Government agencies in Saudi Arabia hit by Shamoon Malware

197

Shamoon Malware has hit government agencies operating across Saudi Arabia in November this year. This was revealed in a report prepared by US security firms CrowdStrike, Palo Alto Networks Inc and Symantec Corp.


The security firms said that the newly emerged version of Shamoon virus has the potential to cripple entire PCs on a network. It strike is so intense that it wipes the master boot records that are used for start up.

FireEye which is another US firm offering cyber security services has confirmed this report and said that the infected systems by Shamoon usually take a lot of time to restore and the entire process is extremely expensive.

If we go into the history, Shamoon first hit the government agencies in Saudi Arabia in 2012. The attack proved intense for Saudi Arabian Oil Company named Aramco. At that time the intensity of the said virus was low. But now, the new version of Shamoon developed by cyber criminals from Iran is said to have a lot of potentials to create huge damage.

As per the news post of Bloomberg, several government agencies have been targeted by the new version of the malware. This includes Saudi’s General Authority of Civil Aviation and Saudi’s Air Office.

The Bloomberg news said that Shamoon is like a digital atom bomb which could destroy an entire network of government in one go. As per the news source, the early evidence suggests that the malware came from Iran. But the news is yet to be confirmed by US security firm Symantec Security Response team, which is involved in the cyber attack investigation at the Saudi’s government agency.

Shamoon’s sudden emergence after a 4-year hiatus is still unknown. But the malware is said to have triggered a disk wiping process on November 17, 2016, after the staff left for the weekend.

Note- in UAE, the weekends on Thursday and Friday is considered as a holiday.

The estimate of the damage will be made public soon.