Skip to main content

Shamoon virus targets energy sector infrastructure


A new threat targeting infrastructure in the energy industry has been uncovered by security specialists.
The attack, known as Shamoon, is said to have hit "at least one organisation" in the sector.
Shamoon is capable of wiping files and rendering several computers on a network unusable.
On Wednesday, Saudi Arabia's national oil company said an attack had led to its own network being taken offline.
Although Saudi Aramco did not link the issue to the Shamoon threat, it did confirm that the company had suffered a "sudden disruption".
In a statement, the company said it had now isolated its computer networks as a precautionary measure.
The disruptions were "suspected to be the result of a virus that had infected personal workstations without affecting the primary components of the network", a statement read.
It said the attack had had "no impact whatsoever" on production operations.
Rendered unusable On Thursday, security firms released the first detailed information about Shamoon.
Experts said the threat was known to have had hit "at least one organisation" in the energy sector.
"It is a destructive malware that corrupts files on a compromised computer and overwrites the MBR (Master Boot Record) in an effort to render a computer unusable," wrote security firm Symantec.

Start Quote

Why would someone wipe files in a targeted attack and make the machine unusable?”
End Quote Seculert
The attack was designed to penetrate a computer through the internet, before targeting other machines on the same network that were not directly connected to the internet.
Once infected, the machines' data is wiped. A list of the wiped files then sent back to the initially infected computer, and in turn passed on to the attacker's command-and-control centre.
During this process, the attack replaces the deleted files with JPEG images - obstructing any potential file recovery by the victim.
'Under the radar' Seculert, an Israel-based security specialist, also analysed the malicious code and concluded that it had unusual characteristics compared with other recent attacks.
"The interesting part of this malware is that instead of staying under the radar and collect information, the malware was designed to overwrite and wipe the files," the company said.
"Why would someone wipe files in a targeted attack and make the machine unusable?"
Shamoon is the latest in a line of attacks that have targeted infrastructure.
One of the most high-profile attacks in recent times was Stuxnet, which was designed to hit nuclear infrastructure in Iran.
Others, like Duqu, have sought to infiltrate networks in order to steal data.

Comments

Popular posts from this blog

What is the difference between a frigate,cruiser,destroyer, battleship ?

Usually the size and the purpose. The period of time sometimes distinguishes the name.Modern navy combat ships are generally divided into seven main categories. The categories are: Aircraft Carriers, Battleships, Cruisers, Destroyers, Frigates, Submarines, and Amphibious assault ships. There are also support and auxiliary ships, including the minesweeper, patrol boat, and tender. During the age of sail, the ship categories were divided into the ship of the line, frigate, and sloop-of-war.
Frigate is a name which has been used for several distinct types of warships at different times. It has referred to a variety of ship roles and sizes. From the 18th century, it referred to a ship smaller and faster than a ship-of-the-line, used for patrolling and escort work rather than fighting fleet actions. In modern military terminology, the definition of a frigate is a warship intended to protect other warships and merchant marine ships and as anti-submarine warfare (ASW) combatants for amphibiou…

10 Ways Men Are Dressing Wrong

Why are we not allowed to switch on our phones at Petrol stations?

If we use cell phone at petrol station its radiation can make any spark in some machine of the patrol station.And a little spark can make a big explosion.So,Better stay away from it because It is better to safe than sorry