Renewed Shamoon campaigns that began late last year attacked a wider range of targets including the public and financial sectors in Saudi Arabia, McAfee said in a blog post dated Tuesday.
The increase in sophistication suggests "the comprehensive operation of a nation-state," it said. "This campaign was significantly larger, well-planned, and an intentional attempt to disrupt key organisations and the country of Saudi Arabia," McAfee's blog said. The attackers entered their targets with phishing emails that allowed "reconnaissance" before initiating the strike which McAfee said is ongoing.
In January a senior Saudi telecommunications official was quoted as saying the kingdom's computer security systems are vulnerable to the "Shamoon 2" virus. Among its reported victims was a division of the labour ministry. Saudi Arabia and Iran have no diplomatic ties and support opposite sides of regional wars including in Yemen and Syria.