Shamoon Malware behind Saipem Cyber Attack

57

Saipem, the Italian oil services firm has discovered in its cyber attack investigation that last week’s disruption of its 300 servers was caused by Shamoon Virus attack- linking it to the 2012’s massive attack on Saudi Aramco.

A statement released by the company on Wednesday says that the work to restore the operations was going on in a controlled manner. And the press update confirms that the attack crippled around 356 servers and up to 100 personal computers out of about 4,000 Saipem PCs.

Mauro Piasere, the head of the company’s Digital and Innovation said that the company’s data was 100% secure due to an applaudable business continuity plan.

Adam Mayers, the VP of cybersecurity firm CrowdStrike said that the attack could have been launched by Iranian intelligence as it was found doing the same in the previous Shamoon virus break out on Saudi Aramco in 2012.

Coming to Shamoon’s technical details, it is a modular computer virus which blocks the infected computer from booting up- as the malware blocks overwriting of a file known as master boot record.

In the past, the virus developers which happen to be hailing from Iran have used the malware as a cyber warfare against the national oil companies of Saudi Arabia based Saudi Aramco and Qatar’s RasGas.

Note- Saudi Aramco happens to be the biggest client of Saipem.