72                                        Intelligent Digital Oil and Gas Fields


          just 3 million in 2009. The Shamoom malware incident of August 2012 is
          one of the most significant cyber-attacks directed against the industry giant
          Saudi Aramco. Shamoom quickly deleted digital content on hard disks and it
          is estimated that >30,000 computers systems were affected (Roberts, 2012;
          Mills, 2013).
             Virus: A virus is a program that propagates itself from one comput-
          ing device to another with the legitimate user’s unknowing authorizat-
          ion or intervention. The damage done by a virus is unforeseen and
          unpredictable as each of the virus is designed for specific activity and pur-
          pose and can range from misleading the users to do a certain activity to
          destroying completely the computing device itself. The virus is embed-
          ded in an email, or documents that are shared such as photos and videos.
          If a virus-infected file is shared through a physical storage drive like a
          USB flash drive, the virus can spread even without omnipresent connec-
          tivity. The threat of viruses for the O&G industry is the same as for other
          industries.
             Worm: Like a virus, a worm moves from one computing device to
          another and keeps a record of the previous computing environment it
          was in, thus providing the attackers a trail of information of the systems.
          These are self-replicating programs unlike viruses, which are fixed but
          spread due to some human intervention.
             Denial of Service (DoS): DoS attack is an incident in which a business’s
          computing systems are unable to fulfill the service requests that are being
          requested, because its computing resources are overloaded. Typically, this
          happens when an attacker creates a massive amount of service requests aimed
          at a particular service with an aim of bringing down the service, such that the
          computing system both become overloaded in various resources available to
          it and is unable to take any more legitimate requests. DOS is one of the hard-
          est kinds of attack to predict and prevent.
             SCADA attack: As mentioned above, SCADA systems are the heart of
          O&G industry operations, so its security is crucial. Typically, SCADA
          transactions are done without close security at the source; thus, the inter-
          ceptors can read and use for their benefits. In addition, devices in SCADA
          systems have very limited memory and bandwidth for storing and
          implementing authentication solutions, so as a result may allow for injec-
          tion of requests that can create havoc for field operations. SCADA systems
          have evolved to become a decentralized series of interconnected networks
          and thus become more vulnerable. If SCADA systems are attacked and
          infiltrated, the result could be damage to various assets deployed on the