Bahrain’s National Oil Company Hit by Iranian "DustMan" Data Wiper



malware_warning-1The Bahrain National Oil Company was attacked by Iranian state-sponsored hackers implanting a destructive data wiper nicknamed "DustMan." 

Following the lethal US drone strike that resulted in the death of Maj. Gen. Qassim Suleimani, the Iranian Government said they would retaliate and it now appears they may have shown their cyber hand .  

On Jan 4, 2020, The US Department of Homeland Security issued a National Terrorism Advisory Bulletin citing the need for raised cyber awareness as it is one of the go to weapons that could be used in the Iranian arsenal.

DHS noted that while there is currently “no information indicating a specific, credible threat to the Homeland,” Iran does have the ability to attack the U.S. in cyberspace. 

“Previous homeland-based plots have included, among other things, scouting and planning against infrastructure targets and cyber enabled attacks against a range of U.S.- based targets,” according to DHS.

Most cyber security experts speculated that a retaliatory attack might include the use of destructive wiper malware as Iran has used destructive data wipers as far back as 2012.  So we've been warned and US companies and their affiliates all over the world should take heed and stay on heightened alert.   

According to ZDNET “Iranian state-sponsored hackers have deployed a new strain of data-wiping malware on the network of Bapco, Bahrain's national oil company, ZDNet has learned from multiple sources.

The incident took place on December 29. The attack did not have the long-lasting effect hackers might have wanted, as only a fraction of Bapco's computer fleet was impacted, with the company continuing to operate after the malware's detonation.

ZDNet has learned from several sources that the Bapco incident is the cyber-attack described in a security alert published last week by Saudi Arabia's National Cybersecurity Authority. Saudi officials sent the alert to local companies active on the energy market, in an attempt to warn of impending attacks, and urging companies to secure their networks.”

ZDNET also reported : “Iranian Destructive Wipers have been linked in the past to Iran's foray into data-wiping malware going back to 2012 when they developed Shamoon (also known as Disttrack), a piece of malware that was responsible for wiping more than 32,000 PCs at the Saudi Aramco oil company in Saudi Arabia, in one of the world's most infamous cyber-attacks. Two more Shamoon versions were discovered in the following years, Shamoon v2 (used in 2016 and 2017) and Shamoon v3 (used in 2018 and 2019).

On December 4th, 2019,  Bleeping Computer reported that the IBM X-Force Incident Response and Intelligence Services (IRIS) research team who discovered ZeroCleare says that it was likely developed by two Iran-backed threat actors, namely APT34 (aka Oilrig, ITG13) and another Iranian threat group tracked by IBM X-Force IRIS as Hive0081 (aka xHunt).

Recorded Future observed that Iranian responses would likely be be measured Asymmetric Retaliatory Attacks designed to to avoid full confrontation with the US; however that gives the green light to Iranian State and State Sponsored actors to pursue a much more persistent and possibly destructive threat to the cyberworld.

Read the story on ZDNET

 


Get Your Customized Automated Security Awareness Program, ASAP!

IT pros don’t exactly know where to start when it comes to creating a mature security awareness program that will work for their organization. We’ve taken away all the guesswork with our Automated Security Awareness Program (ASAP).

asap-monitor-1ASAP includes:

  • 15-25 questions depending upon answers
  • Suggested training materials based on answers
  • Choose and change your program start date and tasks
  • Calendar and list view of tasks
  • Dashboard with program status, % complete, tasks overdue, etc.
  • Detailed and summary exportable PDF versions of your program
  • Fully mature awareness program ready in 10 minutes

If you do not have a KnowBe4 account yet, (free or paid) find out what YOUR program will look like. There is no cost… Start ASAP!

Get Started Now

Don't like to click on redirected buttons? Cut & paste this link in your browser:

https://info.knowbe4.com/asap

Topics: Cybercrime, Hacking

Subscribe To Our Blog


Weak Password Test Contest




Get the latest about social engineering

Subscribe to CyberheistNews