Russia Behind Cyberattack on Saudi Petrochemical Plant, Experts Say

A cyberattack against a petrochemical plant in Saudi Arabia that experts said was meant to cause an explosion last year has been traced back to Russian hackers, The Wall Street Journal reports. The hack, which was first disclosed by cybersecurity firms last December, was seen as unprecedented at the time, with hackers gaining access to safety shut-off valves that are crucial for catastrophic events. Research published Tuesday by cybersecurity company FireEye linked malicious computer code used in that attack to the Central Scientific Research Institute of Chemistry and Mechanics, a research institute owned by the Russian government. Although FireEye stopped short of identifying the petrochemical plant affected, cybersecurity firms have previously identified it as a facility in Saudi Arabia. FireEye researchers say an unnamed professor at the institute was behind the malware that was used by a Russian hacking group known as TEMP.Veles. “What seems to be clear here is the Russian government has a strong hand behind this and was heavily involved,” John Hultquist, director of intelligence at FireEye, was quoted as saying by the Journal. “It affirms the concern that the Russians could get into the safety systems, which are sort of the last line of defense for a lot of these facilities.”