State-sponsored hackers who unleashed a digital bomb in key parts of Saudi Arabia’s computer networks over the last two weeks damaged systems at the country’s central bank, known as the Saudi Arabian Monetary Agency, according to two people briefed on an ongoing investigation of the breach.
The attacks, which afflicted at least six government entities, used a computer-killing malware known as Shamoon that is linked to Iran, they said. Hitting the targets had the potential to inflict damage across several critical sectors, including finance and transportation.
The investigation is still in its early stages and the determination of responsibility could change, the two people said.
The number of entities where damage occurred is likely to grow as the probe continues, a third said.
Iranian officials didn’t respond to repeated requests for comment on the attack. Calls placed to the Saudi Interior Ministry about the targeting of the country’s central bank weren’t returned.
This would be at least the second central bank to suffer a major digital attack in the past year.
In February, hackers stole $81m by manipulating the international payment system at the central bank in Bangladesh.
The central bank manages foreign-exchange reserves, supervises commercial banks, and runs the country’s electronic-payments system.
It’s unclear what part of its information systems were damaged in the attack.
There haven’t been reports of outages in the electronic-payments system or other parts of the banking sector.
The malware, which overwrites the master boot record of a computer, rendering it inoperable, has already destroyed thousands of computers across multiple government agencies, two people familiar with the probe said.