Shamoon incident at Aramco Case Study Example | Topics and Well Written Essays - 1000 words

Shamoon incident at Aramco - Case Study ExampleThis was the first malware used by the hacktivism front and hence the companys meshwork was not in a position to handle the complexity of this virus. Indeed, unlike other malware whose impact cannot overcome the antivirus set in the companys network, the engineering used in Aramco was way below that of the hackers. The network system in Aramco offers security to theft of data but has no capacity to handle radioactive decay manifested by Shamoon. In addition, the companys anti-hacking and firewall software is incapable to deal with such technologically advanced malware like Shamoon. Moreover, the companys IT and computer systems policies submit a revaluation. Sadly, the network system of Aramco allows multiple users to access both unclassified and classified information at the same time, which jeopardizes the security of the system as seen in the Shamoon attack. In addition, Aramcos network allows its employees and expatriate employee s to run information systems and then divulge such information that acts as leeway to cyber-attacks. Indeed, the company learns to review and update its IT policies and computer systems for purposes of dealing with such complicated malware as Shamoon (Mashat, 2012, p.1). Otherwise, the ease to access, lack of proper authorization, and use of ancient anti-hacking and firewall software, jeopardizes the security of Aramcos network system. How the onrush Happened One group of hackers has claimed responsibility over the Shamoon attack on Aramco. The group, Cutting vane of Justice asserts that the cyber-attack took place beginning Wednesday, Aug 15, 2012 at 1108 AM and was tell apart within a few hours (Fisher, 2012, p.1). Although, this information is not certain, there are clear indications that lead to this assertion. Indeed, in the same day after Cutting Sword of Justice asserted this, Saudi Aramco support that part of its computer system used by its employees is under cyber-attac k courtesy of a computer virus. Alternatively, several antivirus vendors Kaspersky Lab, Symantec, McAfee confirmed the existence of such a virus and named it Shamoon or Disttrack (Higgins, 2012, P. 16). Indeed, the hackers took the virus from another computer package and dropped it off in the Aramcos computer system. We may need to define the details of this virus to reinforce our understanding on how this attacked happened. Shamoon or Disttrack is a legitimate software driver with a digital signature at bottom its package. Specifically, the virus is referred to as W32. Disttrack and ha distinct security components. Indeed, W32.Disttrack has a dropper that played a major role in creating and providing the original infection. Subsequently, the dropper significantly dropped other modules in initiating the attack. In addition, the W32.Disttrack has a wiper whose main responsibility in the attack was to destroy the network of target system, Aramco. Moreover, the wiper has the capabili ty to enable user-mode applications to read and write to disk sectors of other systems (Secretary of Defense Leon E. Panetta, 2012, n. p). As such, it is most applicable in overwriting the computers Master Boot Record. Indeed, the wiper deleted all the existing drivers and overwrote the write one in Aramcos network. Most significantly, the W32.Disttrack entails a reporter, which was significant in reporting the success of the attack to the attacker. The reporter takes back all the details