Report: US officials say Iran was behind cyberattacks in Middle East

In a keynote address Thursday night to the Business Executives for National Security conference, Panetta described how a malicious virus named Shamoon corrupted more than 30,000 computers at the Saudi Arabian state-owned oil company Aramco and rendered them useless. The Defense chief said the virus also “replaced critical systems files with an image of a burning U.S. flag.”

Days later, RasGas, an energy company in Qatar, suffered a similar attack, he said. 

Panetta called the devastating Shamoon virus “probably the most destructive attack that the private sector has seen to date.”

While Panetta acknowledged in his speech that both Russia and China have advanced cyber capabilities, he also singled out Iran and noted that it has “undertaken a concerted effort to use cyberspace to its advantage.” He did not tie Iran to the two attacks on the Middle Eastern companies, however.

The Defense Secretary’s speech marked the first time the Pentagon has acknowledged that U.S. military forces are able to wage pre-emptive or retaliatory cyberwarfare measures. Previously, the Defense Department has described how the military is focused on developing defensive cyber capabilities that would deter possible cyberattacks.

“Our mission is to defend this nation. We defend. We deter. And if called upon, we take decisive action,” Panetta said. 

He also issued a sharp warning to cyber adversaries who might seek to attack the U.S.

“Potential aggressors should be aware that the United States has the capacity to locate them and to hold them accountable for their actions that may try to harm America,” Panetta said.