On 17 January 2017 the Saudi Arabia Computer Emergency Response Team (CERT), Abdulrahman al-Friah, confirmed that close to 22 businesses in Saudi Arabia were affected by the Shamoon malware virus. Shamoon is alleged to have been created in Iran, and is the same wiper malware that hit Saudi Aramco in 2012. Some are identifying the malware as: Shimon 2. Among the companies affected was Essex Shipping.Wapack Labs has reported on cyber threats to the maritime sector in the past. An archive of related reporting can be found in the Red Sky Alliance portal in the Red Sky Alliance Portal.
TLP: GREEN
ACTOR TYPE: (V)
SERIAL: TR-018-2017
COUNTRIES: SA, GB
REPORT DATE: 20170125
