As tensions soar between the United States and Iran, Saudi officials are keeping close tabs on emerging cybersecurity threats that may be emanating from the Islamic Republic, according to a report.
Saudi authorities detected a new destructive cyberattack suspected of coming from Iran on Dec. 29, Yahoo News reports.
“Officials in Riyadh, who nicknamed the malware ‘Dustman,’ did not directly attribute the malicious attack to Iran, according to a Saudi technical report obtained by Yahoo News. However, according to experts who reviewed the technical report and analyzed possible motivation and similarities to past attacks, Tehran is the most likely culprit…The “wiper” attack, which was identified by the Saudi National Cybersecurity Authority, used malware to erase digital data belonging to unidentified targets in the Middle East.”
According to ReCode, Iran’s cyberattacks are already so “extremely active and persistent” that cybersecurity expert Brian Krebs told Recode, “It’s difficult to think of what might constitute an escalation of that activity.”
Iran’s most notorious cyberattack was the Shamoon virus against Saudi Aramco in 2012, which destroyed more than 30,000 of Saudi Aramco’s computers. According to ReCode, Saudi Aramco “was forced to go offline for months until it could rebuild its IT infrastructure, ultimately costing one of the most valuable companies in the world hundreds of millions of dollars.”
More recently, it was the U.S. spearheading an attack on Iran shortly after Iran hit Saudi Aramco facilities on September 14, 2019. The United States carried out a “secret cyber operation” and took aim at Tehran’s ability to spread “propaganda,” two U.S. officials told Reuters in October.
In October 2017, King Salman and Crown Prince Mohammed bin Salman ordered the creation of the Saudi National Cybersecurity Authority, a government security entity which focuses primarily on computer security in the Kingdom and is directly linked to the King’s office.