It was known inside the InfoSec community, but now more details have been made public through CNN after a BlackHat 2015 presentation:
"Three years ago, the world witnessed the worst hack ever seen. And for the first time, we're now learning new details about the monstrous cyberattack on Saudi Aramco, one of the world's largest oil companies. In a matter of hours, 35,000 computers were partially wiped or totally destroyed. Without a way to pay them, gasoline tank trucks seeking refills had to be turned away. Saudi Aramco's ability to supply 10% of the world's oil was suddenly at risk.
US intelligence officials believe the attackers to be Iranians, and they did not just erase data on 30,000 Aramco computers; they replaced the data with an image of a burning US flag. And one of the most valuable companies on Earth was propelled back into 1970s technology, using typewriters and faxes. When it comes to sheer cost, the recent cyberattacks on Sony Pictures and the American government pale in comparison.
It started sometime in mid-2012. One of the computer technicians on Saudi Aramco's information technology team opened a scam email and clicked on a bad link. That happens very often, attackers come in through social engineering, using a spear-phishing email with a malicious payload attached or a link to a compromised website that was opened by an employee.
The average person has never heard about Saudi Aramco -- or this hack. But we all felt its mysterious reverberations. Read it here: