Thirty thousand computers used by Saudi Arabia's state oil company were wrecked by a cyber attack that US Secretary of Defense Leon Panetta described as a "significant escalation" of the ongoing cyberwar across the Middle East.
The computers, which belonged to Aramco, the Saudi state oil firm, were infected by a virus called Shamoon. The attack reportedly left the machines "permanently inoperable." Shamoon also struck and disabled computers belonging to Qatar's Ras Gas energy company.
According to the Washington Post, defense secretary Panetta, speaking before the Business Executives for National Security, characterized the Shamoon attacks as a "significant escalation of the cyberthreat."
The Shamoon strike against Aramco reportedly erased critical business files, replacing them with images of a burning American flag, along with garbage data. The report did not specify how the computers were permanently disabled.
Many experts were quick to point a finger at Iran. US-led sanctions have been hitting hard at its oil exports, and Iran was on the receiving end of the Stuxnet cyberattack that destroyed thousands of centrifuges used in its nuclear program. Other experts were said to express "skepticism" that Iran launched the Shamoon attack, though the grounds for their skepticism were not described.
An unnamed senior defense official, speaking on background, said that "It’s clear a number of state actors have grown their cyber-capabilities in recent years." Among the countries mentioned were Russia and China, as well as Iran.
In the larger picture, the identity of the attacker matters less than the existence of powerful cyberweapons such as Shamoon – and their ability to penetrate presumably well-protected computer systems. Middle East energy firms such as Aramco and Ras Gas are high-profile targets, and their operators surely knew they might be attacked. Either their cyber-security was deficient, or Shamoon was able to penetrate well-guarded systems.