Insiders Facilitated Hack into Saudi Aramco’s Computers
Sources informed about an investigation into a hacking incident at Saudi Aramco the national oil enterprise of Saudi Arabia, in August 2012, state that an insider and a few other employees who had access to vital data possibly helped the attackers thus leading to the destruction of about 30,000 PCs installed in the company's premises, published reuters.com dated September 7, 2012.
Indeed, utilization of 'Shamoon,' one kind of PC-virus, for the hack, makes the attack a highly-damaging cyber-assault carried out on a single enterprise.
The malware, disseminated via company networks, erases everything from the hard drives. Meanwhile, according to Saudi Aramco, the virus' destruction occurred only on its office PCs while spared systems software which could have disrupted technical functions.
Also, having seemingly gained admission into a mole and with preparedness for accepting personal danger, the hackers simply demonstrate a remarkable happening inside a nation that bans public-dissent.
According to an informed person about the ongoing forensic study, the attack actually became possible with the help of somebody with inside knowledge as well as similar rights in the company. Reuter.com published this.
"The-Cutting-Sword-of-Justice," name of a hackers' gang, disclosed itself as the perpetrator of the cyber-assault, while warned it would publish replicas of the data-files it captured prior to damaging the computers completely. However, no file copy has yet been released.
Remarking about the above discussed assault, Information Security Analyst Todd Lewellen for CERT Insider Threat Center posted on the Insider Threat Blog of Carnegie Mellon Software Engineering Institute that whereas a few types of insider assaults might happen increasingly frequently within specific industry segments, there wasn't any segment that was free from such ill-intentioned employees. A brief examination of various industry segments showed simply the way insider assaults could indiscriminately occur across the entire private or public sectors, added Lewellen. SecurityWatch published this, September 2012.
Significantly, during one recent poll that Cyber-Ark Software conducted, it was observed that according to a good 71 percent company-managers, security threat was largely attributed to insiders. Conversely, a report on data-breaches from Verizon showed that actually organizations' own employees were responsible for just 4%-or-so of data-hacks.
Related article: Inqtana.d Installs on Macs Using Bluetooth
» SPAMfighter News - 17-09-2012