JEDDAH – Middle Eastern oil and gas companies have been targeted in massive attacks on their computer networks in an increasingly open cyber war where a new virus was discovered just this past week.
US Defense Secretary Leon Panetta referred publicly for the first time about the “Shamoon” virus that hit Saudi Aramco in August.
The virus also hit Rasgas, a joint venture between US oil firm Exxon Mobil Corp and state-controlled Qatar Petroleum.
Panetta called the sophisticated virus “the most destructive attack that the private sector has seen to date.”
However the threat that digital attacks could cripple vital infrastructure is real, with Panetta warning of the possibility of a “cyber-Pearl Harbor” to justify a policy of moving aggressively against threats.
A senior US administration official, who spoke on condition of anonymity, told AFP the cyber attack on the Gulf oil giants was believed to be carried out by a “state actor”.
Kaspersky Labs, which detected the “Flame” and “Gauss” viruses, announced Monday it had found a new cyber espionage weapon it dubbed “miniFlame”.
It described the virus as “a high precision, surgical attack tool ... designed to steal data and control infected systems during targeted cyber espionage operations.”
Kaspersky said “we have only just scratched the surface of the massive cyber espionage operations ongoing in the Middle East. Their full purpose remains obscure and the identity of the victims and the attackers remains unknown.”
Christian Harbulot, the head of the Economic Warfare School in Paris, warned that “it is extremely difficult to undo the knot” in what is also a propaganda war.
For Nicolas Arpagian at France’s National Institute of Advanced Security and Justice Studies, the latest attacks “show that arsenal of digital weapons is getting bigger, and that when you have such an arsenal the use of cyberweapons is bound to become more commonplace.”
As online possibility continues to grow at a fast pace, so does the need for up-to-date security. The ability to access information has never been this interactive. With this constant free flow of information there have also been several high profile cyber-attacks on critical infrastructure.
The global security systems industry encompasses many domains and touches on an array of sectors such as energy, oil & gas, construction, petrochemicals, power and mining. It becomes imperative to safeguard these critical infrastructure assets, ensure continuity in operations while having the appropriate mechanisms in place to prevent any attempts of vandalism, terrorism, sabotage, criminality, piracy and theft.
Threats against the energy industry are progressively increasing during a constantly evolving threatening landscape. Security operations will be forced to continuously adapt to these variety of challenges including economic, criminal, political, as well as homeland security constraints.
Against this backdrop, the 8th Middle East Energy Security Forum will be held on Dec. 4-6 at Habtoor Grand Resort and Spa in Dubai. The forum is all set to reveal the latest cyber security techniques, risk management and assessment, maritime critical infrastructure and hostile reconnaissances.
In its eighth successful year, the forum will host companies like Baker Hughes, Petronas, Saudi Aramco, Petropars, Saudi Aramco, Bechtel, American University of Sharjah, BP Turkey, NATO HQ, Emirates National Oil Company Limited, Massachusetts Institute of Technology and Masdar Institute and BP Turkey, to mention a few.
The event will address increasing need for the effective and efficient integration of operations into an overall business security strategy as well as the implications behind such integration into the business.
The 8th MEESEC calls on the industry to rethink strategies and exercise security, business continuity and emergency response frameworks within a relatively short span of time.
The event promises to bring leading industry experts from across the globe to discuss pressing concerns to security professionals and mitigating measures through panel discussions, case studies, speaker presentations and focused workshops during the three day conference. – SG