Built to inform

Sign up for the daily newsletters

No, Thank you

How Saudi Aramco recovered from a cyber attack

Reports say Aramco reverted to working with typewriters and fax machines while contending a 2012 cyber attack which threatened its data and intelligence

Saudi Aramco's cyber systems were attacked three years ago. [Representational Image]
Saudi Aramco's cyber systems were attacked three years ago. [Representational Image]

Saudi Aramco, Kingdom of Saudi Arabia's national oil company, and the world's largest exporter of crude oil, struggled to maintain its records and infrastructure three years ago, when a cyber attack was launched on its systems, it has been reported.

"No emails, no phones, nothing", was used by the company during the period, said Chris Kubecka, the consultant who was brought in to set up a security operation after the cyber attack.

Cyber security website, darkreading.com, reported on Saturday, 8 August, 2015, that  "malware partially wiped or totally destroyed the hard drives of 35,000 Aramco computers" three years ago. 

Saudi Aramco employees reportedly noticed "something was wrong" on 15 August, 2012, after files disappeared and computers started to fail, the report continued. 

"Every office was physically unplugged from the Internet, taking the company offline and isolating it from the rest of the world," the report added. 

"The IT shutdown meant all the payment systems were affected. There were miles of gasoline tank trucks that needed refills, but could not get paid," the report cited Kubecka. 

"With this attack, 10% of the world's supply was at risk," she reportedly added. 

The company worked off the internet after the attack, during its recovery period.

Oil production, including drilling and pumping, remained unaffected since they were automated, the report continued. 

However, all other business operations were carried out through "old-school" methods: "Everything was on paper, whether it was managing supplies, tracking shipment, or handling contracts with partners and governments.

"Employees used typewriters and fax machines. The IT staff had to figure out where to go to buy the fax machines, she said", the darkreading.com report continued.

Aramco's recovery efforts included the assembly of a highly qualified team of international and domestic cyber security experts, Kubecka reportedly said. 

The company was back online five months after the attack, the report continued. 

Most popular


New category open for consultancies at CW Awards 2019 in Dubai
Sub-Consultancy of the Year to be crowned for the first time at the gala ceremony


Leaders UAE 2019: Pinsent Masons confirmed as Gold Sponsor
Law firm is among the major construction industry players confirmed as sponsors for Leaders UAE's
Leaders in Construction UAE Summit returns in Sept 2019
Dubai conference to see top officials discuss the people, trends, and challenges that will power

Latest Issue

Construction Week - Issue 745
Jun 30, 2019