Saudi Aramco has restored all its main internal network services that were impacted on August 15, 2012, by a malicious virus that originated from external sources and affected about 30,000 workstations. The workstations have since been cleaned and restored to service. As a precaution, remote Internet access to online resources was restricted.
Saudi Aramco employees returned to work August 25, 2012, following the Eid holidays, resuming normal business.
The company confirmed that its primary enterprise systems of hydrocarbon exploration and production were unaffected as they operate on isolated network systems. Production plants were also fully operational as these control systems are also isolated.
“We addressed the threat immediately, and our precautionary procedures, which have been in place to counter such threats, and our multiple protective systems, have helped to mitigate these deplorable cyber threats from spiraling,” said Khalid A. Al-Falih, president and CEO, Saudi Aramco.
“Saudi Aramco is not the only company that became a target for such attempts, and this was not the first nor will it be the last illegal attempt to intrude into our systems, and we will ensure that we will further reinforce our systems with all available means to protect against a recurrence of this type of cyber-attack,” Al-Falih added.
Al-Falih confirmed that exploration, producing, exports, sales, distribution operations, and financial and human resources systems, and databases are intact as they function on isolated systems.
“We would like to emphasize and assure our stakeholders, customers and partners that our core businesses of oil and gas exploration, production and distribution from the wellhead to the distribution network were unaffected and are functioning as reliably as ever. There is no doubt whatsoever about Saudi Aramco meeting its commitments to its customers worldwide.”
Al-Falih concluded that the company continues to investigate the causes of the incident and those responsible for it.