Israeli exposure: Iranian hackers stand behind cyber attack on major Middle East oil makers

The Israeli company Otorio reveals that Iranian hackers are behind one of the biggest attacks on oil producers in the Middle East. Hackers make use of new ransom software that disrupts systems, causing the victim to choose between ransom payment or information destruction

Israeli exposure: Iranian hackers stand behind cyber attack on major Middle East oil makers

"Iranian hackers are behind one of the attacks on major oil producers in the Middle East," reports the Israeli company Otorio, a leader in the global cyber defense market. According to the report, this is a new ransom software called "Sanke" designed to disrupt the operation of industrial control systems. Like other ransomware, "Snake" also floods software and documents on infected computers, and to prevent the encrypted files from being archived, it removes all file copies and leaves no choice for victims, but chooses to lose the data or pay the ransom for key delivery Encryption.

Find out if your name is on the list of people who are eligible for Portuguese citizenship and European passports

In collaboration with Passportogo

Otorio's in-depth analysis reveals that the new heresy is designed to bring hundreds of processes to a halt using the "kill list" almost identical to the heresy MegaCortex software, which was first discovered in mid-2019. The company's analysis also revealed that the heresy was engineered to damage industrial control and control processes Very specific to General Electric components. One likely candidate for a potential target for the attack: Bahrain's leading national oil company, BAPCO.

Iranian President Hassan Rouhani at Cabinet meeting in Tehran (Photo: AP)

Iranian President Hassan Rouhani at Cabinet meeting in Tehran, January 15, 2020. (Photo: AP)

"The potential damage from an attack using Snake could be significant to the victim," says Dor Jordan, head of the company's response team. "Deleting or locking targeted industrial control systems will prevent access to essential processes related to manufacturing process management including analysis, communication, control and control. This is akin to covering both the eyes of a car driver and removing the steering wheel while traveling. This is not the first time the bapco oil giant has been used As a target for targeted cyber attack, ”Jordanian adds. "It has only recently been reported that Iranian-backed hackers have planted malware on BAPCO's corporate network to erase Dustman's data. The coincidence within a short period of time raises the likelihood that these two incidents are related."