Hack Or Attack Shamoon And The Volution Of Yber Onflict C -Books Pdf

HACK OR ATTACK SHAMOON AND THE VOLUTION OF YBER ONFLICT C
16 Jan 2020 | 25 views | 0 downloads | 30 Pages | 433.26 KB

Share Pdf : Hack Or Attack Shamoon And The Volution Of Yber Onflict C

Download and Preview : Hack Or Attack Shamoon And The Volution Of Yber Onflict C


Report CopyRight/DMCA Form For : Hack Or Attack Shamoon And The Volution Of Yber Onflict C



Transcription

Hack or Attack Shamoon and the Evolution of Cyber Conflict. THIS PAPER WAS WRITTEN BY A RESEARCHER OR RESEARCHERS WHO PARTICIPATED IN A BAKER. INSTITUTE RESEARCH PROJECT WHEREVER FEASIBLE THESE PAPERS ARE REVIEWED BY OUTSIDE. EXPERTS BEFORE THEY ARE RELEASED HOWEVER THE RESEARCH AND VIEWS EXPRESSED IN. THESE PAPERS ARE THOSE OF THE INDIVIDUAL RESEARCHER S AND DO NOT NECESSARILY. REPRESENT THE VIEWS OF THE JAMES A BAKER III INSTITUTE FOR PUBLIC POLICY. 2013 BY THE JAMES A BAKER III INSTITUTE FOR PUBLIC POLICY OF RICE UNIVERSITY. THIS MATERIAL MAY BE QUOTED OR REPRODUCED WITHOUT PRIOR PERMISSION. PROVIDED APPROPRIATE CREDIT IS GIVEN TO THE AUTHOR AND. THE JAMES A BAKER III INSTITUTE FOR PUBLIC POLICY, Hack or Attack Shamoon and the Evolution of Cyber Conflict. Introduction, On August 15 2012 the Saudi Arabian Oil Company also known as Saudi Aramco Saudi. Arabia s national petroleum concern a producer manufacturer marketer and refiner of crude oil. natural gas and petroleum products 1 was struck by a computer virus that possibly spread across. as many as 30 000 Windows based personal computers operating on the company s network. According to news sources it may have taken Aramco almost two weeks to fully restore its. network and recover from a disruption of its daily business operations caused by data loss and. disabled workstations resulting from the incident Computer security research community. dubbed the virus reputed to have spread across Aramco s network Shamoon. While reports of a virus on a major multinational firm s computer network is not a rare event an. incident against a company that holds so much of the world s spare oil production capacity is not. a non issue Saudi Aramco is critical to the world s petroleum markets The world s largest oil. producer it reportedly holds 10 percent of global supply and its crude production may stand. above 13 percent of the global total with sales amounting over 200 billion annually 2. The Shamoon outbreak likely affected the operation of Personal Computers PCs inside. Aramco with the malicious software s main function being the indiscriminate deletion of data. from computer hard drives Although there was no apparent oil spill explosion or other major. fault in Aramco operations the incident impacted production and business processes of the. company as at least some drilling and production data were likely lost 3 Shamoon was also found. to have propagated to the networks of other oil and gas firms including that of RasGas a joint. venture of Qatar Petroleum and US based ExxonMobil. Headquartered in Dhahran Saudi Arabia the Saudi Arabian Oil Company manages the world s largest proven. conventional crude oil and condensate reserves of 259 7 billion barrels and ranks among world s top refineries and. natural gas liquids exporters Established in 1933 and owned entirely by the Government of Saudi Arabia since. 1980 this corporation represents a bundle of strategic business interests Until 1945 the enterprise was named. Californian Arabian Standard Oil Company and the conglomerate still holds subsidiaries and affiliates in the United. States the Netherlands UK China Japan and Singapore Saudi Aramco www saudiaramco com. Stanley Reed The World s Most Influential Companies Bloomberg. http images businessweek com ss 08 12 1211 most influential 8 htm. John Roberts Cyber threats to energy security as experienced by Saudi Arabia Platts November 27 2912. http blogs platts com 2012 11 27 virus threats comments. Hack or Attack Shamoon and the Evolution of Cyber Conflict. The Shamoon Aramco incident comes after years of warning about the risk of cyber attacks. against critical infrastructure Protection of the Saudi petroleum infrastructure from military and. terrorist attack has been a common concern for the US and Saudi Arabian governments for. decades Iran presents a potentially significant threat to petroleum facilities in Saudi Arabia s. Eastern Province 4 Even a partial disruption of these production facilities would have an. immediate impact on oil supplies and prices with knock on effects for the global economy. Although the Shamoon attack did not result in any physical damage to critical infrastructure in. the Middle East there has been a secondary impact on risk assessment for providers of critical. services worldwide The incident has raised serious security concerns between the United States. and Iran US Defence Secretary Leon Panetta referred to Shamoon as very sophisticated and. raising tremendous concern about the potential for the use of that kind of tool and by noting. that there are only a few countries in the world that have that capability 5 thus keeping the. incident in the political and media spotlight For this reason we sought to document the. Shamoon case and consider its impact on broader policymaking regarding the Middle East. energy and cybersecurity issues, The following study will cover the background and context of the Shamoon incident itemize. open source facts and public statements surrounding the episode. Saudi Aramco and Gulf Oil Production, The Persian Gulf remains a key area for global oil and gas production Four of the world s top. ten oil producers Saudi Arabia Iran Iraq and the United Arab Emirates ship all or much of their. production via tankers through the Straits of Hormuz Including Kuwait the world s eleventh. largest oil producer some 22 million barrels of oil are produced in the region daily 6 Production. of natural gas is also significant with Qatar standing as the world s second largest exporter in the. Joshua Izkowitz Shifrinson and Miranda Priebe A Crude Threat The Limits of an Iranian Missile Campaign. against Saudi Arabian Oil International Security 36 2011 167 201. Leon Panetta Defending the Nation from Cyber Attack New York NY October 11 2012 Business. Executives for National Security http www defense gov speeches speech aspx speechid 1728. Key World Energy Statistics International Energy Agency 2012. Hack or Attack Shamoon and the Evolution of Cyber Conflict. commodity Although unconventional oil and gas production methods including shale gas and. oil extracted from tar sands are transforming the global energy market exports of oil and gas. from the region will remain a fundamental piece of the global supply for the foreseeable future. Consumers in Europe and Asia remain highly dependent upon oil supplies from the Arabian. Peninsula Iraq and Iran, The primary target of Shamoon Saudi Aramco is a leading player in the petroleum industry In.
December 2006 the Financial Times titled Aramco the world s biggest company 7 Research. conducted by the FT and McKinsey estimated Aramco s worth to be close to 781bn market. capitalisation Again in 2010 the FT made similar assertions regarding Aramco s market value. concluding that Aramco alone would command a value of 7 trillion 40 times Shell s market. capitalisation 8 These numbers make Aramco s worth substantially higher than publicly traded. oil companies However the fact that Aramco is a nationally owned firm makes it harder to. verify these market valuations 9 As with most Saudi owned enterprises Aramco has adopted a. multi layered hierarchical power structure since the Saudi government took full control of the. company in 1980 by acquiring 100 percent stake, Aramco s corporate management is made up of a president six vice presidents and a non Saudi. general counsel who serves as the corporate secretary The board of directors and corporate. management report regularly to the Supreme Council for Petroleum and Mineral Affairs. SCPM a body established in January 2000 The creation SCPM created a body in charge of. all matters related to petroleum gas and other hydrocarbon affairs in onshore and offshore. areas 10 It shoulders the task of managing all affairs of petroleum gas and other hydrocarbon. Francesco Guerrera and Carola Hoyos Saudi Aramco revealed as biggest group Financial Times December 14. 2006 http www ft com intl cms s 0 0ea4c450 8bb1 11db a61f 0000779e2340 html axzz2Dtm5R2it. Big Oil bigger oil Financial Times February 4 2010 http www ft com intl cms s 3 c5b32636 116f 11df. 9195 00144feab49a html axzz241yHCicp, Sheridan Titman What s the Value of Saudi Aramco Texas Enterprise February 9 2010. http www texasenterprise utexas edu article whats value saudi aramco. Anthony Cordesman Saudi Arabia Enters the Twenty First Century The Military and International Security. Dimensions Praeger Westport Conn 2003 p 328, Hack or Attack Shamoon and the Evolution of Cyber Conflict. materials in Saudi Arabia Physical security for Aramco infrastructure and operations is a. foremost concern to forces under the Saudi interior ministry and military 11. Physical protection of Saudi Aramco s infrastructure is likely of keen interest to the company s. leadership After a foiled terrorist attack on the massive petroleum processing complex at Abqaiq. in 2006 concern regarding the vulnerability of the company s infrastructure rose 12 Since. Abqaiq Aramco has worked with the US experts and companies on its contingency planning and. security solutions In physical security Aramco has likely acquired significant capability and. was recognized for its efforts by the American Society of Industrial Security in 2010 13 Cyber. security at Aramco and in the entire region is largely an unknown however. ICT and Cyber Capabilities in the Gulf, The Gulf States have invested heavily in their information and communications technology. ICT infrastructure in the past decade ICT spending in the GCC reached 33 billion in 2007. 50 percent above than the global average 14 Spending between 2011 and 2015 is forecast to total. 318 billion by 2015 due to increased demand for ICT in public institutions healthcare. construction oil and gas and telecommunications 15 Where other regions of the planet have seen. ICT investment slow as technological penetration tops out in relation to population the Middle. East remains an area of enormous growth, ICT penetration in the Middle East varies widely but there is a general global correlation.
between wealth and ICT penetration Saudi Arabia runs against the grain to some degree With a. population of 26 million there are estimated to be fewer than 9 million Internet users despite. Anthony Cordesman and Nawaf Obaid Saudi Petroleum Security Working Draft Center for Strategic and. International Studies Washington DC November 2004, Khalid al Rodhan The Impact of the Abqaiq Attack on Saudi Energy Security Saudi US Relations Information. Service February 28 2006 http www susris com articles 2006 ioi 060228 rodhan abqaiq html. Security Recognized for Professionalism Saudi Aramco accessed January 19 2012. http www saudiaramco com en home news latest news 2010 security recognized for. professionalism html news 257C 252Fen 252Fhome 252Fnews 252Flatest news 252F2010 252Fsecurity. recognized for professionalism baseajax html, Karim Sabbagh Ramez Shehadi and Shant Okanyan Next Generation ICT Parks Bridging the GCC. Technology Gap Booz Company 2009, http www doz ae images stories files Next Generation ICT Parks Booz 20 20Co pdf. GCC ICT Being Part Of An Increasingly Digital World Markaz Research October 23 2011. http www markaz com DesktopModules CRD News Single aspx ikey 456 Module IKey 32. Hack or Attack Shamoon and the Evolution of Cyber Conflict. high per capita GDP figures Statistics for Iran a country of 78 million are somewhat lower. relative to population with about 8 million Internet users 16 What both countries and the rest of. the region share is a meteoric rise in the growth of mobile telephone and smart phone. connectivity, While there has been no significant lack of investment in computing and telecommunications in. the countries of the Gulf Cooperation Council GCC cross GCC ICT efforts are generally. facilitated by foreign firms National ICT strategies are limited by the still embryonic nature of. national visions to develop ICT capabilities In addition the GCC is yet to develop a. sophisticated lattice of regulatory instruments to support a sustainable information society The. need for developing local ICT expertise is vital as GCC relies heavily on foreign workers with a. short cycle of knowledge through acquisition representing a counterproductive policy hindering. ICT becoming the integral and indigenous component of GCC economic development. Despite these shortcomings the Gulf States have made investments in ICT and information. resources Qatar with a population of less than 2 million has built the Al Jazeera satellite. television news network into a globally recognized brand for Middle East news content and. Dubai has worked to create an innovation hub in its Dubai Internet City project There are. however significant issues for information control in the region as well especially in the wake. of the revolutions of the Arab Spring, The region s cyber warfare capabilities held by both states and non state actors in the region are.
subject to speculation Offensive and defensive cyber preparedness is difficult to assess with. great granularity however a number of factors are useful in formulating rough capability Such. an index should include technological infrastructure items as considered above as well as indices. of talent such as educational capacity in science technology engineering and math STEM. fields as well as more focused capabilities in computer and information sciences that align with. cyber security proficiency, The 8 million Internet users is via the CIA World Factbook Some years ago the Iranian government sought to. restrict high bandwidth connections to the general population generally prohibiting connections with speed greater. than 128 kilobits per second for non commercial users See Robert Tait Iran bans fast Internet to cut west s. influence The Guardian October 17 2006, Hack or Attack Shamoon and the Evolution of Cyber Conflict. Then the question becomes How good are the hackers This can be only the roughest of. assessments 17 The United States Russia China and Israel are generally considered to hold. robust and significant offensive and defensive cyber capabilities Several Western European. countries Germany the United Kingdom and France likely hold strength as well 18 This is. large part due to the strength of their signals intelligence services as well as the computational. education establishments from which they recruit, Perhaps the best publicly available indicator of relevant capabilities in the Gulf region is the. number of citizens from each country holding advanced degrees in computer science electrical. engineering and information science There is a yawning gap in computing between Iran and. almost any other country in the region Many Iranians pursue postgraduate education in. computing many of them abroad and many of those individuals choose to remain abroad. Lebanese Palestinians and Egyptians are notable in the field as well 19 The Gulf States are not. yet producing such talent while Iran is revealing an asymmetry of capability in domestically. produced or foreign educated domestic talent This asymmetry will likely require a decade or. more of significant investment for the GCC countries to erase These countries may be able to. buy cyber defense capability but enlisting foreign nationals to engage in cyber intelligence or. offensive cyber operations poses serious dilemmas The cyber overlay of the Gulf security. picture suggests great immaturity among all players but a definite intellectual lead held by Iran. Regional and International Relations, Since the collapse of the Shah of Iran in 1979 regional tensions in the Persian Gulf have been a. foremost international concern The Soviet invasion of Afghanistan the Iran hostage crisis Iran. Iraq War Israel s bombing of the Iraqi nuclear power station at Osirak the Gulf tanker war. and two US led military campaigns against Saddam Hussein s Iraq culminating in nearly a. Namosha Veerasamy Marthie Grobler and Basie von Solms Towards a Cyberterrorism Life Cycle CLC. Model Proceedings of the 4thWorkshop on ICT Uses in Warfare and the Safeguarding of Peace 2012 IWSP. 2012 School of Management IT and Governance University of KwaZulu Natal and Defence Peace Safety and. Security Council for Scientific and Industrial Research Sandton South Africa August 16 2012. Chris Bronk Between War and Peace Considering the Statecraft of Cyberspace in The Secure Information. Society Ethical Legal and Political Challenges J rg Kr ger Bertram Nickolay and Sandro Gaycken eds. Springer London 2012, Consider for example the contribution of Egyptian born Taher Elgamal one of the world s leading.
cryptographers, Hack or Attack Shamoon and the Evolution of Cyber Conflict. decade of counterinsurgency and the extensive counter terror operations aimed at Al Qaeda and. its confederates indicate the acute security concerns in the region. Continuing strains in regional relations have gathered around the Iran s influence in Shia. political movements extending to the Levant and the Iranian nuclear program Regional tensions. were only exacerbated by the emergence of the massive Arab Spring protest movement. extending from North Africa to the Arabian Peninsula and disrupting traditional power. structures Not to be ignored in the revolutions of 2011 is the role of cyberspace as an avenue for. political organization dissent and disruption, Relations across the Gulf went into a deep freeze after the Iranian Revolution of 1979 Saudi. Arabia along with the rest of the Gulf Cooperation Council states fear of Iranian interest in. exporting the revolution and empowering Shiite communities living outside of Iran Sectarian. tensions escalated following the Arab Spring with protests erupting in Bahrain a critical ally. of the US and Saudi Arabia and Syria which has strong historic relations with Iran US and. Western presence in the Gulf has also contributed to the deterioration of relations between Iran. and GCC states Iran views the GCC s security and military dependence on Western powers as. an extension of western imperial dominance in the region 20. US Iranian relations remain poor with the two countries engaging in open conflict in 1988 as. the US retaliated against Iranian attacks on shipping and the mining of the Gulf No official. relations have existed between the countries since the US broke all diplomatic relations after the. seizure of its embassy and its staff by Iranian students Hostility between the two states has been. further aggravated by Iran s nuclear and ballistic missile programmes as well as Iran s. sponsorship of US identified terror groups Interestingly the US government de listing the anti. regime Mojahedin e Khalq MEK as a terror group in September 2012 while some allege that. the US covertly supported the group in its assassination campaign against Iran s nuclear. scientists 21, Iran Majlis condemns merger of KSA Bahrain PressTV May 14 2012. http www presstv ir detail 2012 05 14 241177 iran raps saudi plans bahrain merger. Seymour Hersh Our Men in Iran The New Yorker April 6 2012. http www newyorker com online blogs newsdesk 2012 04 mek html. Hack or Attack Shamoon and the Evolution of Cyber Conflict. Although the United States declared in a declassified digest of a 2007 National Intelligence. Estimate that Iran s production of nuclear weapons was not imminent it continued to voice. opposition to the Iranian government s position on everything from uranium enrichment to the. movement of IED technologies to Iraq s insurgency The 2009 Iranian elections protests and. crackdown further deepened the wedge between Iran and the United States With Iran s bellicose. statements toward Israel and support for Hezbollah relations between Tehran and Washington. had reached a bitter low by the time Barack Obama arrived in the White House. The US Government prohibits almost all trade with and investment in Iran and has mounted. sanctions that largely block investment in the petroleum sector supply of commercial products. and importation of most Iranian goods While sanctions initially were levied during the 1979. hostage crisis in recent years the US and international sanctions have tightened due to Iran s. nuclear program The Comprehensive Iran Sanctions Accountability and Divestment Act of. 2010 threatened punitive action against firms doing business with Iran particularly in the energy. In addition to US efforts to isolate Iran the United Nations has levied additional sanctions. against the country regarding its nuclear program most recently with UN Security Council. Resolution 1929 Punitive measures contained within the resolution include prohibition of. ballistic missile development a ban on military equipment sales and other military assistance to. the country an extensive travel ban for listed individuals and a freezing of assets held by the. Iranian Revolutionary Guards and the national shipping line. Also relevant are the measures undertaken on the financial front both by the US government and. transnational bodies The US Treasury Department s Office of Foreign Assets Control has barred. a number of Iranian banks from accessing the US financial system some due to their ties with. Hezbollah an organization labeled a terror group by the US State Department 22 Financial. sanctions have also come from other quarters with the European Union s expression of. displeasure regarding Iranian nuclear enrichment manifested in the Society for Worldwide. U S imposes sanctions on Iranian bank People s Daily September 9 2006. http english peopledaily com cn 200609 09 eng20060909 301143 html. Hack or Attack Shamoon and the Evolution of Cyber Conflict. Interbank Financial Telecommunication SWIFT expelling as many as 30 Iranian financial. institutions including the Central Bank crippling their ability to conduct international. business and further isolating the country from the world economy 23 These measures have left. Iran increasingly isolated the Iranian economy cratered and the rial plummeting in value. While the US secretary of state would not draw a straight line from international sanctions to the. dire economic situation she offered this prescription Of course the sanctions have had an. impact as well but those could be remedied in short order if the Iranian government were willing. to work with the P5 1 the five security council members plus Germany and the rest of the. international community in a sincere manner 24 The economic lever of sanctions has. undoubtedly had an impact in Iran s security stance but beyond sanctions we must also consider. the cyber elements directed against it,Cyber Conflict and Shamoon. Stuxnet and the Middle East Balance of Power, In the autumn of 2010 reports surfaced of a new piece of malware rapidly propagating across the.
Internet but with concentrations of the virus in the id Indonesia in India and ir Iran. national level domains of the Internet 25 After discovery by a security team in Belarus antivirus. companies began publishing analyses of the self replicating malware worm which was dubbed. Stuxnet As additional analysis was conducted on the Stuxnet worm its sophistication became. apparent It included a number of previously unknown weaknesses in the Microsoft Windows. operating system known in the security community as zero day exploits 26 In addition Stuxnet. contained instructions for the Siemens programmable logic controller PLC a type of computer. employed in supervisory control and data acquisition SCADA systems found in power plants. production lines and other heavy industry applications. Rick Gladstone and Stephen Castle Global Network Expels as Many as 30 of Iran s Banks in Move to Isolate Its. Economy New York Times March 15 2012, Julian Pecquet Clinton Iran s leaders not US to blame for sanctions as country hit by protests The Hill. October 3 2012 http thehill com blogs global affairs middle east north africa 260077 clinton extends a hand as. protests wrack iran, Nicolas Falliere Liam O Murchu and Eric Chien W 32 Stuxnet Dossier Symantec February 2011. A zero day exploit is a previously unknown vulnerability in a computer application or operating system that. allows an unauthorized party access to a computer system. Hack or Attack Shamoon and the Evolution of Cyber Conflict. Stuxnet is a highly sophisticated piece of malware Its delivery system which allowed for its. eventual worldwide propagation included not less than three previously unknown exploit vectors. for the Microsoft Windows operating system known as zero day exploits But even greater. sophistication was found in Stuxnet s payload designed to alter the operations of Siemens. Simatic process logic controller PLC computers Stuxnet was designed to monitor PLCs infect. them by inserting new instructions and then mask the fact that a PLC is infected 27. Hypotheses regarding Stuxnet s target and capabilities circulated widely but primarily focused. on Iran Details emerged that Stuxnet had likely affected Iran s nuclear program including the. major uranium enrichment facility at Natanz 28 Stuxnet appeared to subvert the computers. employed to run the centrifuges employed in the enrichment process At the same time reports. surfaced from Iran of covert action directed against its nuclear scientists at times with deadly. results 29 Rumors swirled in the global hacker community that Iran was willing to pay hefty fees. to security analysts willing to root out Stuxnet and secure the Iranian cyber infrastructure but. clear attribution of Stuxnet like most other cyber incidents was difficult to achieve 30. This changed when New York Times reporter David Sanger published an account of the covert. program in which Stuxnet was created in his chronicle of the Obama national security doctrine in. June 2012 Sanger alleged that the US had initiated a major cyber attack program directed. against the Iranian nuclear program under the name Olympic Games 31. Sanger made the argument based on the statements of unnamed sources in the US intelligence. and national security apparatus that the US needed to embrace action beyond mere sanctions to. retard the progress of the Iranian nuclear program He asserted. T hese questions ultimately led to the creation of one of the most secret compartmentalized. programs inside the US government The details of Olympic Games were known only by an. Nicolas Falliere Liam O Murchu and Eric Chien W32 Stuxnet Dossier Ver 1 4 February 2011 Symantec 36. Christopher Williams Barack Obama ordered Stuxnet cyber attack on Iran The Telegraph June 1 2012. David Sanger Confront and Conceal Obama s Secret Wars and Surprising Use of American Power. Mark Clayton Stuxnet malware is weapon out to destroy Iran s Bushehr nuclear plant Christian Science. Monitor September 21 2010 See also Ralph Langner Robust Control System Networks How to Achieve Reliable. Control after Stuxnet Momentum New York 2012,Sanger Confront and Conceal. Hack or Attack Shamoon and the Evolution of Cyber Conflict. extremely tight group of top intelligence military and White House officials The intent of the. operation was twofold The first was to cripple at least for a while Iran s nuclear progress The. second equally vital was to convince the Israelis that there was a smarter more elegant way to. deal with the Iranian nuclear problem than launching an airstrike that could quickly escalate into. another Middle East war one that would send oil prices soaring and could involve all the most. volatile players in the region 32,Sanger further posits. This was exactly the vulnerability that nuclear experts and computer engineers inside the United. States and Israeli governments decided to try to exploit in 2007 and 2008 What if they could. somehow secretly take command of the specialized computer controllers that run the sprawling. centrifuge plant at Natanz What if they could implant some code that would lie dormant for. weeks or months waiting for a chance to wreak havoc And what would happen if one day. when the Iranians thought everything was running smoothly the code would kick in to order. those centrifuges to speed up too quickly or slow down too fast creating exactly the kind of. instability that sometimes happens naturally And how long would it take the Iranians to figure. out that someone somehow had gotten inside their systems 33. Following Stuxnet reports of cyber action against Iranian assets continued to emerge Russia s. Kaspersky a major antivirus firm brought to light the discovery of Flame a complex piece of. malware initially titled Skywiper by the CrySyS Lab at the Budapest University of Technology. and Economics due to its capacity to delete computer hard drives 34 Kaspersky the CrySyS Lab. and the Iranian national computer emergency response team CERT announced the discovery of. Flame jointly with the International Telecommunications Union apparently having served as a. facilitator for connecting the Iranians with European malware analysis talent 35 Flame had. reportedly been detected on the computer systems of Iran s primary oil facility at Kharg Island in. sKyWIper Analysis Team sKyWIper a k a Flame a k a Flamer A complex malware for targeted attacks v. 1 05 Laboratory of Cryptography and System Security Budapest University of Technology and Economics May. Ellen Messmer Iran s discovery of Flame malware turning into political hot potato Network World May 30th. 2012 http www networkworld com news 2012 053012 iran flame malware 259708 html. Hack or Attack Shamoon and the Evolution of Cyber Conflict. the Persian Gulf 36 While it is unclear as to what if any damage Flame did to Iranian oil and gas. production its discovery provides evidence that cyber attacks against Iran had spread beyond the. nuclear program into the lifeblood of its economy its energy sector. More than two years after Stuxnet was discovered in Natanz it reportedly re surfaced in Iran. however it is unknown if this was a new effort or just the latest identification of the program 37. Stuxnet did contain instructions to cease replicating after June 24 2012 38 Although it is difficult. to assess the exact damage Stuxnet caused to the Iranian nuclear program it is likely that the. delay in uranium enrichment is less significant as the Iranian capability to boost up their cyber. capabilities both defensive and as Shamoon might prove offensive. Cyberspace and the Global Oil and Gas Market, When we consider the window of vulnerability via the cyber vector there are important questions.
regarding how information and computing technologies impact the operations of producers of oil. and gas Oil production is an enormously technology intensive activity The complexity of. offshore oil and gas operations is frequently compared with that of space exploration due to the. forbidding nature of bringing to the surface deposits thousands of feet underground and under. With the rise of oil prices over the last decade has come the economic impetus to develop. unorthodox means of production Higher oil prices have made drilling in deeper water or. extraction from the tar sands of Alberta or elsewhere economically viable This is well. understood Less so is the importance of computational innovation in oil and gas exploration and. production Modeling and analysis of seismic data has led to an ever increasing need for massive. supercomputing resources The size and power of these computers is noteworthy as evinced by. coverage of Russia s Gazprom A 2011 industry news piece claimed the company needs an. Darren Pauli Iran CERT fingers Flame for oil refinery attacks SC Magazine May 30 2012. http www scmagazine com au Tools Print aspx CIID 302718. Neuer Angriff mit Stuxnet Neue Z rcher Zeitung December 25 2012. http www nzz ch aktuell international iran meldet neuen angriff mit computervirus stuxnet 1 17909054. William Jackson Stuxnet shut down by its own kill switch GCN June 26 2012. http gcn com articles 2012 06 26 stuxnet demise expiration date aspx. Hack or Attack Shamoon and the Evolution of Cyber Conflict. HPC system for seismic data processing and reservoir simulation If the system is deployed it is. likely to be amongst the most powerful supercomputers in the world 39 Gazprom is not alone. with BP recently announcing its intent to construct an 110 000 square foot supercomputing. facility at its US headquarters as part of a 100 million investment in high performance. Supercomputing is not the only area in which oil and gas firms have made significant. investment Upstream operations in which unrefined oil and gas are tapped and moved to. refining have also incorporated a growing computational component 40 Offshore platforms. wellheads and pipelines are now digitally interconnected with a plethora of sensors and process. control computers feeding information directly back to corporate operations centers at corporate. headquarters around the globe As with almost any other finished product the supply chain for. petroleum has grown lean efficient and globally interconnected thanks to ICT Furthermore. seismic data collected in costly exploration activities has long been viewed as an intellectual. crown jewel of the industry With the migration of these seismic data to computerized modeling. and study new protection issues emerge, At the same time that an infrastructure of highly industry specific computing has been deployed. in oil and gas the industry has also adopted many of the same technologies as other multi. national firms including personal computers smart phones and globe spanning high speed. computer networks Energy executives do business with the same off the shelf technologies as. those in other sectors and information security shops in those companies are tasked with. securing digital storage and communications to the highest degree possible accepting the. limitations of security for the rapidly evolving IT ecosystem that encompasses modern corporate. business operations, Oil and Gas Giant Considers Petascale Supercomputer HPCwire July 11 2011. http www hpcwire com hpcwire 2011 07 11 oil and gas giant considers petascale supercomputer html. Microsoft Maximizes Upstream Operations Agility and Control Microsoft 2010. https www google com url sa t rct j q esrc s source web cd 17 ved 0CGUQFjAGOAo url http 3A. 2F 2Fdownload microsoft com 2Fdownload 2FC 2FF 2FE 2FCFE4502F B04D 43F4 B7BE. 35CAA29539B6 2FOil Gas Upstream 2520Operations pdf ei FTbTULaSKYrV2QX7xoGABg usg AFQjC. NE1Nwdc2IMgpevHbzhTWQ645YUK4Q sig2 DzUL8lyJEyyjRGOpXHkdVw bvm bv 1355534169 d b2I.


Related Books

Calculus III: Multivariable Calculus

Calculus III Multivariable Calculus

two semesters of calculus, but from the algebraic perspective of multi-variable functions and the geometric perspective of 3-space. Specific course objectives are to come to an understanding of: Three dimensional geometry. Vector analysis. The calculus of multivariable functions. The calculus of vector valued functions.

FAMILY NURSE PRACTITIONER - bilingualonline.net

FAMILY NURSE PRACTITIONER bilingualonline net

3 ana g. mendez university systems universidad del turabo school of health sciences nursing deparment fnp student handbook i. introduction a. welcome

National Environmental Management: Waste Act: National ...

National Environmental Management Waste Act National

staatskoerant, 4 mel 2012 no. 35306 3 government notice department of environmental affairs no. 344 4 may 2012 national environmental management: waste act, 2008 (act no.

Mark Scheme (Results) June 2011 - eiewebvip.edexcel.org.uk

Mark Scheme Results June 2011 eiewebvip edexcel org uk

GCE Decision Mathematics D1 (6689) June 2011 8 Question Number Scheme ... one correct idea. 2B1 Good explanation, some imprecise or vague statements ...

Vancouver Energy Roundtable - president.ubc.ca

Vancouver Energy Roundtable president ubc ca

15 June 2011 Page 2 of 15 ... The idea behind the Living Laboratory is to remove the firewall that ... Vancouver Energy Roundtable Keynote 15 June 2011 Page 11 of 15

2011 NEWSLETTER June - Branch 340

2011 NEWSLETTER June Branch 340

anniversaries, you get the idea!! ... Check in at the Volunteer Assignment Desk 18 June 2011 8am St James High School - Parking lot entrance off Grange Rd

ImProvInG the PeaCe ProCess: ConsIderInG IdeatIonal stakes ...

ImProvInG the PeaCe ProCess ConsIderInG IdeatIonal stakes

CIGI JunIor Fellows PolICy BrIeF ImProvInG the PeaCe ProCess: ConsIderInG IdeatIonal stakes In ConFlICts Isaac caverhIll-GodkewItsch, vanessa humphrIes, sean Jellow and

STATEMENT OF FACT FOR BOAT AND/OR OUTBOARD MOTOR BONDED ...

STATEMENT OF FACT FOR BOAT AND OR OUTBOARD MOTOR BONDED

STATEMENT OF FACT FOR BOAT AND/OR OUTBOARD MOTOR BONDED TITLE REVIEW (PWD 388) - PROCESS FOR OBTAINING A BOAT AND/OR OUTBOARD MOTOR BONDED TITLE (CONTINUED) - Step 5. The applicant will submit the following to the TPWD HQ Bonded Title staff at least thirty (30) days after sending the notification form (PWD 1347) to the owner(s).

June 2011 - Highline Magazine

June 2011 Highline Magazine

June 2011 . 2 Provisional ... The idea was that considering ... The public is invited to attend information sessions on Thursday, June 16 and speak with staff.

The Big Idea - Sacramento State

The Big Idea Sacramento State

The Big Idea 50 Harvard Business Review June 2011 11157 Jun11 Kahneman Layout.indd 50157 Jun11 Kahneman Layout.indd 50 44/27/11 4:36:09 PM/27/11 4:36:09 PM