The Shamoon attack was a cyberattack that targeted Saudi Aramco in 2012 and 2016. Attackers were able to gain access to Saudi Aramco's systems through a phishing email that exploited known administrator passwords. The malware wiped data from over 30,000 machines at Saudi Aramco, preventing them from rebooting and forcing the company to shut down its corporate network. The attackers' motivations were believed to be cyber activism against the Saudi government or retaliation for Western actions against Iran. Saudi Aramco took 5 months to fully recover from the attack and implement new security measures.