UAE energy sector most vulnerable to tech virus
Energy companies in the Middle East vulnerable to attack
Energy companies in the United Arab Emirates found themselves thre main target of a new computer virus during January and February.
A report from Symantec found that between January and February, there was a multi-staged, targeted attack campaign against energy companies around the world, with a focus on the Middle East.
A quarter of all attacks were made on companies from the UAE. Saudi Arabia and Kuwait were the target of 10% of attacks, while Qatar and Oman were the subject of 5% of attacks.
This attack campaign used a new information stealer, detected by Symantec as Trojan. Laziok. Laziok acts as a reconnaissance tool allowing the attackers to gather data about the compromised computers.
The detailed information enables the attacker to make crucial decisions about how to proceed further with the attack, or to halt the attack.
During the course of our research, Symantec found that the majority of the targets were linked to the petroleum, gas and helium industries, suggesting that whoever is behind these attacks may have a strategic interest in the affairs of the companies affected.
The report added: “The group behind the attack does not seem to be particularly advanced, as they exploited an old vulnerability and used their attack to distribute well-known threats that are available in the underground market.
“However, many people still fail to apply patches for vulnerabilities that are several years old, leaving themselves open to attacks of this kind.
“From the attacker’s perspective, they don’t always need to have the latest tools at their disposal to succeed. All they need is a bit of help from the user and a lapse in security operations through the failure to patch.”