UAE unscathed by coordinated cyber attack against oil companies
Jun 23, 2013
DUBAI // A cyber attack launched against the oil industry has not affected UAE companies, but security experts remain on high alert.
- ■ Hacktivism the motivator of cyber attacks in Middle East
- ■ Virgin Radio website hacked in protest at 'bling' and Western singers performing in UAE
- ■ Secrets of a master hacker revealed at Gulf security conference
The #OpPetrol campaign was started on June 20 by hacking-activist group Anonymous. It claims to be targeting oil companies in Saudi Arabia, Qatar and Kuwait in protest that oil products continue to be traded in the US dollar instead of the currency of the country it originates from.
Internet security company Trend Micro said Anonymous had already compromised approximately 1,000 websites, 35,000 email credentials, and more than 100,000 Facebook accounts as a part of the #OpPetrol operation.
Government websites in Kuwait, Qatar, and Saudi Arabia have also been taken offline.
The group used botnets to compromise the oil companies' computer systems, Trend Micro said, and was possibly part of a distributed denial-of-service (DDoS) attack.
A backdoor Trojan known as Cycbot has also been used to allow the group to take control of affected computers, retrieve secure information and launch DDoS attacks.
Richard Sheng, senior director of enterprise security at Trend Micro Asia Pacific, said the IT threat landscape was evolving.
"Cyber attacks are now targeted, customised and persistent," he said. "While hacktivists makes announcements of their attack campaign, most cybercrimes and espionage goes undetected by conventional security controls such as firewall, antivirus or intrusion detection systems. Organisations need to assume they will be compromised and redefine their IT security with that mental model."