Shamoon, Flame and other cyber sabotage malware
About 30,000 Windows PCs at Saudi oil company Saudi Aramco were believed to have been rendered unusable in August after they were infected by a particularly destructive virus called Shamoon. The virus was noteworthy because it not only corrupted and deleted files, but also completely overwrote the Master Boot Record on Windows PCs thereby rendering them useless.
Though Aramaco downplayed the seriousness of the incident, Shamoon stirred concern at the highest levels of the U.S. government. In a speech at a meeting of Business Executives for National Security (BENS) in New York, U.S. Secretary of Defense Leon Panetta described Shamoon as one of the most destructive viruses ever and one that could be used to launch an attack as calamitous as the 9/11 attacks.
Security experts see Shamoon and similar malware, such as Flame and BatchWiper, as harbingers of a new class of tools that will increasingly be used in hacktivist attacks, for cyber espionage and cyber sabotage purposes.
"With assertions that attempts were made to destroy data and some suggestion of state sponsorship, Shamoon signals a move towards more serious economic espionage, regardless of motives," said Pete Lindstrom, an analyst with Spire Security in Malvern, Penn.
Many believe that the New York Times' report in June that the U.S. government had been actively involved in the development and use of Stuxnet to disrupt Iran's nuclear program may have ushered in an era of more open cyber hostilities between nations.
The big worry is that by choosing to develop and use cyber weapons such as Stuxnet, the U.S. government has exposed its own companies and networks to similar attacks by nations that are likely to be less hesitant about launching them. Many of the recent DDoS attacks against major U.S. banks, for instance, are believed to be the work of Iranian hackers. So too is the attack on Saudi Aramaco and other energy companies in the Middle East.