WELCOME TO THE CONTINUITY CENTRAL ARCHIVE SITE

Please note that this is a page from a previous version of Continuity Central and is no longer being updated.

To see the latest business continuity news, jobs and information click here.

Business continuity information

Hacktivism proves to be a very real threat to business continuity

On 25th August Saudi Aramco, the world’s largest oil company, reported that it had restored all its main internal network services after they were impacted on August 15th by a malicious virus introduced by an external source. Responsibility for the attack was claimed by a group of hacktivists.

Saudi Aramco said that the attack affected around 30,000 workstations. These have since been cleaned and restored to service. As a precaution, remote Internet access to online resources was restricted as Saudi Aramco employees resumed normal business.

The company confirmed that its primary enterprise systems of hydrocarbon exploration and production were unaffected as they operate on isolated network systems. Production plants were also fully operational as these control systems are also isolated.

“We addressed the threat immediately, and our precautionary procedures, which have been in place to counter such threats, and our multiple protective systems, have helped to mitigate these deplorable cyber threats from spiraling,” said Khalid A. Al-Falih, president and CEO, Saudi Aramco.

“Saudi Aramco is not the only company that became a target for such attempts, and this was not the first nor will it be the last illegal attempt to intrude into our systems, and we will ensure that we will further reinforce our systems with all available means to protect against a recurrence of this type of cyber-attack,” Al-Falih added.

Rob Rachwald, director of Security Strategy at Imperva commented on the Saudi Aramco attacks:

"In the past, hacktivists have typically used application or distributed denial of service (DDoS) attacks - in which they clog a website with traffic until it goes offline. However, the attack on Saudi Aramco is the first significant use of malware in a hacktivist attack. Hacktivists rarely use malware, if other hacktivists jump on this trend it could become very dangerous.

“The hackers infected 30,000 PCs, which represents a 75 percent infection rate of all the company's computers. The attack has highlighted the ineffectiveness of the antivirus solutions that are supposed to protect computer systems against malware threats. Evidence continues to pile up for the need for a new security model.

“However, one should not miss the key evolutionary step this attack represents. In the last couple of years, it became very popular to single out the Chinese, US and Israeli governments for cyber-warfare. However, with the Aramco attack, it wasn’t a government, it wasn’t an agency nor a company. This time it was hacktivists working for a political and social cause. In other words, a group of hobbyists and hacktivists with several very strong minded developers and hackers achieved results similar to what we have allegedly seen governments accomplish. Does this mean that the power of the hacktivism has become so strong that it can compete with government cyber warfare organizations?"

•Date: 29th August 2012 • World •Type: Article • Topic: ISM

Business Continuity Newsletter Sign up for Continuity Briefing, our weekly roundup of business continuity news. For news as it happens, subscribe to Continuity Central on Twitter.
   

How to advertise How to advertise on Continuity Central.

To submit news stories to Continuity Central, e-mail the editor.

Want an RSS newsfeed for your website? Click here