Vous êtes sur la page 1sur 5

MODULE 4

December
Christopher
28,
Wilkins
2015

Assignment #4

Assignment #4

One of the largest computer breaches of all time was the hack of Saudi Aramco, one of
the worlds largest oil companies. As a result of this hack, 35,000 computers were either partially
wiped or completely destroyed. This caused the company to have to revert to old outdated
technology such as typewriters and fax machines. They lost their ability to record payments and
purchases and as a result they had to turn away gas trucks which were coming to refill. It
reportedly started when one employee opened an email and clicked on a bad link. This led to
files starting to disappear as well as computers starting to malfunction. In a panic, the company
started to disconnect all computers and hard drives from the internet in a hope to stop the virus
from spreading. They started to record almost everything on paper including supply
management, shipping processes, and contracts with government and business entities. They
implemented this disconnection strategy at data centers all over the world. While they were able
to keep their oil production steady at 9.5 million barrels per day, the company had to temporarily
stop selling oil to domestic oil trucks. In fact, the company eventually started giving away oil for
free in order to keep oil supplies steady within the country of Saudi Arabia.
This attack was carried out by a scam email containing a bad link. This is also known as
phishing. In my opinion, the perpetrator in this case should be classified as a cyber terrorist. They
were simply attempting to cause destruction to key infrastructure within this large company. In
fact, a group calling itself Cutting Swords of Justice claimed responsibility for the attack and
stated "This is a warning to the tyrants of this country and other countries that support such
criminal disasters with injustice and oppression," It is reported that they were firmly against the
strong support shown by Saudi Aramco towards Al Saud Royal Familys authoritarian regime.
This attack caused severe economic consequences both for the company and its clients.
However, it is possible that the attack could have been prevented. First, more intelligent

Assignment #4

computer usage could have resulted in the email never being opened by the technician. In
addition, better antivirus software may have been able to identify and disable the virus before it
infiltrated the system. Finally, if the company had done a better job of safeguarding their
information then they could have had data backed up so that they were not set so far behind
when they disconnected all of their current equipment from the Internet.
As a response to this attack and the loss of data and equipment, Saudi Aramco had to
make some very tough decisions in order to regain their footing. As stated above, they first went
completely offline in order to stop the virus from spreading. They then started reverting to
outdated technology in order to maintain current business operations. They then hired large
amounts of consultants and IT professionals in order to fix the problem. Finally, the company
used its tremendous wealth in order to stay afloat. They sent representatives directly to computer
factory floors all over Southeast Asia in order to purchase every hard drive being manufactured.
In an instant, the company bought 50,000 hard drives. In order to accomplish this massive
purchase in such short time, they had to pay a higher price so that they could have first priority
over computer companies throughout the world. Five months later the company was finally able
to come back online. Reportedly to date, no perpetrator has been identified or caught.
One attack which caused a great deal of economic loss and confusion was the breech of
Targets network. The perpetrator reportedly first gained access to Targets data by managing to
steal the username and password from one of Targets suppliers. The perpetrator was able to use
this access to move throughout Targets network and upload malware throughout different
databases. After uploading data-stealing software on a majority of Targets POS Systems, they
were able to steal data on approximately 40 million debit and credit cards. This attack led to

Assignment #4

severe economic repercussions for both Target and their customers. In addition, Frazio, the third
party company which was originally breeched, went offline following the attacks.
It is likely that the party responsible would either be described as a cracker or a
cybercriminal. There is no doubt that the perpetrator was seeking to steal information for
financial gain. However it is unclear as to the amount of resources at the perpetrators disposal.
The perpetrator was able to access Targets system because the third party had access to Targets
network. However, the access granted to the third party was not properly secured. While Target
officials insist that the attack was not stopped because of how sophisticated it was in nature,
specialists insist that the breech could have been prevented.
One of the main reasons Target was susceptible to this attack was because it failed to
properly segregate data systems handling payment information from the rest of its network. If
Target had a higher quality of antivirus software, it is entirely possible that this attack could have
been detected and prevented. In addition, safeguarding of information would have been another
defense against this type of attack. If customer payment data was not accessible throughout the
entire network, then this attack more than likely would have failed. Furthermore, if the company
had used an encryption technique then this attack could have been stopped. This would have
helped anyone steal a third parties log in information, as well as made it more complicated for
any perpetrator to access different areas of the network. Finally, knowledgeable computer usage
could have helped prevent this attack. If the network had originally been set up to segregate
sensitive information from the main network then the perpetrator would not have been able to
succeed in stealing payment information from customers.
As a result of this attack, Target had to take certain steps in order to avoid this scenario
from playing out again. For starters, they started to require better security from third party

Assignment #4
contractors so that it would be more difficult for a hacker to gain access to the main system. In
addition, they started to limit the network access provided to those parties in a hope to segregate
sensitive information from any fault in a third partys security.