RIYADH // Saudi authorities have detected fresh attempts by hackers to disrupt government computers after security firm Symantec warned of a revival of malware used in previous cyberattacks.
The national cyber security centre “detected destructive electronic strikes against several government agencies and vital establishments”, Arab News reported.
The centre had warned on November 19 of “organised threats aimed at disabling the services provided by some agencies”, the paper said.
Foreign hackers were trying to implant malware or a virus to disrupt users’ data, it said.
Symantec said on Tuesday that the aggressive disc-wiping malware Shamoon “has made a surprise comeback and was used in a fresh wave of attacks against targets in Saudi Arabia”.
Shamoon was used in attacks against the Saudi energy sector in 2012 and “is largely unchanged from the variant used four years ago”, said Symantec.
“The attackers appear to have done a significant amount of preparatory work for the operation. The malware was configured with passwords that appear to have been stolen from the targeted organisations and were likely used to allow the threat to spread across a targeted organisation’s network.”
Symantec did not say which Saudi agencies were affected or who was responsible for the cyberattack on November 17. “However, with its highly destructive payload, it is clear that the attackers want their targets to sit up and take notice,” it said.
In August, Saudi state media reported cyberattacks against government institutions.
* Agence France-Presse
