...but shouldn't there be at least some minimal amount of security involved. Like not using known-to-be insecure systems and protocols?
Hackers who used the Shamoon worm to attack oil giant Saudi Aramco were bent on halting its fuel production, according to the company and Saudi government officials. The attack on Saudi Aramco — which supplies a tenth of the world’s oil — failed to disrupt oil or gas output even though it infected 30,000 computers and crippled …
Monday 10th December 2012 15:57 GMT Anonymous Coward
Every system is insecure. Anything with moving parts is going to have a security issue somewhere.
And it's going to be even worse if people are involved, because we're human and we do stupid, human things.
That worm was a poor attempt at destroying oil production, however. Most office networks are separated from the "SCADA"/infrastructure networks, not just be firewalls and routers, but by architecture and network design. Unless the Cutting Sword of Justice were planning to deploy a second-stage binary to hit either PLCs or some other component of the production network (with a clever payload, too, in order to fool any safeguards and thus do physical damage), it wasn't going to do anything apart from make some desktops require a re-imaging.
Annoying for the IT guys, but not the end of the world.
Maybe the CSOJ (Tonight or ever, anyone?) guys were dreaming of destroying the Saudi's oil-corp, but they lacked the required stuff (I wouldn't call them unsophisticated though).
Monday 10th December 2012 16:13 GMT Anonymous Coward
Monday 10th December 2012 16:28 GMT Anonymous Coward
Monday 10th December 2012 17:06 GMT Destroy All Monsters
"The miscreants accused the ruling royal family of interfering in the affairs of neighbouring countries, such as Syria and Bahrain."
Because photos of tanks being driven around and weapon crates being dropped off are just not enough, these are "accusations" made by miscreants.
Whereas hyped hearsay about the Iranian nuke program are "grave accusations" made by "reliable anonymous sources".
Monday 10th December 2012 17:39 GMT Herby
What they SHOULD have done
Is change the price of crude oil. Moving it down a significant amount ($20/bbl or so) would have probably disrupted the market more than attempting to stop the export.
Of course, making it go down to under $40 a barrel would be even nicer, as I do like my petrol less than a buck a gallon.
It isn't like they need even more money for a totally dysfunctional family that runs the country (and treats the female of the species as a piece of property).
Tuesday 11th December 2012 11:43 GMT Anonymous Coward
Re: What they SHOULD have done
Maybe that's what they did want, but in a form.
That bit about "planting images of a burning US flag" doesn't make for amateurs necessarily, nor even the coding errors. Post Stuxnet, I would guess that both spooks and serious cyber crims are mindful that they don't want the finger of blame pointing at them, and a reasonable way of doing that is the cyber equivalent of growing a beard. But who would waste time hacking into Aramco's network just to plant that image? After all a burning US flag is probably the screen saver for half of the Saudi employees.
Where I think you're missing the trick is that they probably did not want to drive the physical price down or up, as that requires a need to invest in real oil, including non-trivial stuff like having customers, delivery terminals, cash, and such like. I'd have thought the smart cyber crim wants to disrupt the futures market, having secured a short or long position which is inherently leveraged to the expected outcome. And that disruption might be attacking Aramco's network not for the SCADA, but simply to disrupt the trading business, even if only to take the Aramco traders offline for a few days. Throw in a bit of bad SCADA code appropriated from Stuxnet or elsewhere, and world plus dog thinks this is about physical shutdown.
And of course, if that is correct, then you'd need to consider the criminal speculators as the commissioners and potential beneficiaries of the attack, but the perps would likely be a separate bunch of technical guns for hire. Obviously this imples unconstrained crims, technical skills, and money laundering, and whilst I'm inclined to suggest RBS for some cheap laughs, one would guess either fomer USSR criminality, or a country under sanctions looking to raise some much needed cash outside the sanctions ring fence.
Monday 10th December 2012 21:15 GMT JaitcH
'Tis a lesson you should heed,
'Tis a lesson you should heed, Try, try again. If at first you do n't succeed, Try, try again.
[1840 T. H. Palmer Teacher's Manual 223] - Oxford Dictionary of Proverbs: (Home > Library > Religion & Spirituality > Proverbs)
One day may be the Hackers will be successful.
Tuesday 11th December 2012 12:32 GMT Tim Greenwood
Normal service after 10 days !!
I found the throwaway comment about systems working again after 10 days amusing as even now the Aramco networks are compromised. This is almost certainly a result of them tightening up their own security but until yesterday any emails I sent to any Aramco address were rejected by their system. Even now emails are only accepted with plain text and containing no weblinks or addresses and attachments don't seem to get through.