THE revelation that the cyber-attack on Saudi Aramco's computer systems was aimed at disrupting production adds a whole new seriousness to what was originally thought to be a malicious attempt to merely break into the system by hackers thought to be from Eastern Europe. The alarm must be the greater because a similar assault was mounted at the same time on the gas field production systems in Qatar. It has not been specified how far the cyber-criminals came to compromising the hydrocarbon production of both the Kingdom and Qatar. It seems clear that at some point the attack was interdicted. However, the results could have been catastrophic, affecting field management, production and export equipment. Had machinery been forced to overrun or otherwise fail, the costs in damage and lost production could have run into billions of dollars, to say nothing of the dangers to which engineers might have been exposed as they tried to fix damaged installations. There can be no doubt that Saudi Aramco has now brought in the very best security brains to analyze precisely how this cyber-attack took place and to institute new levels of protection and tighter processes to try and stop it happening again. Nevertheless, the bad news is that these criminal attacks on highly secure computer systems are no longer the sole preserve of computer nerds working from their bedrooms. The sort of computer power and sophisticated coding necessary to launch cyber-assaults on advanced computer networks, which were thought to have the very latest in protection, is generally only available to governments or the very largest multinationals. The STUXNET worm, discovered in 2010, which had penetrated industrial software and equipment made by the German firm Siemens, gaining entry through Microsoft Windows, is widely believed to have been developed by a government. Suspects range from the US and Israel, because the worm damaged the Iranian nuclear fuel enrichment program, to China and Russia. US government agencies meanwhile report consistent attacks on their own highly-secure top secret computer networks, which Washington claims emanate from China. Indeed the Americans now have their own cyberwarfare capability. While, undoubtedly, much effort is being devoted to defensive measures, it must be assumed that great attention is also being given to offensive strategies, either as a matter of course during peacetime or targeted toward the IT networks of rivals during periods of international tension. Experts believe that future conflicts could be fought very largely in cyberspace. But no one should believe that a war of the computers will be bloodless. Far from it. The world today is almost entirely dependent upon the efficient functioning of computer networks. It is not just a question of communications. Power systems, water distribution networks, hospitals, all forms of travel, to say nothing of the world's financial markets, and yes, hydrocarbon production systems, are all vulnerable to cyber-assault. If they fail, people will die, countries will grind to a halt, economies will collapse - virtually everything that modern societies take for granted will be affected. And the new frontier of cyberwarfare is the more terrifying for its very secrecy. Who is to say that essential systems around the globe have not already been infected with malign programs that are sitting undetected, awaiting the moment when their operators decide to activate them? Proliferation of such deadly software seems a certainty. It is a deeply perturbing prospect.
