling production.”

Immediately after the attack, the company announced it had isolated its electronic systems from the outside world to prevent further attacks.

Information technology experts have warned that cyber attacks on countries’ energy infrastructure, whether conducted by hostile governments, militant groups or private “hacktivists” making political points, could disrupt energy supplies.

Iran, the target of international economic sanctions on focused on its oil industry over its disputed nuclear program, has been hit by several cyber attacks in the last few years.

In April, a virus targeted Iranian oil ministry and national oil company networks, forcing Iran to disconnect the control systems of oil facilities including Kharg Island, which handles most of the country’s crude exports.

Iran has attributed some of the attacks to the United States, Israel and Britain; current and former U.S. officials told Reuters this year that the United States built the complex Stuxnet computer worm to try to prevent Tehran from completing suspected nuclear weapons work.

Al Arabiya

  • 5thDrawer

    Why ANY computer system controlling any kind of business-system of production, or internal machine-function analysis, would be connected to the outside world on a network is beyond me, considering the number of bone-heads in that out-side world.
    The only answer is that ‘Big Busines’ does not wish to hire and train enough people at fair wages to keep an eye on things in any one location. They would rather only need to pay one person linked to all the computers in their particular inner-world. And then, ‘keep an eye’ on him/her as well.
    This is, of course, the results of a faulty concept of ‘Business-Systems’ development. And it puts everyone working in some jobs in danger, especially if the machines can be tampered with.
    The age of the computer, wonderful as it is, also works against ‘the people’ because of the faulty thinking.
    It’s one thing to take away jobs, or reduce the number of people needed to perform them; it’s some kind of insanity to then have potentially-open control of job-systems to child-like nerdy hackers who care nothing for, or can’t imagine the need of, the safety of ‘the people’ working in one place – let alone politically-bent ‘professional’ corporation-killers.
    Keep systems-control OFF of the internet. Is that too simple?
    Just because the control-panel can be linked to show some dough-head ‘boss’ in an office somewhere (or some sales-pusher) a pretty and colourful analysis chart they don’t understand on a minute-by-minute basis doesn’t mean it should be.
    Record something the sales-guy can show the world on a monthly basis. Send a memo to the boss. And keep their internet-linked computers totally away from the systems-control.
    Sorry to say, you might need to hire someone to provide those things. Too bad. Take it out of the CEO’s over-the-hill salaries.

  • 5thDrawer

    Why ANY computer system controlling any kind of business-system of production, or internal machine-function analysis, would be connected to the outside world on a network is beyond me, considering the number of bone-heads in that out-side world.
    The only answer is that ‘Big Busines’ does not wish to hire and train enough people at fair wages to keep an eye on things in any one location. They would rather only need to pay one person linked to all the computers in their particular inner-world. And then, ‘keep an eye’ on him/her as well.
    This is, of course, the results of a faulty concept of ‘Business-Systems’ development. And it puts everyone working in some jobs in danger, especially if the machines can be tampered with.
    The age of the computer, wonderful as it is, also works against ‘the people’ because of the faulty thinking.
    It’s one thing to take away jobs, or reduce the number of people needed to perform them; it’s some kind of insanity to then have potentially-open control of job-systems to child-like nerdy hackers who care nothing for, or can’t imagine the need of, the safety of ‘the people’ working in one place – let alone politically-bent ‘professional’ corporation-killers.
    Keep systems-control OFF of the internet. Is that too simple?
    Just because the control-panel can be linked to show some dough-head ‘boss’ in an office somewhere (or some sales-pusher) a pretty and colourful analysis chart they don’t understand on a minute-by-minute basis doesn’t mean it should be.
    Record something the sales-guy can show the world on a monthly basis. Send a memo to the boss. And keep their internet-linked computers totally away from the systems-control.
    Sorry to say, you might need to hire someone to provide those things. Too bad. Take it out of the CEO’s over-the-hill salaries.

  • 5thDrawer

    Why ANY computer system controlling any kind of business-system of production, or internal machine-function analysis, would be connected to the outside world on a network is beyond me, considering the number of bone-heads in that out-side world.
    The only answer is that ‘Big Busines’ does not wish to hire and train enough people at fair wages to keep an eye on things in any one location. They would rather only need to pay one person linked to all the computers in their particular inner-world. And then, ‘keep an eye’ on him/her as well.
    This is, of course, the results of a faulty concept of ‘Business-Systems’ development. And it puts everyone working in some jobs in danger, especially if the machines can be tampered with.
    The age of the computer, wonderful as it is, also works against ‘the people’ because of the faulty thinking.
    It’s one thing to take away jobs, or reduce the number of people needed to perform them; it’s some kind of insanity to then have potentially-open control of job-systems to child-like nerdy hackers who care nothing for, or can’t imagine the need of, the safety of ‘the people’ working in one place – let alone politically-bent ‘professional’ corporation-killers.
    Keep systems-control OFF of the internet. Is that too simple?
    Just because the control-panel can be linked to show some dough-head ‘boss’ in an office somewhere (or some sales-pusher) a pretty and colourful analysis chart they don’t understand on a minute-by-minute basis doesn’t mean it should be.
    Record something the sales-guy can show the world on a monthly basis. Send a memo to the boss. And keep their internet-linked computers totally away from the systems-control.
    Sorry to say, you might need to hire someone to provide those things. Too bad. Take it out of the CEO’s over-the-hill salaries.