Participation of King Abdulaziz Royal Reserve at ADIHEX 2022 in Abu Dhabi Concluded    SFDA Wins "Prism Award" for Best Entity Applying Practices to Enhance HR Leadership Skills    12th International Valuation Conference Kicks off with Wide International Participation    KSrelief Distributes 455 Food Baskets in Khartoum State, Sudan    General Commission for Audiovisual Media, Snapchat Launch Family Center    Chairman of Board of Directors of Saudi Esports Federation Highlights the National Gaming and Esports Strategy    Saudi Arabia retains its seat in ITU Council by international consensus    RCU launches Safar art exhibition at AlUla airport    Umrah companies obligated to issue permits for its pilgrims    AlJadaan: Leaders of Gulf Countries are Keen for Gulf Cooperation Council to Reach Highest Levels of Economic Integration    Iran's supreme leader blames unrest on US and Israel    1.5m clients benefit from digital conveyance of title deeds service    Saudi Minister of Commerce Heads Delegation to Morocco, Discusses Enhancing Commercial, Investment Relations    Qatar Stock Exchange Ends Trading Higher    Saudi Stock Exchange Main Index Ends Trading Higher at 11,607.96 Points    King, Crown Prince congratulate German president on Unity Day    Saudi Arabia to host World Petroleum Congress in 2026    Jazan International Forum moots Saudi Coffee Day, Annual Coffee Award    Brazil election: Lula and Bolsonaro to face run-off    UK chancellor U-turns on plans to scrap tax rate    Record avian flu outbreak sees 48 million birds culled in UK and EU    Sultan Humanitarian City wins platinum award at 2022 Patient Safety Congress in Dubai    Fans 'died in the arms' of players in Indonesia stadium crush    Fans of Sydney United 58 condemned for Nazi salutes during Australia Cup final    Tadawul All Share Index Decreases by 0.79%, Equity Market Capitalization Reaches SAR 10,832.85 Billion at End of 1st Nine Months 2022    Asian Shares Mostly Lower    Weather Forecast for Monday    Al-Manea: Selling gold in installments is not permissible    174 dead in Indonesian football stadium crush    15 cups of Saudi coffee in a day are enough!    Riyadh hosts first Saudi Games on Oct. 27    19 women, 2 men qualify as Kingdom's first yogasana referees    Movies return to Kashmir with Hrithik Roshan-starrer    Body of famed US climber found on Mt Manaslu in Himalayas    Yoga introduced to Saudi universities    Islamic Minister Al-Sheikh: Juristic judgment catalyst to salvage Islamic Ummah    Culinary Arts Commission Registers 13 Foods on Slow Food List of Endangered Food    72% of Children Globally have been Victims of Cyber Threats    Saudi National Football Team Continues Preparations for Friendly Match against Ecuador    Saudi Futsal Team Beats San Marino, Wins Silver in Croatian International Championship    During 2nd Global AI Summit.. AI-powered Early Breast Cancer Detection Program Launched    Triple talaq: India Muslim women in limbo after instant divorce ruling    Film Commission Reviews Film Industry Prospects in Saudi Arabia at Venice International Film Festival    Saudi national volleyball team loses to Kyrgyzstan in Asian Challenge Cup final    Custodian of the Two Holy Mosques Delivers Speech to Pilgrims, Citizens, Residents and Muslims around the World    Sheikh Al-Issa in Arafah's Sermon: Allaah Blessed You by Making It Easy for You to Carry out This Obligation. Thus, Ensure Following the Guidance of Your Prophet    Custodian of the Two Holy Mosques addresses citizens and all Muslims on the occasion of the Holy month of Ramadan    Pilgrims Perform Dhuhr and Asr Prayers at Arafat Holy Site    

Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.

Cyber attacks said to be initiated by email
Published in The Saudi Gazette on 25 - 01 - 2017

JEDDAH – Industry sources revealed that some 5 to 10 public and private organizations have been impacted by the second Shamoon virus attack, a aggressive disk-wiping malware, on Monday.
Research shows the attack took place at 4 a.m.
While it's not confirmed that this is the same variant of the Shamoon malware which attacked Saudi Arabian organizations in the past, the infection patterns, file creation and lateral movement is identical to the pattern documented by Palo Alto Networks in those previous instances, sources said.
The initial infection came through an email attachment.
The malware infected systems, possibly via stolen or weak credentials, and then stayed dormant for some time until it was capable of causing maximum damage.
The virus follows the same destructive pattern as in the past where machines have their partition tables deleted and only a complete system restore will be able to recover the IT environment.
"Email has always been a major infection vector and organizations need to implement technologies and also enforce policies that safeguard against malicious email attachments," said Nicolai Solling, CTO at Help AG, a cyber security services, solutions and consultancy provider.
"Similar to the attack that occurred in December 2016, this malware lay dormant and executed at 4 a.m., when most in-house IT teams aren't at work. This highlights the need for 24x7 monitoring of security events so as to react to and tackle them as soon as possible thereby mitigating their impact," he added.
"A successful defense is to utilize solutions such as OPSWAT Metadefender which secures emails by utilizing multiple malware inspection engines and reconstructs data without potential weaponized document features," he explained. "As an example, it could remove macro's, scripts or calls to external applications from inside an Office document."
Warnings circulated on social media since Monday about banks, ministries and private entities under cyber attack.
However, software company Symantec revealed a new cyberespionage group called Greenbug that targets Middle East organizations to have possible links to Shamoon during investigations.
Symantec further noted that investigations reveal a possibility Greenbug could be responsible for getting Shamoon the stolen credentials enabling the attack.
According to research, the group uses a custom information-stealing remote access Trojan (RAT) known as Trojan.Ismdoor as well as a selection of hacking tools to steal sensitive credentials from compromised organizations.
Links were not fully confirmed, however.
As threats arise, CEOs and organization leaders in the region will revamp and boost their cyber security strategies, according to Charles Habak head of financial services at Booz Allen Hamilton who predicted digital bank trends for 2017.
"Financial institutions that are ahead of the curve and effectively embed cyber security into their risk frameworks will invest significantly in building the right capabilities and governance structures," he said.
"These, in turn, will equip them to preemptively address incidents that could potentially damage their operations as well as reputation."
The last Shamoon attack took place last November and the major attack before that took place in Saudi Arabia's energy sector in 2012.
One expert as cited on Alekhbariya local news network said such cyber attacks could cost the Kingdom SR2.8 billion in losses.

Clic here to read the story from its source.