Ep.14 Chris Kubecka | Saudi Aramco Hacks

podcast default

In this episode of the Cybrary Podcast we sit down with Chris Kubecka, the CEO of HypaSec. Speaking with Leif Jackson, the VP of Content and Community for Cybrary, Chris explains how the Saudi Aramco Hacks took place and what effect it has had on their business.

Hosted by: Leif Jackson, Chris Kubecka
Length: 12 minutes
Released on: March 18th, 2020
Listen to the Audio
Enjoyed this podcast?
Share it with friends now!

Chris Kubecka, CEO at HypaSec and the Cybrary’s advisory board member, is hosted in this episode of Cybrary’s podcast. She is also working with Saudi Aramco which is at the center of discussion. The infrastructure attack on Saudi Aramco, the oil market, a bit of electricity-powered vehicles, and security tips for preventing or at least lowering the chance for an infrastructure attack.

Saudi Aramco was attacked by a malware called Shamoon which had infected the company’s windows system, the IoT system, and two other facilities. Later, Bahrain and an oil company in Qatar, Raz Gas, were also infected by the variant of Shamoon. This attack was done by a group of people calling themselves the cutting sword of justice. According to Chris, there were many reasons for the attack. The main one, however, was the price, and Saudi Aramco was producing oil at the cheapest price than anyone else. The Iranians who were the attacker committed just for the competition purpose according to Chris.

The talk changes the direction from the supply-side point of view to the demand-side point of view. Considering the demand side of the oil, it differs worldwide. China, for example, is quarantined, and its public transportation is being shut down, and it has been producing electric buses which drop the needs for oil. Tesla is another example of it which is producing the electric-powered semi-truck. These events will disrupt the oil market. In some countries, there are also rules and regulations that drop down the usage of oil. The demand for oil is decreasing during the last five years, and in some places, it is also increasing and in some others, it is consistent. Saudi Arabia has got a consistent demand for more and more oil consumption due to not having a regulation to mandate people to use more fuel-efficient cars and light bulbs, electricity production which is based on oil, and the climate situation.

Continuing the talk about Tesla electricity-powered vehicles, Chris states the recent cost increase in Tesla stock price caused by a variety of factors like high tax advantages for Tesla vehicles, free parking, low-cost car station, not paying for the congestion charge, the battery technology Tesla has been making recently and large battery installation. This can be great news and in the meantime not much great news for the oil market.

According to Chris, prioritizing security is the very initial mechanism that can prevent some of the critical infrastructure attacks. Throughout the time, new technologies are being introduced, and new vulnerabilities are discovered, so some frameworks to have a look at, are CIS control, ICS SCADA, and ICS protocols. These frameworks can familiarize them with a lot of network control and risk associated with them.


Leif: Hi, everybody. Leif Jackson here, VP of content and community here with Chris Rebecca, one of our advisory board members. Welcome back Chris.

Chris: Oh, thank you so much for having me again.

Leif: Appreciate you coming. So we have our super exciting discussion today around Saudi Aramco. And as you know, they recently IPOed, they floated about 30% of their shares and they're actually the most valuable company in the world. $2 trillion and Chris, you have some intimate knowledge of Saudi Aramco, right? Like you still work with them a little bit?

Chris: Yes, I do. Yes. I do a bit more than intimate knowledge. I might say. I know that their networks inside and out.

Leif: Fantastic. So we're going to be discussing today, like. Is it worth it? Right? And some of the, some of the elements you should be thinking about when investing in a company like this particularly around, you know, kind of the risk elements that you were, you were associated with. So you want to tell us a little bit about that?

Chris: Yes, certainly. Back in 2012, Saudi Aramco was hit by the so far, the world's most devastating cyber warfare attack, which knocked out 85% of their windows systems, a lot of their IOT systems that help load fuel into a tanker trucks and a two of their production facilities were also affected. Now during the attack, unfortunately, because it lasted a little bit longer than most attacks occur, the strategic supply for Saudi Arabia itself was starting to dwindle, Bahrain was also affected. And then 14 days after Saudi Aramco’s attack the country of Qatar and their national oil company, Raz gas was also hit just with a slight variant of Shamoon, which was the malware, and that's what it was called. And at the time, Aramco did not have any, we should say real security or threat intelligence. So, they had not seen that on Pastebin a group calling itself, the cutting sword of justice posted up that in two hours. They would be trying to destroy as many computer systems as possible belonging to Saudi Aramco.

Leif: Gotcha

Chris: So, I was called in, given an offer I couldn't refuse. They told me “Don't say no, just say maybe”. And join the team and help to re-establish international business operations for the Aramco family.

Leif: And, why were they attacking Aramco? What was the, kind of the reason behind it?

Chris: Well, there are several reasons, Geo politically wise, the Iranians who were the attackers in this particular case and Saudi Arabia have not gotten along historically. So, in addition to that, the price of oil is very important for all national oil companies.

Leif: Sure.

Chris: And Saudi Aramco can produce a barrel of oil, much cheaper than anyone else will ever. The Iranians don't have the same amount of refining capabilities. So, it costs them a lot more to produce oil. So, it would be in the Iranian's best interest to drive the oil price up. And that's what had started to occur when the attack happened.

Leif: Gotcha. And is that what happened during the drone attacks as well? Or was there a different kind of, you know, the recent drone attacks that occurred on the, on the oil fields?

Chris: Oh, absolutely. So, oil grows by almost 5% because of it and production at Saudi Aramco was diminished to a certain extent. Yes.

Leif: Yeah. So, like that's on the supply side, right? So like on the defense side and we talked a lot about like, kind of the demand side as well and how, you know, there's some changes occurring there. Can you talk a little bit about that?

Chris: Yeah, there's a lot of changes regarding oil demand worldwide. Now, currently, China is undergoing basically an epidemic from the coronavirus, and what's happening is, it's now turned into the world's largest experiment of work from home because people have to stay home. They're being quarantined, cities were being shut down, public transport’s being shut down. That means that the demand for oil has dropped very sharply. Yeah, there are other factors too. China's been producing and manufacturing electric buses on a massive scale, replacing all of their more traditional diesel and gasoline buses. That's also already been lowering demand. Then you couple that with renewable energy, that's more and more available in the European Union and in other countries, for example, a couple of months ago, I did a presentation for the Pakistani energy minister about renewable energy and transition and some of the risks that were involved with that. And then we have new regulations and maritime, which will force ships to be more fuel efficient. And the aviation industry there's been improvement in designs and also shift to more biofuels.

Leif: Right.

Chris: There's also recently been an increase in train services in Europe and also from Europe to China for shipping purposes and last but not least, a very interesting thing out of Tesla with what they're producing right now are electric powered semi-trucks, which will absolutely disrupt the oil market.

Leif: Interesting. One of the things you mentioned earlier was also around regulation, right? So, like European regulations are forcing them to be more energy efficient as well.

Chris: Absolutely. So by 2025, some countries in Europe and the UK, you will not be allowed to purchase a diesel or a diesel and gasoline car at all no more. And they've also begun phasing out older models of cars, which are not fuel efficient.

Leif: And of course, I kind of glanced over the fact that you mentioned Tesla, which is all in the news, especially this week, with the nearly doubling of their stock price right? which has been great for some people.

Chris: Yes, I know who would I borrow money from now.

Leif: So yes. Oh, retirement, you know, 30 years or so. So tell us a little bit about, you know, why you think is doubled right? And we're able to kind of see them going as well.

Chris: Well, living in Europe, I've noticed that there's been a lot of tax advantages for Tesla vehicles. For example, when I land at Schiphol airport tomorrow, if I can't get a ride back from the airport, I'll be taking a taxi and that taxi will most likely be a Tesla because we actually use Tesla vehicles for taxis. There are free or very low car cost, charging stations across much of Northern Europe. You also get free parking, which can save you 20 euros a day if you purchase an electric vehicle. So there are all these advantages in London, you don't have to pay the congestion charge, which is 15 pound a day, which is about 20, $22 a day just to drive into the city. So, a couple that with the battery technology that Tesla has been making and also large battery installations and places like Australia, and then the power walls themselves, which have been enabling people worldwide to bank power in a very safe and effective manner. So it's been quite disruptive, I think, in a good way. However, for the oil markets, not a good way.

Leif: Yes. So talk about that. A little bit, how how's that hurting the oil markets?

Chris: Well, The oil markets, they produce one thing. Well, two things, natural gas and oil. And that means that to produce something at a good profit margin, there has to be a demand, and right now the demand has been diminishing year after year after year for at least the past five years has been going down. However, there are some places in the world where the consumption of oil keeps going up. And, interestingly enough, that one country where it's got the consistent demand for more and more oil consumption is actually Saudi Arabia itself.

Leif: Interesting. Why is that?

Chris: The way that they produce electricity is by burning oil. And it's been very difficult to cut down on consumption when you have to figure in air conditioning, which Saudi is kinda hot. And also there's no real, say laws or regulations that mandate that you have to have a more fuel efficient car or more fuel efficient light bulbs. Funny story, Saudi came out with, some say, pushing green energy and efficiency with light bulbs and reducing energy consumption. And they actually did the wording backwards. So it read more like if you turn on your lights and keep them all on, it's the better thing to do.

Leif: Interesting. Yeah. I think one of the areas that I'm always curious about is fracking, right? So, that's an area that seems to be increasing the supply in the United States especially. Is that also reducing the demand from the Saudis, like, you know, Saudi Aramco and specific for oil.

Chris: Oh, absolutely. And also because of the increase in fracking in the US, it's also reduced any dependency on Venezuela, for example, as well, because they're having so many problems. So it's been able to stabilize the oil markets in the United States.

Leif: So, we have decreased demand. Large threats to the supply, which the , you know, largely cybersecurity, the supply side, you know, we talked a lot about, you know, ICS controls, right? So can you talk a little bit about how a company can, you know, prevent from some of these critical infrastructure attacks and, you know, make sure that their assets are in order so to speak.

Chris: Well, prioritizing security because this is one of the key problems. We have a lot of legacy systems and things that are meant to last a very long time, but then you also have to get business data out of these systems, right, to get a good return on investment. So, newer systems are then introduced into the mix, which have new vulnerabilities, and this is not an ideal situation. There are also various frameworks that you can look at, like the CIS controls, but most recently, we're about to release a Cybrary’s newest and greatest, I must say, their first a ICS SCADA and ICS protocol course, which I've written and just finished filming and that way people can start familiarizing themselves with a lot of these control now, networks and a lot of the risks associated with them.

Leif: Yeah, absolutely. That way they can protect business assets, right, of their companies, which is a lot of what our audience is interested in doing right. Well, this has been fantastic, Chris. I really appreciate it. And, any final thoughts for our audience? I'm very excited about your course. We'll also have a CIS controls course coming out as well. So I think those make couple really well together. Any thoughts for the audience?

Chris: I would say my next Christmas list is Tesla chairs.

Leif: Absolutely. It’s good to know. Thank you, Chris. I really appreciate you coming today.

Chris: All right,

Leif: bye guys.