Italian Oil Services Attacked By Shamoon Virus
Italian oil services firm named Saipem had its more than 300 company's computers attacked by a variant of the most notorious Shamoon virus. The virus previously also struck oil firms in 2012 and links to the massive attack on Saudi Aramco.
Saudi Aramco is the leading customer of Saipem. Saipem is one of the world's largest oil firm in subsea engineering and construction field and is purely controlled by the Italian state lender CDP and oil firm Eni.
What Company Representative Has To Say?
The company representative after the attack on Wednesday said in a statement, "The cyber attack hit the servers based in the Middle East, Aberdeen, India, and Italy through different variants of Shamoon malware."
It further said, "At present, the work is underway to restore operations in a gradual and controlled manner after the attack."
The company's head in digital and innovation, Mauro Piasere said, "The attacks crippled around 400 servers, 100 personal computers and 4000 Saipem machines."
He further said, "The company first identified the cyber attack on Monday. No data is lost as the company has back up of all the affected computers."
However, Adam Meyers, the vice president of U.S. cybersecurity firm CrowdStrike said, "he believed Iran was majorly responsible for the attacks on oil firms because the technical analysis on the attacks till now showed some similarities to the variants of Shamoon virus."
Leon Panetta, former U.S. Defense Secretary said, "the 2012 cyber hack of Saudi Aramco was the most destructive attack on any private business."
He further added, "After the attack, Shamoon went inactive until it resurfaced itself in late 2016 during the series of Middle East attacks which then continued till early 2017."
Shamoon Virus - Attack Characteristics
The Shamoon virus has always been used in some of the most intriguing and damaging cyber attacks that started in 2012 when it first crippled more than ten thousand computers at RasGas Co. Ltd. and Saudi Aramco in the Middle East.
These cyber attacks when properly researched, cybersecurity researchers found that the attacks were conducted from Iran.
Shamoon Virus has three variants which are still unknown. The threat wipes out the hard drives of networked computers by sending the attacker a list of all the filenames that are to be deleted.
But in this latest attack of Shamoon, the lack of access to the command and control servers means that online function no longer works.
Shamoon disables the computers by overwriting a master boot record file which makes it impossible for the devices to start up. It went dark for a very long period and it now seems to be back.
Cyber attack security researchers now widely believe that people working for the Iranian government are behind all previous Shamoon attacks. The Anti-U.S. imagery code used in the attacks strongly supports this assumption.
As per the security reports, it is yet to see how Saipem and other oil firms will get back to the working although the data is backed up.
Tips to Prevent virus and malware from Infecting Your System:
- Enable your popup blocker: Pop-ups and ads on the websites are the most adoptable tactic used by cybercriminals or developers with the core intention to spread malicious programs.
So, avoid clicking uncertain sites, software offers, pop-ups etc. and Install a powerful ad- blocker for Chrome, Mozilla, and IE
- Keep your Windows Updated: To avoid such infections, we recommend that you should always keep your system updated through automatic windows update.By doing this you can keep your device free from virus.According to the survey, outdated/older versions of Windows operating system are an easy target.
- Third-party installation: Try to avoid freeware download websites as they usually install bundled of software with any installer or stub file.
- Regular Backup: Regular and periodical backup helps you to keep your data safe in case the system is infected by any kind of virus or any other infection.Thus always backup important files regularly on a cloud drive or an external hard drive.
- Always have an Anti-Virus: Precaution is better than cure. We recommend that you install an antivirus like ITL Total Security or a good Malware Removal Tool like Download Virus RemovalTool
