Hackers Warn Of Cyber Attacks On Oil Companies In Saudi, UAE, Qatar

A Middle East-based group of hackers has issued a threat warning of cyber attacks against oil, gas and energy companies in the Middle East, security firm Symantec has revealed.

The threat, made by Anonymous, a politically motivated group of hacktivists, states that they are planning to attack before, during, and after June 20, 2014.

This is due to Anonymous disagreeing with the US dollar being used as the currency to buy and sell oil, Symantec said.

According to the security firm, governments that may be attacked include those in Saudi Arabia Kuwait and Qatar.

Some of the possible company targets include Kuwait Oil Company, Petroleum Development Oman, Qatar Petroleum, Saudi Aramco, ADNOC, ENOC and Bahrain Petroleum Company.

While there are limited details regarding the tools that will be used, based on previous observations, Symantec said the attacks will most likely include distributed denial of service (DDoS) attacks, phishing/spear-phishing emails, intrusion and data-theft attempts, vulnerable software exploration, web application exploits, and website defacement.

“Public announcements by these groups are often used as a means to gain notoriety or media attention and can be of highly volatile credibility,” the company said.

The Middle East’s petrochemical industry has been vulnerable to cyber attacks over the last few years, and Saudi Aramco, the world’s biggest oil producer, was hit by a major virus infection in August 2012.

Security experts have warned that the region is not well-prepared to deal with cyber crime and is susceptible to attacks.

Symantec said it has detection measures in place regarding the recent threat and also issued the following recommendations:

· Use a layered approach to securing your environment, including enterprise-wide security monitoring.

· Deploy network intrusion detection/prevention systems to monitor network traffic for malicious activity.

· Ensure all operating systems and public facing machines have the latest versions and security patches, and antivirus software and definitions up to date.

· Ensure all web servers are patched, configured to minimise the impact of DoS/DDoS attacks, and hardened against external threats.

· Utilise web application firewalls as a front-line defense against attacks.

· Ensure your IT and IT security staff are prepared and know what they need to do in the event of attack.

· Discuss DoS/DDoS mitigation strategies with your upstream provider and ensure they are aware of this threat.

· Ensure relevant third party vendors are also aware and accessible.

· Utilise DDoS protection services.

· For technologies not monitored/managed by MSS, ensure all signatures are up to date, including endpoint technologies.

· Ensure systems have a running firewall, unnecessary ports are closed/blocked, and unused services are disabled.

· To reduce the impact of latent vulnerabilities, always run non-administrative software as an unprivileged user with minimal access rights.

· Do not follow links or open email attachments provided by unknown or untrusted sources.

· Ensure staff is educated on social engineering and phishing techniques