ARAMCO ATTACK



Case Study


Aramco Says Cyberattack Was Aimed at Production

By REUTERSDEC. 9, 2012
Date: 01 April 2013

JEDDAH, Saudi Arabia (Reuters) — Saudi Arabia’s national oil company, Aramco, said on Sunday that a cyberattack against it in August that damaged some 30,000 computers was aimed at stopping oil and gas production in Saudi Arabia, the biggest exporter in the Organization of the Petroleum Exporting Countries.
The attack on Saudi Aramco — which supplies a tenth of the world’s oil — failed to disrupt production, but was one of the most destructive hacker strikes against a single business.
“The main target in this attack was to stop the flow of oil and gas to local and international markets and thank God they were not able to achieve their goals,” Abdullah al-Saadan, Aramco’s vice president for corporate planning, said on Al Ekhbariya television. It was Aramco’s first comments on the apparent aim of the attack.
Hackers from a group called Cutting Sword of Justice claimed responsibility for the attack, saying that their motives were political and that the virus gave them access to documents from Aramco’s computers, which they threatened to release. No documents have yet been published.
Aramco and the Saudi Interior Ministry are investigating the attack. A ministry spokesman, Maj. Gen. Mansour al-Turki, said the attackers were an organized group operating from countries on four continents.
The attack used a computer virus known as Shamoon, which infected workstations on Aug. 15. The company shut its main internal network for more than a week. General Turki said the investigation had not shown any involvement by Aramco employees. He said he could not give more details because the investigation was not complete.
Shamoon spread through Aramco’s network and wiped computers’ hard drives clean. Aramco said damage was limited to office computers and did not affect systems software that might harm technical operations.

Resource:
http://www.nytimes.com/2012/12/10/business/global/saudi-aramco-says-hackers-took-aim-at-its-4production.html?_r=0



Question: What are the things that Aramco should do to prevent such attacks??



    • it is important to spread awareness for employee about the risk they might face when they use internet and computers and sit list of polices that the employee must to follow when the used competes and internet

    •  USB disk security provide protective covering against  all  malicious program trying to attack through usb flash drive. it delivers high level of protection against theft and accidental revelation of confidential information, and prevents unauthorized person from stealing information.     





      • McAfee Device Control protects your data from falling into the wrong hands via removable storage devices and media, such as USB drives, It enables you to specify and categorize which devices may or may not be used, and enforce what data can and cannot be transferred to these devices.


                                                                                                                                                                                                                                                                       

        ( By:Ruba Alghamdi )              


      • Use Ninja Pendisk program that guard computers against USB viruses. When the USB plugged into the computer, it will check and detects harmful files or virulent files such as autorun.inf and ctfmon.exe and others .Also, ninja pendisk create a field called autorun.inf that has aspecial protection to the USB from injury again against attack USB.



      • Use USB Threat Defender which is an USB Anti-Virusit will protect the system from any USB attacks and it makes sure that all malwares get detected before they infect your system. Also, it removes all threats that already installed in your system.    
                         

                                                                                                                                                                                                                     (by: Rawan Sonbol)






      • Attacks that rely on additives such as USB devices are dangerous and harmful attacks. Disable autoplay feature or Autorun alone it is no longer sufficient, so use the firewall to protect the computers.
      • Backup. In the occasion you need to reformat your whole PC, a great reinforcement will ensure you can completely recoup and restore your documents, and it will lessen, or mitigate, any harm done by an infection Sources.: Wiki how, BBC, McAfee, Microsoft.
                                                                    (By: Hayat Aldhahri)


                                                                                                                                                                                     



      • use auto run protector, Auto run infection remover. Auto run infection remover utilization proactive engineering organization to lasting press fabric uproot autorun & autorun. Inf viruses, Additionally it might piece the individuals infections attempting with taint those framework through USB streak drives. 


      • use USB Guardian. it is permits you on securely appreciate record offering for USB thumb drive. Movies, MP3s, documents Also portraits camwood make replicated from person machine should an alternate without worrying of getting contaminated by worms and infections trounce USB drive. 
                                                                 (By:Raghad Almehdar)



      •  use usb immunize,The lmmunize choice permits you to lmmunize your USB capacity gadget or sd card against infections for autorun-based malware. Regardless of your capacity gadget need been stopped under a contaminated computer, the malware will make unabated with make its autorun. Inf file, accordingly destroying any risk of auto-launching itself. 

      • The USB program is outlined will help prevent Pcs constantly contaminated Toward autorun infections. The program may be stacked under framework memory, and actually it naturally renames autorun. Inf files with respect to new gadget under autorun. Inf_current date_time, Furthermore sets its quality on “normal”, making it noticeable to those framework. Likewise a result, it detaches whatever contamination

        •
                                                                  (By:Rahaf Alansari)

      3 comments:

      Subscribe to: Posts (Atom)