NSA director warns Middle East oil and gas firms of vulnerability against cyber attacks

Up to 90 per cent of computers worldwide with intellectual, monetary or strategic value are infected with undetected malicious software.

Powered by automated translation

Up to 90 per cent of computers worldwide with intellectual, monetary or strategic value are infected with undetected malicious software, says a former director of the United States National Security Agency (NSA).

The GCC’s oil and gas sectors are particularly vulnerable compared to other parts of the world because of the high concentration of oilfields.

“Every major computer system of consequence most likely has malware in it, placed in by an adversary,” said John McConnell, the former director of national intelligence in the US, who isnow a vice-chairman of Booz Allen Hamilton, which provides consultancy services to the US government.

“So much of the world’s oil production happens here and the pursuit of technologies to make it more efficient. When you increase that level of automation and use of IT [information technology], it only increases the vulnerability.”

The majority of these malware are designed to go undetected and can be remotely activated. Most of the malware targeted at the Middle East are aimed at stealing intellectual property and exploiting information.

One of the most high-profile examples of a cyberattack in the region was the “Shamoon” virus directed against petroleum producer Saudi Aramco, which infected 30,000 of its computers. Qatar’s RasGas was also attacked.

Mr McConnell said Shamoon originated from Iran. “Any number of organisations that have examined the profile both from commercial and government side concluded that it orginated in Iran,” he said.

Hacktivists in Iran have been particularly active over the past 18 months, targeting their attacks against the US and Saudi Arabia. Most of Iran’s attacks in the US had been aimed at the banks as a result of their frustration stemming from the US-led sanctions on the country, said Mr McConnell.

The US, Russia and the United Kingdom have the most robust cybersecurity systems in the world. The most prolific cyberattackers, however, are the Chinese.

“There are 180 plus nations in the world and 150 to 160 have exploit capabilities,” said Mr McConnell. “Nation states exploit each other to understand threat levels. Most are looking at their sphere of influence and the countries around them. The Pakistanis are most interested in exploiting and attacking the Indians and Afghans.”

Targeted attacks can cost a firm up to US$2.4 million in damages, according to a report by Kaspersky Lab.

But companies are still reluctant to spend the necessary funds to detect and prevent these cyberattacks. According to Mr McConnell, about 5 to 10 per cent of a company’s IT budget should be spent on cybersecurity.

Attacks via browsers are the primary method for spreading malware.

Between July and September, Kaspersky Lab detected 1.2 million internet-borne malware incidents on computers in the UAE, affecting 26.4 per cent of users.

Local threats – usually offline methods that involve spreading malware via USB drives, CDs and DVDs – caused 17.4 million malware incidents, affecting more than 40 per cent of computers in the UAE.

thamid@thenational.ae