Saudi Stock Market Index Ends High At 12,182 Points    Attempt to Promote 1,016,000 Amphetamine Pills Thwarted in Taif    Saudi Fund for Development CEO Receives Sierra Leone's Foreign Minister    Public Investment Fund Launches "Savvy Gaming Group"    KSrelief Signs USD 10 Million Worth Agreement with UNICEF to Provide Basic Health Services for Mothers, Children in Yemen    Diriyah E-Prix 2-Time Champion Sam Bird Sets His Sight on More Triumph in 2022 Diriyah E-Prix    Asian Shares Mixed    [email protected]: Set to become world's technological and economic powerhouse    Royal Commission in Yanbu Achieves Arab Award for Operation and Maintenance    Minister of Islamic Affairs sponsors closing ceremony of 34th Virtual International Conference for Muslims of Latin America and Caribbean    IPA organizes 'Innovation and the Future of Government Work' conference on February 9    NDMC clears 43% of debts due for payment in 2022    Flying car cleared for takeoff, but you'll need a pilot's license    Crown Prince, Chan-o-cha reaffirm need to open a new chapter in Saudi-Thai relations    Deputy Ruler of Sharjah witnesses premiere of 'Narratives of the Place'    Dozens feared lost as 'smuggling' boat capsizes off Florida    Netherlands to ease Covid restrictions despite rising case numbers    What the grand Republic Day parade means to India    Unvaccinated man denied heart transplant by Boston hospital    15% jump in number of Saudis working in private healthcare sector    Sir Elton John postpones US shows after positive Covid-19 test    Bollywood's Shilpa Shetty cleared of obscenity over Richard Gere kiss    Egypt Records 1809 New Cases of COVID-19    Commerce Minister: Prime Minister of Thailand visit comes within Saudi Arabia's keenness to strengthen relations with countries of world    Minister of Justice Meets with His British Counterpart    Non-oil exports in Saudi Arabia increase by 26.1%    At least six killed in Cameroon stadium stampede    Al Hilal pays tribute to departing star striker Bafetimbi Gomis    General Court of Audit President Inaugurates 8th Conference for Internal Audit with Int'l Participation    UN chief calls for Olympic Truce to build 'culture of peace' through power of sport    Taylor Swift slams Damon Albarn over songwriting comments    Australian Open: Peng Shuai T-shirt ban reversed after outcry    Cirque du Soleil to establish an academy and regional office in Saudi Arabia    Omani National Football Team Arrives in Jeddah to Meet Saudi National Team    'Bab Al Hara' Director Bassam AlMulla passes away at 65    Saudi Handball Team Loses to Qatar in Main Round of 2022 Asian Men's Handball Championship    Eighth Season of ABB FIA Formula E World Championship to kick off in Diriyah    Riyadh's Qualitative Events Enrich its Winter, Attract World Attention    SFDA: Fat is a Source of Energy and Its Abundance is Linked to Chronic Diseases    Reflections on celebration of Christmas    Royal Commission for AlUla to Hold Custodian of the Two Holy Mosques Endurance Cup 2022, Richard Mille AlUla Desert Polo    Saudi Arabia's Pavilion at Expo 2020 Dubai Organizes a Dance Theatrical Show for Children    Saudi Arabia rebuffs UN resolution on 'sexual orientation'    Kabir Khan eyes on joint Indian – Saudi film projects    Pilgrims Perform Dhuhr and Asr Prayers at Arafat Holy Site    Council of Senior Scholars: Muslim Brothers' Group Don't Represent Method of Islam, rather only Follows its Partisan Objectives, Violating our Graceful Religion    Eid Al-Adha Prayer Performed at the Grand Holy Mosque    Pilgrims Perform Dhuhr and Asr Prayers in Arafat Holy Site    

Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.

Cyber attacks said to be initiated by email
Published in The Saudi Gazette on 25 - 01 - 2017

JEDDAH – Industry sources revealed that some 5 to 10 public and private organizations have been impacted by the second Shamoon virus attack, a aggressive disk-wiping malware, on Monday.
Research shows the attack took place at 4 a.m.
While it's not confirmed that this is the same variant of the Shamoon malware which attacked Saudi Arabian organizations in the past, the infection patterns, file creation and lateral movement is identical to the pattern documented by Palo Alto Networks in those previous instances, sources said.
The initial infection came through an email attachment.
The malware infected systems, possibly via stolen or weak credentials, and then stayed dormant for some time until it was capable of causing maximum damage.
The virus follows the same destructive pattern as in the past where machines have their partition tables deleted and only a complete system restore will be able to recover the IT environment.
"Email has always been a major infection vector and organizations need to implement technologies and also enforce policies that safeguard against malicious email attachments," said Nicolai Solling, CTO at Help AG, a cyber security services, solutions and consultancy provider.
"Similar to the attack that occurred in December 2016, this malware lay dormant and executed at 4 a.m., when most in-house IT teams aren't at work. This highlights the need for 24x7 monitoring of security events so as to react to and tackle them as soon as possible thereby mitigating their impact," he added.
"A successful defense is to utilize solutions such as OPSWAT Metadefender which secures emails by utilizing multiple malware inspection engines and reconstructs data without potential weaponized document features," he explained. "As an example, it could remove macro's, scripts or calls to external applications from inside an Office document."
Warnings circulated on social media since Monday about banks, ministries and private entities under cyber attack.
However, software company Symantec revealed a new cyberespionage group called Greenbug that targets Middle East organizations to have possible links to Shamoon during investigations.
Symantec further noted that investigations reveal a possibility Greenbug could be responsible for getting Shamoon the stolen credentials enabling the attack.
According to research, the group uses a custom information-stealing remote access Trojan (RAT) known as Trojan.Ismdoor as well as a selection of hacking tools to steal sensitive credentials from compromised organizations.
Links were not fully confirmed, however.
As threats arise, CEOs and organization leaders in the region will revamp and boost their cyber security strategies, according to Charles Habak head of financial services at Booz Allen Hamilton who predicted digital bank trends for 2017.
"Financial institutions that are ahead of the curve and effectively embed cyber security into their risk frameworks will invest significantly in building the right capabilities and governance structures," he said.
"These, in turn, will equip them to preemptively address incidents that could potentially damage their operations as well as reputation."
The last Shamoon attack took place last November and the major attack before that took place in Saudi Arabia's energy sector in 2012.
One expert as cited on Alekhbariya local news network said such cyber attacks could cost the Kingdom SR2.8 billion in losses.

Clic here to read the story from its source.