StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Awareness of Current Events: Saudi Aramco Attack - Case Study Example

Cite this document
Summary
This case study "Awareness of Current Events: Saudi Aramco Attack" discusses a virus recognized as Shamoon that was deployed to Saudi Aramco in August 2012, infected workstations, deleting almost 75% of hard drive data of company computers at Aramco, the world’s leading oil and gas producers…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER92.7% of users find it useful

Extract of sample "Awareness of Current Events: Saudi Aramco Attack"

WАRЕNЕSS ОF СURRЕNT ЕVЕNTS By Name Course Instructor Institution City/State Date Saudi Aramco Attack Introduction When it was formed, the Internet was initiated as a confidential martial test, but today it is an extensively employed means that has an enormous amount of functions. Modern cyber attacks on Saudi Aramco, denial-of-service (DDoS) attacks on numerous major U.S. based banks and the RasGas Qatari based gas firm. Provides clear validation that the combat zone is changing to a linear front from a three-dimensional, and this propensity may as well cause largely a radical shift of warfare principles (Mahdi, 2012). Regardless of the apparent development of life values, which this hi-tech revolution came with, the enormous reliance on computers might open a novel page of warfare conduct. This is for the reason that the global law is vulnerable to restraints compelled prior to the arrival of cyber attacks, which is one of the most substantial quandaries at the moment. Cyber attack is a threat posed by unreliable or criminal actions of computer users manipulating the widespread utilisation of computer networks. Cyber attack use malevolent code to modify computer logic data, or code causing unruly outcomes that can compromise information and steer cybercrimes, like information theft (Reuters, 2012). In addition, it poses a serious threat to the security, integrity and quality of enterprise data systems; thus, makes the establishment of efficient security methods as a top preference. Arguably, most computer crimes entail criminal activities that are custom in nature such as defamation, forgery, fraud, and mischief. Crimes that fundamentally target computer devices or network include computer virus, malicious and malware code, and denial-of-service attacks. Case Study: Saudi Aramco attack A virus recognized as Shamoon was deployed to Saudi Aramco in August 2012, infected workstations, deleting almost 75% of hard drive data of company computers at Aramco, the world’s leading oil and gas producers. In essence, users searching for a manuscript or worksheet rather found a burning image of American flag (Leyden, 2012). The virus, named after a phrase in its code, was intended to overwrite vital files with a burning image of an American flag. The researchers investigating the attack found out instructions in Shamoon’s code, what is recognized as a “kill timer.” Luckily, the attack influenced just the corporate internal network on more than 30,000 computers and not the systems that administer production of oil. Cyber attack experts held the view that the attack trail of the Saudi Aramco cyber-attack obviously pointed to managerial and confidential accounts as the precedence aim for assailants wanted to permeate and damage vital infrastructure. Essentially, the Shamoon virus spread through the corporate network and wiped PCs hard drives spotless. However, Saudi Aramco alleged that the damage was restricted to administrative center PCs and did not influence systems software that could have damaged technical processes. Afterwards, hackers calling themselves “Cutting Sword of Justice" confirmed their accountability for the attack, claiming that their purposes were politically motivated and that the virus helped them gain access to manuscripts from Aramco's PCs, which they threatened to make public (Infosecurity, 2012). However, to date no documents have been published even after posting an official statement on the online board on the very day the files were wiped, blaming Saudi Arabia for "felonies and mayhem" in numerous countries, including Bahrain and Syria. Soon after Aramco endured cyber attack, Symantec, the world’s leading Internet security companies discovered a novel form of virus which was attacking a international energy company, but did not purposely name Aramco. Symantec described the virus as a “disparaging malware that damages files on a compromised PC and overwrites the Master Boot Record (MBR) in an attempt to make a PC impracticable (Fergusson, 2012). Arguably, US intelligence bureaucrats had broached the assail on Iran, with Leon E. Panetta one time Secretary of Defence raising a fantasm of a treacherous, cyber ware provoking, infrastructure closure in a “cyber Pearl Harbor” if the globe fails to pursue the caveat shot severely (Infosecurity, 2012). Aramco management held the opinion that the attack was aimed at the company production, bearing in mind the fact that Aramco supplies 10% of the world’s total oil. Yet, the attackers were unsuccessful to disrupt production, but it remained to be one of the most disparaging hacker strikes against one company. According to Aramco’s vice president for corporate planning, the key objective in this attack was to halt the oil and gas flow to domestic and global markets. Debatably, internal ministry spokesperson posited that the attack was targeted on Saudi economy, bearing in mind that Saudi Arabia's economy is profoundly reliant on oil. Statistically, export incomes from oil account an estimated 80 to 90 percent of total Saudi incomes and higher than 40 percent of the country's GDP. The hackers claimed that they let loose a malignant virus into Saudi Aramco Company, in vengeance for what they claimed was the regime’s brace for “tyrannical events” in the Middle East. Furthermore, the hackers proved they had damage over 75% of Aramco’s workstations by posting blocks of what they alleged were the tainted I.P. addresses on Pastebin, which is a Web site frequently employed by hackers to post information from cyber attacks (Reed, 2013). Technically, Shamoon commands compromised PCs to account their contagion back to a single I.P. address. Symantec’s researchers noted that the I.P. address belongs to a PC in the equivalent network as other compromised PCs, but not linked to the Internet. In this regard, it was uncertain how that PC had been primarily tainted and the fact that it was had no Internet connection lends credibility to rumors that the attack may have been made possible by a Saudi Aramco worker (Infosecurity, 2012). In this regard, the Saudi Aramco attack turned out to be the foremost noteworthy application of malware in a purported hacktivist assails, wherein hackers aim a corporation for protest reasons instead for earnings. Previously, hacktivists employed application or disseminated denial of service (DDoS) assails wherein they congest a Website with traffic till it plunges offline. According to Fergusson (2012), hacktivists hardly ever employ malware; thus the fact that Aramco’s hackers employed malware is a skittish trend and if any other hacktivists uses this it could be extremely treacherous. Fergusson (2012) further notes that the attack underlined the vanity of the antivirus resolutions that are invented to guard computer systems against malware attacks hence, antivirus is a remnant of the times of yore. Reed (2013) argues that the utilization of malware activated numerous speculations on the Internet that the authentic perpetrator behind the Saudi Aramco assail was Iran. In the previous years, it became extremely trendy to distinguish the U.S., Chinese, and Israeli administrations for cyber-warfare, but this occasion (Aramco) it was hacktivists operational for a prejudiced and social reason. In essence, a group of hacktivists with numerous extremely decisive hackers and developers attained outcomes comparable to what we have purportedly observed governments achieve (Infosecurity, 2012). The company tackled the threat instantly, and their defensive practices, which were enacted to respond to such threats as well as their manifold defensive systems, assisted Aramco to alleviate these terrible cyber threats from strengthening (Reed, 2013). Furthermore, Saudi Aramco has pledged to further strengthen its protection, which is shrewd, given that a sole virus managed to taint so many of its computers. In this regard, the management has vowed to ensure that they further add force to their systems with all accessible way to defend against a repetition of such cyber-attack. What’s more, Saudi Aramco blocked all remote access and isolated all electronic systems from external access as a premature defensive measure that was in use subsequent to an unexpected interruption that influenced some of the sectors’ electronic network. However, the risk is still there since the hacktivist group behind the Saudi Aramco attack have vowed to persist their assails against other companies like Saudi Aramco who they feel are tyrannical to bordering nations. Recommendations Saudi Aramco can use Cyber War games to prevent themselves from future cyber attacks, and the approach simulates an actual business scenario, which entails actual participants, and can assist organizations speckle technical susceptibility while attaining priceless perception based on how the Saudi Aramco managers will react. Cyber war games approach generates intuition; based on security susceptibility and data assets, whereby cyber attackers can manipulate, and defects that surpass the company ability to react on the attack. Besides that, the critical examination needed to design pertinent war games scenarios, expedites debate amid business and security administrators concerning responsibility and information assets types vital in attack implications. In addition, war games strategy is productive since it makes the organization ready to secure against an aimed cyber attack, and comprehend the real effect of an attack when it transpires. Consequently, the strategy recognizes and forecast cyber attacks mechanisms and targets; however, it requires intelligence on the developing threat platform connected with definite intellect to the organization. Arguably, some reports suggest that the attack was launched by Saudi Aramco worker; thus, the management should design defense controls that function in a coupled structure that manipulates computer-established connection to increase human analysis. This can be achieved by connecting controls across networks, endpoints, and information. References Read More

Soon after Aramco endured cyber attack, Symantec, the world’s leading Internet security companies discovered a novel form of virus which was attacking a international energy company, but did not purposely name Aramco. Symantec described the virus as a “disparaging malware that damages files on a compromised PC and overwrites the Master Boot Record (MBR) in an attempt to make a PC impracticable (Fergusson, 2012). Arguably, US intelligence bureaucrats had broached the assail on Iran, with Leon E.

Panetta one time Secretary of Defence raising a fantasm of a treacherous, cyber ware provoking, infrastructure closure in a “cyber Pearl Harbor” if the globe fails to pursue the caveat shot severely (Infosecurity, 2012). Aramco management held the opinion that the attack was aimed at the company production, bearing in mind the fact that Aramco supplies 10% of the world’s total oil. Yet, the attackers were unsuccessful to disrupt production, but it remained to be one of the most disparaging hacker strikes against one company.

According to Aramco’s vice president for corporate planning, the key objective in this attack was to halt the oil and gas flow to domestic and global markets. Debatably, internal ministry spokesperson posited that the attack was targeted on Saudi economy, bearing in mind that Saudi Arabia's economy is profoundly reliant on oil. Statistically, export incomes from oil account an estimated 80 to 90 percent of total Saudi incomes and higher than 40 percent of the country's GDP. The hackers claimed that they let loose a malignant virus into Saudi Aramco Company, in vengeance for what they claimed was the regime’s brace for “tyrannical events” in the Middle East.

Furthermore, the hackers proved they had damage over 75% of Aramco’s workstations by posting blocks of what they alleged were the tainted I.P. addresses on Pastebin, which is a Web site frequently employed by hackers to post information from cyber attacks (Reed, 2013). Technically, Shamoon commands compromised PCs to account their contagion back to a single I.P. address. Symantec’s researchers noted that the I.P. address belongs to a PC in the equivalent network as other compromised PCs, but not linked to the Internet.

In this regard, it was uncertain how that PC had been primarily tainted and the fact that it was had no Internet connection lends credibility to rumors that the attack may have been made possible by a Saudi Aramco worker (Infosecurity, 2012). In this regard, the Saudi Aramco attack turned out to be the foremost noteworthy application of malware in a purported hacktivist assails, wherein hackers aim a corporation for protest reasons instead for earnings. Previously, hacktivists employed application or disseminated denial of service (DDoS) assails wherein they congest a Website with traffic till it plunges offline.

According to Fergusson (2012), hacktivists hardly ever employ malware; thus the fact that Aramco’s hackers employed malware is a skittish trend and if any other hacktivists uses this it could be extremely treacherous. Fergusson (2012) further notes that the attack underlined the vanity of the antivirus resolutions that are invented to guard computer systems against malware attacks hence, antivirus is a remnant of the times of yore. Reed (2013) argues that the utilization of malware activated numerous speculations on the Internet that the authentic perpetrator behind the Saudi Aramco assail was Iran.

In the previous years, it became extremely trendy to distinguish the U.S., Chinese, and Israeli administrations for cyber-warfare, but this occasion (Aramco) it was hacktivists operational for a prejudiced and social reason. In essence, a group of hacktivists with numerous extremely decisive hackers and developers attained outcomes comparable to what we have purportedly observed governments achieve (Infosecurity, 2012). The company tackled the threat instantly, and their defensive practices, which were enacted to respond to such threats as well as their manifold defensive systems, assisted Aramco to alleviate these terrible cyber threats from strengthening (Reed, 2013).

Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(Awareness of Current Events: Saudi Aramco Attack Case Study Example | Topics and Well Written Essays - 1500 words, n.d.)
Awareness of Current Events: Saudi Aramco Attack Case Study Example | Topics and Well Written Essays - 1500 words. https://studentshare.org/information-technology/2091265-awareness-of-current-events-saudi-aramco-attack
(Awareness of Current Events: Saudi Aramco Attack Case Study Example | Topics and Well Written Essays - 1500 Words)
Awareness of Current Events: Saudi Aramco Attack Case Study Example | Topics and Well Written Essays - 1500 Words. https://studentshare.org/information-technology/2091265-awareness-of-current-events-saudi-aramco-attack.
“Awareness of Current Events: Saudi Aramco Attack Case Study Example | Topics and Well Written Essays - 1500 Words”. https://studentshare.org/information-technology/2091265-awareness-of-current-events-saudi-aramco-attack.
  • Cited: 0 times

CHECK THESE SAMPLES OF Awareness of Current Events: Saudi Aramco Attack

The Current Talent Management Strategy at Any Well-Known Organization in Saudi Arabia

16 Pages (4000 words) Essay

Assessing The Impact Of Saudi Aramcos Appraisal System On Its Employees' Morale And Performanc

hellip; Industrial Security, an Administration Area in saudi aramco, found that about 50 percent of employees are not punctual.... In their letter to various Senior Vice Presidents of saudi aramco, Human Resource Department also noticed that almost all non-Saudi employees resign once they receive better jobs offer.... n light of Industrial Security letter and Human Resources findings, it is clear that the employees' commitment and morale is at unprecedentedly low level and as a result, saudi aramco management's new challenge is to motivate, recognize, increase self-belonging and reward their employees properly to ensure their optimum productivity....
30 Pages (7500 words) Essay

Research paper:The imapact of appraisal system on the productivity and morale on saudi Aramco employees

A number of HR and performance appraisals processes are present at saudi aramco, one of the world's largest oil corporations.... A self-addressed questionnaire was designed and circulated amongst a representative sample of 397 employees and data was collected upon 37 motivational items with respect to performance appraisal systems at saudi aramco.... Upon data analysis, it was seen that saudi aramco employees have low confidence in performance management systems and are often ambiguous about their roles and responsibilities in the organization....
55 Pages (13750 words) Research Paper

The Impact of Human Resource Development Programs on Employee Performance

The study determined that saudi aramco employs a best-fit approach to its human resources management, allowing for the gradual and continuous development of HRD policies and practices in the areas of motivation, rewards management, and performance management and appraisal.... The dissertation examines specific aspects of the human resource management of one of the world's largest oil firms, aramco, in order to establish the extent to which HRM practices and policies are perceived by the company's internal stakeholders....
81 Pages (20250 words) Essay

Necessary Features for a Business Website

The study focused on the websites of saudi aramco and Marathon Petroleum Corporation for similarities and differences.... For illustration, the information presented on saudi aramco's website reveals it is a state-owned company.... Mazen Alqethamy has 4 years of customer service experience with the saudi French Bank, where he was responsible for handling various customer issues and providing suitable solutions.... Mazen Alqethamy worked with Toyota in saudi Arabia managing customer accounts, which has given… With Alqethamy's experience, he would make a great fit for complete Bachelors of Art in Organizational Communications major at the University of Findlay....
27 Pages (6750 words) Essay

Importance of Collaborating Employees towards Attainment of Saudi Aramco Company

The paper "Importance of Collaborating Employees towards Attainment of saudi aramco Company" discusses that the saudi aramco employs numerous employees who primarily account for cultural differences and hurdles.... The present project aims to discuss and evaluate the talent management strategy undertaken in saudi aramco....
18 Pages (4500 words) Research Paper

Impact of Price Changes on the Brand Equity of Toyota in Saudi Arabia

Since the cost of fast-moving items are relatively cheaper as compared to durable items, the research findings presented in these studies may not be applicable in the case of Toyota in saudi Arabia.... n relation to the impact of price changes over the purchasing habit of consumers, this study will seek to determine how consumers would respond to a sudden price adjustment in Toyota vehicles in saudi Arabia.... Indrayani, Siringoringo and Saptariani (2008) analyzed the impact of price changes on customers' brand loyalty sensitivity whereas Villarejo-Ramos and Sanchez-Franco (2005) tested the impact of price promotion and marketing communications on several dimensions of brand equity such as brand awareness, brand image, brand loyalty, and perceived quality....
61 Pages (15250 words) Essay

Environment Regulation in Saudi Arabia

In the research paper “Environment Regulation in saudi Arabia” the author analyzes the current system of enacting environmental regulations and the decision making process.... hellip; he author states that there are three crucial that drive environmental policies in saudi Arabia.... After a comprehensive analysis of the public and private institutions in saudi Arabia, it is apparent that know-how of the legal framework is lower than what one expects....
16 Pages (4000 words) Research Paper
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us