Natural gas giant RasGas targeted in cyber attack

Reports have surfaced that liquified natural gas (LNG) producer RasGas, based in the Persian Gulf nation of Qatar, has been struck by an unidentified virus, this time shutting down its website and email servers.

Theories have linked the malware that infected 30,000 workstations at oil company Saudi Aramco this month with the recent RasGas attacks, which has, since Monday, reportedly caused a blackout in parts of its computer systems. But Bloomberg News quoted a company official who said that RasGas' production operations were not impacted by the virus.

RasGas and Saudi Aramco have yet to name the malware that's infected them. However, researchers are examining whether data-wiping virus Shamoon was the culprit at Saudi Aramco.

Aviv Raff, CTO at Israeli security firm Seculert, which published a blog post analyzing Shamoon, told SCMagazine.com in an email on Friday that he is aware of Shamoon targeting  “several specific companies in a few industries,” though he could not name them, citing a non-disclosure agreement.

“Targeted attacks are commonly used against companies in the same vertical,” he said. “So an attack against another company in the oil-and-energy industry isn't surprising. If it is indeed the same attack, I believe they are probably using this to cover their tracks of the actual intended action against RasGas.”

A request for comment that SCMagazine.com emailed to RasGas bounced back Friday, and the company's website was still down as of Friday afternoon EST.

RasGas, short for Ras Laffan Liquefied Natural Gas Company, was established in 2001 and is a joint venture between LNG producer Qatar Petroleum, which owns 70 percent of RasGas, and Exxon Mobil, which maintains a 30-percent share. Qatar is the world's largest LNG exporter.

Saudi Arabia-based Saudi Aramco resumed normal business operations last Saturday, after having its infected machines cleaned and restored.