Shamoon incident at Aramco Case Study Example | Topics and Well Written Essays - 1000 words

Shamoon incident at Aramco - Case Study ExampleThis was the first malware purposed by the hacktivism front and hence the companys network was not in a position to cope the complexity of this virus. Indeed, unlike other malware whose impact cannot overcome the antivirus set in the companys network, the engineering used in Aramco was way below that of the hackers. The network system in Aramco gainers security to theft of info but has no capacity to handle annihilation manifested by Shamoon. In addition, the companys anti-hacking and firewall package is incapable to deal with such technologically advanced malware like Shamoon. Moreover, the companys IT and computer systems policies have a bun in the oven a canvass. Sadly, the network system of Aramco allows multiple users to access both unclassified and classified information at the same time, which jeopardizes the security of the system as seen in the Shamoon firing. In addition, Aramcos network allows its employees and expatri ate employees to put across information systems and then divulge such information that acts as leeway to cyber-attacks. Indeed, the company needs to review and update its IT policies and computer systems for purposes of dealing with such complicated malware as Shamoon (Mashat, 2012, p.1). Otherwise, the ease to access, lack of proper authorization, and use of ancient anti-hacking and firewall software, jeopardizes the security of Aramcos network system. How the Attack Happened One group of hackers has claimed responsibility over the Shamoon attack on Aramco. The group, Cutting Sword of Justice asserts that the cyber-attack took place beginning Wednesday, Aug 15, 2012 at 1108 AM and was unadulterated within a few hours (Fisher, 2012, p.1). Although, this information is not certain, there are clear indications that lead to this assertion. Indeed, in the same day after Cutting Sword of Justice asserted this, Saudi Aramco support that pop of its computer system used by its employees is under cyber-attack courtesy of a computer virus. Alternatively, several antivirus vendors Kaspersky Lab, Symantec, McAfee confirmed the existence of such a virus and named it Shamoon or Disttrack (Higgins, 2012, P. 16). Indeed, the hackers took the virus from another computer package and dropped it off in the Aramcos computer system. We may need to define the details of this virus to reinforce our intellect on how this attacked happened. Shamoon or Disttrack is a legitimate software driver with a digital signature inside(a) its package. Specifically, the virus is referred to as W32. Disttrack and ha distinct security components. Indeed, W32.Disttrack has a dropper that played a study role in creating and providing the original infection. Subsequently, the dropper significantly dropped other modules in initiating the attack. In addition, the W32.Disttrack has a wiper whose main responsibility in the attack was to destroy the network of target system, Aramco. Moreover, the wip er has the capability to enable user-mode applications to read and write to disk sectors of other systems (Secretary of Defense Leon E. Panetta, 2012, n. p). As such, it is most applicable in overwriting the computers sea captain Boot Record. Indeed, the wiper deleted all the existing drivers and overwrote the signed one in Aramcos network. Most significantly, the W32.Disttrack entails a reporter, which was significant in reporting the success of the attack to the attacker. The reporter takes back all the details