[ISN] Huge natural gas producer severs Website, email after malware attack

From: InfoSec News <alerts_at_private>
Date: Fri, 31 Aug 2012 04:50:47 -0500 (CDT)
http://arstechnica.com/security/2012/08/natural-gas-producer-knocked-offline-by-malware-attack/

By Dan Goodin
Ars Technica
Aug 30 2012

One of the world's biggest producers of liquefied natural gas has been 
hit by a malware attack that has taken down its website and e-mail 
servers. This is the second documented computer attack to hit a large 
energy company this month.

Officials with Qatar-based RasGas first identified an "unknown virus" on 
Monday and took their RasGas.com website and e-mail servers offline in 
response, Bloomberg News and other news agencies reported on Thursday 
morning, citing company representatives. Operational systems weren't 
affected and production and deliveries remain intact. A joint venture 
between Qatar Petroleum and ExxonMobil, RasGas exports about 36.3 
million tons of liquefied natural gas per year.

News of the attack comes four days after Saudi Aramco, the world's 
largest oil producer, confirmed it was the victim of a separate malware 
attack that took down 30,000 workstations. The assault against the Saudi 
Arabia-based company was launched on August 15 as the malware entered 
through its network of personal computers. Oil production wasn't 
affected, company officials have said.

The attacks come as security researchers are tracking a malware campaign 
directed at unspecified companies in the energy industry. "Shamoon," as 
the trojan has been dubbed, wreaks havoc on its victims by attempting to 
permanently wipe the hard drives of the computers it infects and 
prevents them from restarting. In a blog post, Symantec researchers said 
that the Shamoon malware, which also goes by the name "Disttrack," 
struck at least one unnamed company in the energy industry.

[...]
Received on Fri Aug 31 2012 - 02:50:47 PDT

This archive was generated by hypermail 2.2.0 : Fri Aug 31 2012 - 02:52:46 PDT