Ybersecurity Breach Case Studies, 6 Pages

Cybersecurity Breach Case Studies Name Institution Page Break Cybersecurity Breach Case Studies Introduction Cybersecurity breaches have become rampant in the modern world, with the malicious users targeting huge corporations and government websites in a bid to execute their ill intentions. Ideal examples of such breaches that have been witnessed in the Middle East include the cyber-attack on Saudi Aramco, the security breach on the Qatar National Bank, and the attack on the Bangladesh National Bank (IQPC, 2015). Cases To present further elaboration for the different cyber breach case studies in the Middle East, it is worth noting that the cyber-attack on the state-owned Saudi Aramco. The incident took place on 15th August 2015, when hackers gained access to the company's systems, leading to the infection of over 30,000 workstations and crippling the organization's operations. The installation of sufficient security measures could have prevented the breach, and the organization ought to implement such to prevent similar events in the future.It is imperative to note that the organization is the largest global oil company with the highest value. As such, in August 2015, the company’s computer network was hit with harmful computer virus known as Shamoon; whose effects would eventually be termed as the most devastating computer security breach on a company in history. On the morning of August 15, 2012, when the company's employees were off-duty attending the Laitat al Qadr, the attackers infiltrated the company's computer network system, infecting over 30,000 workstations with the virus Shamoon (Perlroth, 2012). It is imperative to note that the attack resulted in the massive erasure of the company’s data from the computers’ hard disks, an act which crippled the business’ operations for approximately two weeks during which they worked on a recovery program. Research has established that the virus was specifically designed to execute two activities, including the replacement of the company’s data on the computer hard drives with an image of a burning American flag and issue feedback on the identities of the infected computers (Perlroth, 2012). It has also been speculated that the launch of the attack on the company’s computer infrastructure could have been facilitated by an insider who had full access to the company’s computer system. As such, it is imperative to note that the virus could have been carried in a USB stick and inserted into a PC. However, the access by the hackers was gained when one of the company’s technicians clicked on a link that would eventually open the gateway for the hackers to access the company’s computer systems (Pagliery, 2015). Despite the business maintaining its oil production at 9.5 million barrels daily, the rest of the business operations were crippled. Such operations as supply and management were all operated manually over the period of the attack (Pagliery, 2015). Like in the case of preventing other cybersecurity breaches, the attack on the Saudi Aramco company could have been successfully prevented by the installation of various security mechanisms that would prevent the launch and success of the virus. First and foremost, the installation of advanced sniffers and network traffic analysis tools such as the HTTP sniffer would significantly help in the prevention of the menace. Such tools could detect and block the virus before executing its activities in the network. Moreover, the installation of advanced and updated firewalls and antivirus/ antispyware tools would also be useful for the prevention of the attack by detecting and blocking the virus before the launch of the adversary. It is also imperative to note that, the suspicion of an insider in the activity as well as the clicking on a bad link by a technician are critical points to formulate preventive measures for the incident. First, to prevent insider assistance for such activities, the company should encrypt all its PC ports to prevent the use of USB sticks other than those meant for business purposes. Also, they could have installed reliable antivirus applications to block the content of the stick (Bendovschi, 2015). Also, the use of antispyware in the company could always warn the company’s workers of harmful links before clicking on them. The organizatio...

Buy now to view the complete solution