Blood and destruction shall be so in use
And dreadful objects so familiar
That mothers shall but smile when they behold
Their infants quarter'd with the hands of war;
All pity choked with custom of fell deeds:
And Caesar's spirit, ranging for revenge,
With Ate by his side come hot from hell,
Shall in these confines with a monarch's voice
Cry 'Havoc,' and let slip the dogs of war;
That this foul deed shall smell above the earth
With carrion men, groaning for burial.
~Julius Caeasar Act III Scene I
The Saudi oil attacks could be a precursor to widespread cyberwarfare — with collateral damage for companies in the region
A recent attack against Saudi Aramco damaged the world’s largest oil producer and delayed oil production, roiling oil and gas markets. The Saudi government and U.S. intelligence officials have claimed the incident is the work of Iran, while Iran blamed Yemeni rebels.
This is a real-world continuation of a long-simmering cyberwar between the two countries, which has spilled over into other global powers.
In recent years, Iran has deployed destructive computer viruses against Saudi Arabia. The Kingdom and oil and gas industry have been slow to shore up their defenses, raising red flags about the possibility of longer term fal-out in the region, experts said. Investors should expect long-term cyber espionage and flare-ups of malicious activity, including the potential for destructive attacks that hurt companies in the region beyond Aramco.
https://www.cnbc.com/2019/09/21/saudi-aramco-attacks-could-predict-cyber-warfare-from-iran.html
The Urgent Search for a Cyber Silver Bullet Against Iran
PEW PEW PEW!
President Trump is considering a range of options to punish Iran for this month’s attack on Saudi oil facilities, and has toughened sanctions on Iran and ordered the deployment of additional troops to the region. But a second cyberstrike — after one launched against Iran just three months ago — has emerged as the most appealing course of action for Mr. Trump, who is reluctant to widen the conflict in a region he has said the United States should leave, according to senior American officials.
But even as the Pentagon considers specific targets — an attempt to shut down Iran’s oil fields and refineries has been one of the “proportionate responses” under review — a broader debate is taking place inside and outside the administration over whether a cyberattack alone will be enough to alter Iran’s calculations, and what kind of retaliation a particularly damaging cyberstrike might provoke.
https://www.nytimes.com/2019/09/23/world/middleeast/iran-cyberattack-us.html
Phishing Attack Targets The Guardian's Whistleblowing Site
"Once the attackers gain access to a source's codename, they can then
login with it on The Guardian's real SecureDrop site and impersonate the
source and steal information and communications.
Sh1ttyKids told BleepingComputer that soon after he tweeted about the
phishing site it was taken offline. He did not know, though, whether the
site was taken offline by The Guardian's security team, who were
notified, or the attackers.
BleepingComputer has reached out to The Guardian with questions related
to the page being taken down.
Even though the page is now down, unfortunately the harm may have
already been done as not only was this phishing site harvesting
SecureDrop codenames, but was also pushing a malicious Android app that
could allow the attackers to monitor anyone who installed it."
https://www.bleepingcomputer.com/news/security/phishing-attack-targets-the-guardians-whistleblowing-site/
Tortoiseshell Group Targets IT Providers in Saudi Arabia
"The targeting of IT providers points strongly to these attacks being
supply chain attacks, with the
