New Shamoon Variant
A new variant of the Shamoon malware has destroyed significant amounts of data at a UAE “heavy engineering company” and the Italian oil and gas contractor Saipem.
Shamoon is the Iranian malware that was targeted against the Saudi Arabian oil company, Saudi Aramco, in 2012 and 2016. We have no idea if this new variant is also Iranian in origin, or if it is someone else entirely using the old Iranian code base.
Clive Robinson • December 17, 2018 3:18 PM
From the article,
Hmm two fairly major industry players finally showing a little caution in atribution…
Has storm Deirdre been passing through hell[1]?
In all seriousness it’s nice to see the industry developing a healthy bit of skepticism at last. Now all we have to do is start ignoring “off the record” and “anonymous sources” who are frequently pushing a political line. Reliance on such gave rise to one edge of “Yellow Journalism”.
Untill things can be firmed up the sensible thing to do would be a “follow the money” type analysis followed by a modified “SWOT” annalysis on the candidates thrown up, remembering that “political capital” can be treated like “financial capital”.
I’ve done this before, with reasonable results, but I think it’s time I let others have a go, as demonstration only goes so far on the learning curve.
Oh just remember last year the USA was for the first time in many years “a net oil exporter” it’s going to skew things a bit.
[1] Because she’s sure given Scottland the “Freezes Over” treatment…