- 2012, aug/15
- More details discovered about aug/5 cyber attack on Saudi Aramco company.
- The company has about 40000 computer clients and about 2000 servers, the destructive virus was known to wipe all information and operation system related files in at least 30000 (75%) of them all data lost permanently.
- Among the servers which destroyed are the company main web server, mail server (smtp and exchange), and the domain controller which as the central part of their network.
- All clients are permanently shut down and they will not be able to recover them in a short period.
- The main company web site ( www.aramco.com ) was down during 24 hours and at last they redirected it to an outside country web site called "www.saudiaramco.com".
- Hackers did not tell more news about the attack till now, we must wait for it.
- Reuters reported from aramco managers that they will back all things to normal position soon
- ( http://uk.reuters.com/article/2012/08/15/us-aramco-virus-idUKBRE87E18S20120815 ) :
- “An official source of Saudi Aramco confirmed that it had isolated electronic systems for
- the entire company today and cut off external access as an early precaution.
- The source ... reiterated the lack of any effect at all on the work of production due to
- the strength of advanced protection systems
- and ( http://www.bloomberg.com/news/2012-08-15/aramco-says-virus-attacks-network-oil-output-unaffected.html )
- “The major components of the network are safe, according to an e-mailed statement from the state-owned oil company known as Saudi Aramco. Normal operations should return soon, it said without specifying a timetable. The virus entered the network through personal computers,”
- Hackers say these are all bullcrap. The damage are very wide and will affect the company's normal work for a long time. Also hackers say that they have stolen a very large amount of sensitive information from the company before destroying them. Hackers may publish some of this information later.
- Other references :