Aramco says has fully recovered from cyber attack
Company reacts to reports that malware infection was an inside job
After almost a month of disruption to its office network after an attack by activists which targeted employee workstations, Saudi Aramco says it has fully restored its computer network.
Aramco confirmed that the attack affected personal workstations, and said in a follow-up statement to the press that the malware had no significant impact on the company’s administrative operations or the productivity of its employees.
The company said it has largely recovered from the attack on 27 August, but at that time emails were still disrupted and traders reported they has resorted to dealing with Aramco by fax and telex.
“The company has also reinforced its network security systems and further enhanced security related technologies of the network,” Aramco said yesterday.
Aramco also reacted to coverage of the event, and speculation about the source and entry point of the attack, branding them "unfounded news reports."
Reuters reported that the attack may have been launched from within the company by employees with high-level access.
“We want to emphasize that these reports are not based on real facts,” said Aramco, declining to comment on what it termed ongoing investigations. In a separate statement Aramco said the virus "originated from external sources."
The attack, which was shortly followed by a similar strike against Qatari LNG producer RasGas, emphasises the need for the GCC’s oil and gas producers to be vigilant against cyber attacks.
"What happened to us can happen to anyone. By working together we can increase our collective defense," said Aramco CEO Al-Falih.
Aramco has hired several IT security firms, including McAfee and Microsoft, in its efforts to investigate the incident and strengthen its defenses.