Aramco emerges stronger from cyber attack

DAMMAM: New details have emerged of how Saudi Aramco, led by President and CEO Khalid A. Al-Falih, addressed what independent analysts have described as the worst cyber attack in recent corporate history.
“If it were any other corporation, it would have been crippled,” sources told Arab News over the weekend. The sources referred to the malicious virus that affected 30,000 company computers.
Saudi Aramco, a fully-integrated, global petroleum enterprise, and a world leader in exploration and production, refining, petrochemicals manufacturing, distribution, shipping and marketing, has more than 50,000 employees and a large contractual work force.
The sources said Al-Falih led from the front as he and his team of managers, consultants and IT engineers restored many of the company’s main network services in less than a week.
“In true Saudi Aramco spirit and tradition, Al-Falih instilled confidence through his leadership skills and provided the ultimate and right thrust that was needed in those critical hours to grapple with such a humongous challenge,” one source said.
According to industry sources, the attack shows that no one is immune from cyber threats.
“Everyone out there is vulnerable,” said the source who urged companies to raise their Internet security bar.
“It is clear now that the attack on Saudi Aramco was part of a larger conspiracy to undermine the main pillars of the regional and global economy,” he said, referring to the newest attack on Qatar’s RasGas. “It is all part of a nefarious and well-planned design.”
In a statement last week, Al-Falih acknowledged that this was not the first time Saudi Aramco was attacked. “Nor will it be the last illegal attempt to intrude into our systems,” he said. According to sources, there have been thousands of such attacks in the past, but Saudi Aramco managed to thwart them all.
The sources reiterated that Saudi Aramco is not a solely Web-based firm. “It is a solid bricks-and-mortar company with real people who are known for their professionalism and dedication, and it were these real people who worked as one team under Al-Falih to successfully manage this overwhelming crisis,” one source said.
The cyber attack occurred at a time when many employees were either on or were about to go on vacation for Eid Al-Fitr.
“The IT employees and engineers and consultants rushed back and canceled their leave to be onboard as the company got to the grips of the problem,” one source said. “There was a real spirit of camaraderie and solidarity.” It is worth noting that not a single drop of oil was lost during the crisis nor a single delivery delayed because the company’s primary enterprise systems of hydrocarbon exploration and production operate on isolated network systems. Production plants were fully operational as these control systems are also isolated.
In internal memos, Al-Falih is reported to have said that the company has emerged stronger from the crisis.
“Our resilience has been tested, everyone had a role to pay, and all played their part, and we have emerged stronger from this episode,” he is reported to have said.
The company acknowledged the issue and immediately notified its customers and stakeholders. “That indicated confidence and courage on the part of Aramco leadership,” said a source.
Saudi Aramco has in the past managed crises, which were equally, if not more, dangerous, such as the foiled terror attack on Abqaiq refinery in 2006 and the Hawiyah gas explosion in 2007.
“However, what was different this time was the nature of the attack … This was an unseen, invisible and intangible attack … And that made things difficult,” said a source. “But it offered new lessons in crisis management for the company and its highly resilient work force.”
During such crises, a major challenge for companies is the war of innuendos and rumor-mongering that is unleashed through the social media. RasGas is another victim of a vicious cyber attack and some media organs are again full of misinformation. “During the Saudi Aramco attack, all kinds of highly irresponsible statements and sheer assumptions were dished out in some media outlets … They unfortunately played into the hands of the saboteurs,” said one source, who lamented that even some mainstream media organs fell for such dubious reports and hoax statements.
Internet security analysts have described cyber attacks as a constant, lurking threat. “Saudi Aramco and every other corporation, be it small or big, will have to be on guard at all times,” one individual said. “They will have to plug all loopholes ... Complacency can be fatal.”