Attack on Italian oil firm Saipem

Date of report

December 2018

Affiliations

Possibly linked to an Iran-based group that uses the Shamoon virus to target oil and gas entities with a connection to Saudi Arabia.

An attack on the Italian oil firm Saipem targeted servers based in India, Kuwait, Saudi Arabia, Scotland, and the United Arab Emirates. Hackers used a variant of the Shamoon virus.

Suspected victims

Saipem

Suspected state sponsor

Iran (Islamic Republic of)

Type of incident

Espionage

Target category

Private sector

Victim government reaction

Unknown

Shamoon computer virus variant is lead suspect in hack on oil firm Saipem
Middle East Servers Targeted in Cyberattack Against Saipem
2018 Saipem: Update on the Cyber Attack Suffered

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events