Data-Wiping Malware Destroys Data At Italian and UAE Oil and Gas Companies (zdnet.com) 39
An anonymous reader writes: A new variant of the Shamoon malware was discovered on the network of an Italian and UAE oil and gas company. While the damage at the UAE firm is currently unknown, the malware has been confirmed to have destroyed files on about ten percent of the Italian company's PC fleet. Shamoon is one of the most dangerous strains of malware known to date. It was first deployed in two separate incidents that targeted the infrastructure of Saudi Aramco, Saudi Arabia's largest oil producer, in 2012 and 2016. During those incidents, the malware wiped files and replaced them with propaganda images (burning U.S. flag and body of Alan Kurdi). The 2012 attack was devastating in particular, with Shamoon wiping data on over 30,000 computers, crippling the company's activity for weeks. Historically, the malware has been tied to the Iranian regime, but it's unclear if Iranian hackers were behind these latest attacks. This new Shamoon version was revealed to the world when an Italian engineer uploaded the malware on VirusTotal, triggering detections at all major cyber-security firms across the globe.
In case you missed it... (Score:4, Informative)
https://it.slashdot.org/story/... [slashdot.org]
Re: (Score:1)
> over-educated libtards
Anyone who graduateds from the high school is a liberal.
Re: (Score:2, Funny)
Shamoon hit BeauHD's computer.
Re: (Score:1)
Are we absolutely this isn't a Windows 10 update doing all of this?
Asking for Donald Trump...
CAP === 'coconut'
Absolutely no problem (Score:4, Funny)
Re: (Score:2)
Not relevant. Just because you have backups doesn't mean the outage can't cost you your business.
Re: (Score:3)
Re: (Score:2)
No you missed my point. You quipped about the possibility that the backup strategy was not sufficient with your "You make regular back ups, right?" comment.
However that is completely irrelevant. These companies are now in a position where they need to dedicate resources to make use of those backups. Damage however mitigated has been done regardless, and just because you have backups doesn't mean your business couldn't go under.
Maersk also had backups and lost no data, yet the 2017 malware was registered as
Re: (Score:2)
Maersk also had backups and lost no data, yet the 2017 malware was registered as a $300million extraordinary loss on their balance sheet regardless.
There's a difference between taking a (real) loss, and going under. Loss is proportional to the size of your business. However if your IT department does not plan for contingencies you're not going to take a loss, you're going to be completely screwed. Let's see my original post again:
That's ok, you can just restore the data from the back ups. You make regular back ups, right?
In no way did my original post imply that no losses are ever incurred, which seems to be the point you're trying to stick to. However I think we both agree that those without a backup/contingency plan are going to be far worse
Re: (Score:2)
In no way did my original post imply that no losses are ever incurred, which seems to be the point you're trying to stick to
For someone who's explaining the english in your original post you've done a great job (intentionally?) ignoring the point of mine.
Re: (Score:2)
Not if management thinks backup means online cloud based overprovsioned by just 20% means real backup according to the slick sales people as tapes are sooo unhip and pre-mellenial so that means it can't be as good.
Yes there are young system admins who think raid is a backup and so is cloud storage which also get encrypted too. Or they only provision 20% snaspshot or incremental changes only. Not a full 100% double which a full encryption would do killing the so called "cloud" backups too.
known to date (Score:5, Funny)
Shamoon is one of the most dangerous strains of malware known to date.
Well, then if I see it come up on Tinder, I'm swiping left.
Italian gas company malware (Score:2)
That's-a what you get when have one too many braciole, you finocchio. Next time, you oughta read-a the sanity clause.
Who did it (Score:1)
Since they used the staged Alan Kurdi photo-op it is likely western intelligence services that performed this act
ha ha ha!!! (Score:4, Informative)
"The 2012 attack was devastating in particular, with Shamoon wiping data on over 30,000 computers, crippling the company's activity for weeks."
Sounds like business as usual... it's not worth the time to spend the money to protect against these problems... better off losing a whole lot fucking more money when it happens and then curse the department they directly prevented from protecting this problem.
This is worse than just shooting oneself in the foot, its more like making sure the trigger gets pulled no matter what.
This problem is everywhere too, this one just happens to make it into the news. I don't think businesses are really aware of how much money it hemorrhages in vain attempts to save money.
The lost productivity, the T&E required to restore that lost productivity, without exception, has always cost more than was ever saved.
I have seen companies experience multi million dollars losses because they did not see the value in a product that cost a couple of hundred K. This is especially true for redundant power. Backup power generation is stupid cheap compared to the losses you face from a 24 hour power outage. All those employees getting paid for doing no work is just the start of it.
Most businesses fundamentally do not understand security, and most programmers fundamentally work against good security, and so does most of the industry. Security has always been an after the fact effort.
Re: (Score:2)
2012 was the heart of the financial crises and great recession. Italy had unemployment rates close to 20%. The CEO and the shareholders needed to keep their bonuses and the spreadsheets looking good.
The best way to do this is always outsourcing IT as it adds no follow the shareholders or the executives who want to keep their jobs and money.
Anti-oil activism? (Score:2)