Cyber-attackers tried to trigger a deadly explosion at a petrochemical plant in Saudi Arabia in August, The New York Times reported.
Investigators declined to identify the suspected attackers, but people interviewed by the newspaper unanimously said it most likely aimed to cause a blast that would have guaranteed casualties.
A bug in the attackers’ code accidentally shut down the system instead, according to the report.
The cyber-attack – which could signal plans for other attacks around the world – was likely the work of hackers supported by a government, according to multiple insiders interviewed by the newspaper.
According to the report, attackers were sophisticated and had plenty of time and resources, an indication that they were most likely supported by a government, according to more than a dozen people, including cybersecurity experts who have looked into the attack and asked not to be identified because of the confidentiality of the continuing investigation.
All sources declined to name the company operating the plant as well as the countries suspected to have backed the hackers, The New York Times said.
Security experts, however, told the newspaper that Iran, China, Russia, Israel and the United States had the technical capacity to launch an attack of that magnitude.
There was no immediate comment from Saudi Arabia, which has come under frequent cyber-attacks, including “Shamoon”, the aggressive disc-wiping malware that hit the Saudi energy sector in 2012.
Saudi Aramco, the world’s biggest oil company, was among the firms hit by Shamoon, which was believed then to be the country’s worst cyber-attack yet.
US intelligence officials at the time said they suspected a link to the kingdom’s regional rival Iran.
But the August attack was “much more dangerous” than Shamoon, according to The New York Times, and likely aimed to send a political message — investigators said the code had been custom-built with no obvious financial motive.
The attack destroyed the company’s hard drives, wiped all data and replaced it with the now-iconic image of Aylan Kurdi, the Syrian boy in a red T-shirt who washed up dead on the Turkish coast.
Saudi Arabia was also hit by Powershell malware targeting government computers in November.