As the current information suggests, attacks started on Thursday and are still in progress.
Saudi Arabia’s General Entertainment Authority (GEA) reports that ‘subversive’ attacks were scheduled against their site by unknown cybercriminals with hopes of harming the authority and the public. No additional details were given in the description of this another cyber attack, as you can see in the GEA tweet on the following link:
— هيئة الترفيه (@GEA_SA) September 29, 2017
In the moment, we know that the search for the suspects is on and that all the authorities are working hard on finding out the method which was used, loophole found in the system as well as who are the criminals.
A rewind in time, the GEA was created in 2016 by a royal decree, as one of the parts of the Saudi Arabia’s Vision 2030 Programme which had the ideas of economic and social reforms. The main idea was to offer the entertainment options for the citizens and to track away from the economy and its own dependence on oil.
As part of the entertainment programme, there were concerts organized all over the country last weekend, the reason being the commemoration of the 87th Saudi National Day. The concerts included pageant operetta which is a historical event because the women were entering King Fahd Stadium in Riyadh for the first time in history since it was built.
The program idea was something that was badly needed at the time because of the constant investments made on the Saudi Arabia’s territory, people simply needed to drift their thoughts in a different route.
However, cybercriminals still do not stop their attacks. In January, there was an appearance of the disk-wiping malware, which was made to attack the Saudi labor ministry and some chemical companies. Hackers knew what they were doing and in December, just before these big attacks, they targeted the Saudi Arabia’s central bank, in hopes of clearing their disks completely doing multi-million damage to their members, which would be very unlikely to be recovered.
Multiple versions of malware were released, so Saudi telecoms authority had to call out a public warning against this software because there were similar cases back in 2012 when the damage was unrecoverable. All that was left on the hard disks at the time were images of burning US flags. Luckily, Saudi Arabian cyber experts linked these attacks to the Iranian state-sponsored hackers, and the case was solved.
In August of this year, Kaspersky Lab, a famous international computer security company, stated that these Mamba viruses (also called ransomware) have hit San Francisco Municipal Transportation Agency back in the November of 2016. But the efficiency in the coding of these viruses made these harmful programs spread all the way to Saudi Arabia and even Brazil, so this got called out as an international cybersecurity threat, which was fortunately solved.