In this paper, the researcher briefly discusses the attacks that have occurred recently within Saudi Arabia to entities such as Saudi Aramco to the Ministry of Health. These attacks are aggressions against government institutions that can render a sector vulnerable. Observing the ongoing attacks on critical infrastructure in Ukraine one can see a replication of similar attacks that could occur and spread over the Middle East. As this nation is a politically turbulent region, there is no small number of external threats. To combat these evolving threat, a shift towards cyber readiness must occur. This includes new laws, security hardened technologies, and education for people living in the kingdom.

1. Unprepared for Cybersecurity in
Saudi Arabia: Argument for a Shift
Towards Cyber Readiness
Maurice Dawson Jr., Ph.D., Sc.D., SMIEEE, CSSLP, CGEIT, CCISO
Director of IIT Center for Cyber Security and Forensics Education (C2SAFE)
Assistant Professor of Information Technology and Management
Fulbright Scholar 2017-2018, 2014, Senior IEEE Member
Illinois Institute of Technology | School of Applied Technology
Visiting Professor at the Technische Universität München
Visiting Researcher at the Policía Nacional República Dominicana

2. 2
Abstract
In this paper, the researcher briefly discusses the
attacks that have occurred recently within Saudi
Arabia to entities such as Saudi Aramco to the
Ministry of Health. These attacks are aggressions
against government institutions that can render a sector
vulnerable. Observing the ongoing attacks on critical
infrastructure in Ukraine one can see a replication of
similar attacks that could occur and spread over the
Middle East. As this nation is a politically turbulent
region, there is no small number of external threats.
To combat these evolving threat, a shift towards cyber
readiness must occur. This includes new laws, security
hardened technologies, and education for people living in
the kingdom.

3. 3
Saudi Aramco

In 2012, Saudi Aramco was a victim of an attack of a virus that
has been identified as the Shamoon virus (Jewkes, 2018). An
estimated 30,000 Windows- based machines operating on the
corporate network fell victim to the Shamoon virus (Bronk and
Tikk-Ringas, 2013). There was no reported incident such as an oil
spill or drilling error however it is likely that data was lost as a result
of this attack (Bronk and Tikk-Ringas, 2013). Data taken could have
ranged from proprietary drilling techniques or information about the
entire supply chain involved that provides riches details about the
entire lifecycle of the oil production to final delivery. This would also
provide information about all technology used allowing more
complex malicious software to be written that targeted specific
electronic components that were special purpose. But if you place
this attack in context this organization is part of a key global area
for gas and oil production. Nearly half of the top oil producers
are from this region.

4. 4
Ministry of Health

The Ministry of Health website was down
during the third quarter of 2018. This ministry
is responsible for the health affairs within the
country. The task of this ministry is critical as it
serves as the principal organization for public
health. For hours this site could not be reached by
those internal to the country. This was a Denial of
Service (DoS) attack which is not a new thing but
attacking a government site is a method to test
federal cybersecurity hardening controls
implemented. The figure to the right shows the
unreachable site attempted to be accessed
through a mobile device.

5. 5
Middle East Corporate Attacks

In December Saipem reported massive attacks on
their servers with the majority of the attacks occurring
in Saudi Arabia and the Middle East (Albanese and
Lepido, 2018). This attack has brought up questions if it
was economic espionage or state-sponsored information
gathering as seen during (Albanese and Lepido, 2018).
Approximately 94% of the companies in the Middle
East and Africa stated that they had been a victim of a
cyber attack in the past year (Cisco, 2018). This is
frightening as this number shows that there that it is no
longer a risk of having a cyber attack as this is an event
that will occur. Therefore, organizations in this region have
to adequately be prepared to encounter attacks and
recover depending upon the type of attack.

6. 6
Framework for Cybersecurity
Ecosystem
To meet the evolving needs of the country, it is imperative that a
holistic cybersecurity framework is applied. To do this effectively,
one should consider the application of the Mission Framework that is
shown in the to the right. This framework has three core themes: the
role of education in cybersecurity, the role of technology in
cybersecurity, and the role of policy in cybersecurity (Dawson, 2018).
These core themes serve as a model for implementing and maintaining
a cybersecurity ecosystem.

Organizations such as the Ministry of Interior’s National Cyber
Security Center (NCSC) would have to take charge in establishing
a curriculum that they accredit for collegiate education. Additionally,
creating a department that helps determine security baselines that can
be used for federal and civilians is needed. These would serve as
critical steps to harden devices before deployment to consumers or
organizations. Changing poor user system behavior is one method to
reduce the threat landscape. Other initiatives such as general security
awareness and mechanisms to trust device connections would serve as
a way to develop technology trust.

7. 7

8. 8

9. 9

10. 10

11. 11

12. 12
Conclusion

As Saudi Arabia is engaged in regional conflicts with Iran and
Syria, this could be enough reason to engage in cyber-
readiness as cyber-aggression is expected. As oil is the key
export and primary source of income protection of the critical
infrastructure associated with this ranks a high priority. As new
projects such as the Saudi Vision 2030, King Hamad Causeway,
upgrades to King Fahd Causeway, and others it will be key to
ensure that this infrastructure is not susceptible to attack. To
effectively implement cybersecurity in this nation a framework that
is inclusive of technology, policy, and education needs to be
created. This will be an effort that will require multiple parties within
the country to be actively engaged in realizing tactical and strategic
goals. As the nation undergoes the Saudi nationalization
scheme to fill up workforce with Saudi nationals, an
opportunity presents itself to quickly develop the
cybersecurity workforce as future technologies are being
prepared for implementation in this region.

13. 13
I would acknowledge the support from the United States
Department of State’s Bureau of Educational and Culture
Affairs for the grant award Fulbright Scholar Specialist
Project ID: FSP-P000654