We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Nobody downloaded yet

Shamoon incident at Aramco - Case Study Example

Comments (0)
Shamoon Incident at Aramco 30th, November, 2012 Network Issues That Led To Shamoon Incident at Aramco Saudi Aramco is the world's largest single energy-sector organization that exports crude oil and the reference government claims ownership…
Download full paper

Extract of sample
Shamoon incident at Aramco

Download file to see previous pages... This was the first malware used by the hacktivism front and hence the company’s network was not in a position to handle the complexity of this virus. Indeed, unlike other malware whose impact cannot overcome the antivirus set in the company’s network, the technology used in Aramco was way below that of the hackers. The network system in Aramco offers security to theft of data but has no capacity to handle annihilation manifested by Shamoon. In addition, the company’s anti-hacking and firewall software is incapable to deal with such technologically advanced malware like Shamoon. Moreover, the company’s IT and computer systems policies require a review. Sadly, the network system of Aramco allows multiple users to access both unclassified and classified information at the same time, which jeopardizes the security of the system as seen in the Shamoon attack. In addition, Aramco’s network allows its employees and expatriate employees to run information systems and then divulge such information that acts as leeway to cyber-attacks. Indeed, the company needs to review and update its IT policies and computer systems for purposes of dealing with such complicated malware as Shamoon (Mashat, 2012, p.1). Otherwise, the ease to access, lack of proper authorization, and use of ancient anti-hacking and firewall software, jeopardizes the security of Aramco’s network system. How the Attack Happened One group of hackers has claimed responsibility over the Shamoon attack on Aramco. The group, Cutting Sword of Justice asserts that the cyber-attack took place beginning Wednesday, Aug 15, 2012 at 11:08 AM and was complete within a few hours (Fisher, 2012, p.1). Although, this information is not certain, there are clear indications that lead to this assertion. Indeed, in the same day after Cutting Sword of Justice asserted this, Saudi Aramco confirmed that part of its computer system used by its employees is under cyber-attack courtesy of a computer virus. Alternatively, several antivirus vendors Kaspersky Lab, Symantec, McAfee confirmed the existence of such a virus and named it Shamoon or Disttrack (Higgins, 2012, P. 16). Indeed, the hackers took the virus from another computer package and dropped it off in the Aramco’s computer system. We may need to define the details of this virus to reinforce our understanding on how this attacked happened. Shamoon or Disttrack is a legitimate software driver with a digital signature inside its package. Specifically, the virus is referred to as W32. Disttrack and ha distinct security components. Indeed, W32.Disttrack has a dropper that played a major role in creating and providing the original infection. Subsequently, the dropper significantly dropped other modules in initiating the attack. In addition, the W32.Disttrack has a wiper whose main responsibility in the attack was to destroy the network of target system, Aramco. Moreover, the wiper has the capability to enable user-mode applications to read and write to disk sectors of other systems (Secretary of Defense Leon E. Panetta, 2012, n. p). As such, it is most applicable in overwriting the computer's Master Boot Record. Indeed, the wiper deleted all the existing drivers and overwrote the signed one in Aramco’s network. Most significantly, the W32.Disttrack entails a reporter, which was significant in reporting the success of the attack to the attacker. The reporter takes back all the details ...Download file to see next pagesRead More
Comments (0)
Click to create a comment
Incident Command System: Disaster Preparedness
Disaster preparedness can be termed as the state of readiness to contain the effects of a forecasted disaster event to mitigate the impact of the disaster. The impact includes loss of life, injury and damage to infrastructure and property. It means necessary steps are taken to offer rescue, relief, rehabilitation and all other necessary services after the disaster.
4 Pages(1000 words)Case Study
The Phoenix Supermarket Fire Incident
Victims and survivors of fire disasters are also known to suffer from psychological problems on top of the scars, wound and pain they suffer from the experience. It is stunning to realize that many supermarket fires, which are surprisingly common today, have striking similarities considering photos and reports taken from accident scenes.
7 Pages(1750 words)Case Study
Critical Incident Analysis Case Study
Although Jane was the patient I was caring for, this incident is related to her mother. In this assignment, no information will be utilized which could violate the healthcare informatics confidentiality issues, such as anonymity, confidentiality, and data protection.
15 Pages(3750 words)Case Study
Beslan Barricade Incident
Brief History of Russia: The issue at hand is a contemporary one and so the history that will be discussed would not go into much detail but rather would concentrate on the historical issues that have resulted in this heinous act of crime against humanity.
13 Pages(3250 words)Case Study
In this respect, as illustrated in Lochgelly Iron and Coal Co v McMullan [1934]1 "strict legal analysis" requires consideration for "the complex concept of duty, breach and damage thereby suffered by the person to whom the duty was owing". Thus, the claimants must illustrate a breach of duty by the defendant to illustrate liability, and consequently justify claims for damages.
5 Pages(1250 words)Essay
Incident Command Structure
This research project was conducted using descriptive research methodology. Research questions addressed the following: (a) How are other fire districts within Florida coping with reduced staffing issues as it relates to the requirements of an Incident Command Structure (b) What other industries possess skill sets similar to emergency response and damage assessment whose people could easily be trained and merged into an incident command structure (c) What knowledge base or experience levels are needed to perform efficiently as it relates to risk assessments (d) What methods are available to fund training for non-emergency personal to perform the needed duties of damage assessments (e) What
3 Pages(750 words)Case Study
Organisational Behaviour: Saudi Aramco
The point of view is that of Fire Instructor for the Fire Protection Department at Aramco, however, this position works with many different, diverse employees at the organization, thus from a cultural perspective, personal insights into what drives the organizational culture are used to describe the cultural make-up of Aramco.
15 Pages(3750 words)Article
Incident for Aids
These initiatives have recorded positive results, especially among white and middle-class males. Therefore, I support the philosophy that bringing them together to discuss the issue is an
2 Pages(500 words)Case Study
HRM INCIDENT 1 - Should He Be Fired
It ought to be done in an appropriate manner; as there is never an easy way to share hard information (Amos, 2008). This paper will analyze the criteria for deciding whether an employer
2 Pages(500 words)Case Study
Aramco project
Implementation of training and career development programs is therefore essential organizational success. The need for prioritizing of training and learning in
4 Pages(1000 words)Essay
Let us find you another Case Study on topic Shamoon incident at Aramco for FREE!
Contact us:
Contact Us Now
FREE Mobile Apps:
  • About StudentShare
  • Testimonials
  • FAQ
  • Blog
  • Free Essays
  • New Essays
  • Essays
  • The Newest Essay Topics
  • Index samples by all dates
Join us:
Contact Us