Insiders suspected in Saudi Aramco cyber attack | SciTech | GMA News Online | The Go-To... - 0 views
-
Hackers from a group called "The Cutting Sword of Justice" claimed responsibility for the attack. They say the computer virus gave them access to documents from Aramco's computers,
-
the group said Saudi Aramco was the main source of income for the Saudi government, which it blamed for "crimes and atrocities" in several countries, including Syria and Bahrain.
- ...9 more annotations...
-
According to analysis of Shamoon by computer security firm Symantec, the way the virus gets into networks may vary, but once inside it tries to infect every computer in the local area network before erasing files to render PCs useless.
-
Yet those sources say such protections could not prevent an attack by an insider with high-level access.
-
Saudi Aramco has said that only office PCs running Microsoft Windows were damaged. Its oil exploration, production, export, sales and database systems all remained intact as they ran on isolated and heavily protected systems.
-
Because the virus wiped the hard drives, it is difficult for Saudi Aramco to determine exactly what information the hackers obtained.
-
The hackers behind the Shamoon attack siphoned off data from a relatively small number of computers, delivering it to a remote server
-
It is standard industry practice to shield plant operating networks from hackers by running them on separate operating systems that are protected from the Internet.
-
Saudi Arabias national oil company, Aramco, was attacked by a computer virus, Shamoon, and it is suspected that an insider or employee assisted the hackers. The virus spread through the network and infected about 30,000 PC business computers and wiped their hardrives. This is one of the worst attacks against a single business. The hackers who claimed responsibility, The Cutting Sword of Justice, were politically motived. The companies more important documents including plant operating networks were not affected by the virus because they were on a separate and higher security network. Recently, other Middle Eastern natural gas firms with relations to Saudi Arabia have been hit by cyber attacks. Because the Aramco hackers admitted their motives against the Saudi Arabian government income sources, I think that all the cyber attacks may be politically motivated. As a Middle Eastern oil company with relations to Saudi Arabia, this is a major indication to take precautionary measures and increase network security. This attack demonstrates that no matter how much security you have in place, if an insider is willing to assist hackers or provide hackers with necessary information, you are no longer protected. It would seem imperative that employees with this access are chosen carefully or network access is very limited.