1(630)802-8605 Ravi.das@bn-inc.net

One thing that we hear about constantly in the news almost every hour is that of yet another Cyber attack happening.  Traditionally, we keep hearing about attacks that affected United States businesses, with these threats originating from geographic origins such as China, North Korea, and China.  Right now, the most common targets appear to the retail outfits.

We just write a blog about that a few days ago.  In fact, it does make some sense for the Cyber attacker to threaten this kind of industry.  With just a small scale Cyber attack, the hacker can get the financial information of millions of customers.

In fact, I was just reading a news article where yet another retail outfit was hit with a Cyber attack. But this time, only about 33,000 records from the database were stolen (really, any loss is unfortunate, but this miniscule when compared to the Target and Home Depot attacks).

Well now, it is not just the United States that is affected by Cyber attacks.  Now, even Saudi Arabia is as well.  I also came across a news wire where an oil refinery was an actual target.  This actually occurred back in August 2017, but news of it didn’t start trickling about it until now.

Apparently, the ultimate aim of the Cyber attacker was not only hijack mission critical data, but to even cause an explosion.  Boy, this is the first time that I am hearing of physical destruction as an objective of the Cyber attacker.  This just shows that nothing is safe anymore:  “In this case, the attack against the Saudi plant did not simply have the objective of stealing data or halting operations – it was to sabotage the firm’s operations and trigger an explosion.”  (SOURCE:  https://www.securitymagazine.com/articles/88818-saudi-arabia-investigating-critical-infrastructure-cyberattack).

As of the present time, the identity of the Cyber attackers have not been discovered, but it is widely believed that they won the support of a rogue foreign government (maybe North Korea again??) in order to launch this attack.  If there is any good news out of this unfortunate event is that the explosion failed to trigger.

The reason for this is that there was an error in the source code of the .EXE malware that the Cyber attacker launched.  This makes me even wonder if there are other special source code checkers now popping up on the Dark Web as a result of this.

In order for this kind of explosion to take place, the Cyber attacker tried to hit the industrial controllers of the oil refinery.  This regulates the voltage, pressure, and temperature of all of the piping and related equipment.

Apparently, these industrial controllers were supplied by an American company.  The fear is now that this kind of attack could be very easily replicated across the thousands of other oil refineries that currently exist in Saudi Arabia.

But keep in mind that in this regard, a Cyber attack does not have to be a virtual based one.  Instead, a Cyber attacker can actually blend in with the actual employee population at the oil refineries, and gain key access to secure areas.

From here, he or she can then glean the information they need to launch a subsequent Cyber attack, and create account information in order to gain access to the IT infrastructure.  Therefore, it is very important for these oil refineries in Saudi Arabia to conduct exhaustive background checks on contracted employees – something that is currently not enforced yet, though such policies are in place.

The other shocking discovery is that this is not the only incident that happened in Saudi Arabia.  A similar incident also transpired in January 2017, where the computers literally went offline at the National Industrialization Company and the Sadara Chemical Company.  Recovery took a very long time – many months.

There is lot to be learned here – probably the key take away here is that the Cyber attacker just does not want your credit card information any more-rather, they are now also bent on total physical destruction.  The other lesson to be learned is that Cyber attacks just don’t happen over the Internet thousands of miles away – it can happen just as well even a few feet away from you.