Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security Businesses Data Storage Government Technology

Data-Wiping Malware Destroys Data At Italian and UAE Oil and Gas Companies (zdnet.com) 39

An anonymous reader writes: A new variant of the Shamoon malware was discovered on the network of an Italian and UAE oil and gas company. While the damage at the UAE firm is currently unknown, the malware has been confirmed to have destroyed files on about ten percent of the Italian company's PC fleet. Shamoon is one of the most dangerous strains of malware known to date. It was first deployed in two separate incidents that targeted the infrastructure of Saudi Aramco, Saudi Arabia's largest oil producer, in 2012 and 2016. During those incidents, the malware wiped files and replaced them with propaganda images (burning U.S. flag and body of Alan Kurdi). The 2012 attack was devastating in particular, with Shamoon wiping data on over 30,000 computers, crippling the company's activity for weeks. Historically, the malware has been tied to the Iranian regime, but it's unclear if Iranian hackers were behind these latest attacks. This new Shamoon version was revealed to the world when an Italian engineer uploaded the malware on VirusTotal, triggering detections at all major cyber-security firms across the globe.
This discussion has been archived. No new comments can be posted.

Data-Wiping Malware Destroys Data At Italian and UAE Oil and Gas Companies

Comments Filter:
  • by aaarrrgggh ( 9205 ) on Sunday December 16, 2018 @12:22PM (#57812744)
    • Re: (Score:2, Funny)

      by thegarbz ( 1787294 )

      Shamoon hit BeauHD's computer.

    • by Anonymous Coward

      Are we absolutely this isn't a Windows 10 update doing all of this?

      Asking for Donald Trump...

      CAP === 'coconut'

  • by Dunbal ( 464142 ) * on Sunday December 16, 2018 @12:33PM (#57812776)
    That's ok, you can just restore the data from the back ups. You make regular back ups, right?
    • Not relevant. Just because you have backups doesn't mean the outage can't cost you your business.

      • by Dunbal ( 464142 ) *
        Absolutely relevant - if you didn't make backups then the outage probably WILL cost you your business. But hang in there, you might get this sarcasm thing eventually.
        • No you missed my point. You quipped about the possibility that the backup strategy was not sufficient with your "You make regular back ups, right?" comment.

          However that is completely irrelevant. These companies are now in a position where they need to dedicate resources to make use of those backups. Damage however mitigated has been done regardless, and just because you have backups doesn't mean your business couldn't go under.

          Maersk also had backups and lost no data, yet the 2017 malware was registered as

          • by Dunbal ( 464142 ) *

            Maersk also had backups and lost no data, yet the 2017 malware was registered as a $300million extraordinary loss on their balance sheet regardless.

            There's a difference between taking a (real) loss, and going under. Loss is proportional to the size of your business. However if your IT department does not plan for contingencies you're not going to take a loss, you're going to be completely screwed. Let's see my original post again:

            That's ok, you can just restore the data from the back ups. You make regular back ups, right?

            In no way did my original post imply that no losses are ever incurred, which seems to be the point you're trying to stick to. However I think we both agree that those without a backup/contingency plan are going to be far worse

            • In no way did my original post imply that no losses are ever incurred, which seems to be the point you're trying to stick to

              For someone who's explaining the english in your original post you've done a great job (intentionally?) ignoring the point of mine.

    • Not if management thinks backup means online cloud based overprovsioned by just 20% means real backup according to the slick sales people as tapes are sooo unhip and pre-mellenial so that means it can't be as good.

      Yes there are young system admins who think raid is a backup and so is cloud storage which also get encrypted too. Or they only provision 20% snaspshot or incremental changes only. Not a full 100% double which a full encryption would do killing the so called "cloud" backups too.

  • by sacrilicious ( 316896 ) <qbgfynfu.opt@recursor.net> on Sunday December 16, 2018 @12:50PM (#57812852) Homepage

    Shamoon is one of the most dangerous strains of malware known to date.

    Well, then if I see it come up on Tinder, I'm swiping left.

  • That's-a what you get when have one too many braciole, you finocchio. Next time, you oughta read-a the sanity clause.

  • by Anonymous Coward

    Since they used the staged Alan Kurdi photo-op it is likely western intelligence services that performed this act

  • ha ha ha!!! (Score:4, Informative)

    by SirAstral ( 1349985 ) on Sunday December 16, 2018 @01:25PM (#57812978)

    "The 2012 attack was devastating in particular, with Shamoon wiping data on over 30,000 computers, crippling the company's activity for weeks."

    Sounds like business as usual... it's not worth the time to spend the money to protect against these problems... better off losing a whole lot fucking more money when it happens and then curse the department they directly prevented from protecting this problem.

    This is worse than just shooting oneself in the foot, its more like making sure the trigger gets pulled no matter what.

    This problem is everywhere too, this one just happens to make it into the news. I don't think businesses are really aware of how much money it hemorrhages in vain attempts to save money.

    The lost productivity, the T&E required to restore that lost productivity, without exception, has always cost more than was ever saved.

    I have seen companies experience multi million dollars losses because they did not see the value in a product that cost a couple of hundred K. This is especially true for redundant power. Backup power generation is stupid cheap compared to the losses you face from a 24 hour power outage. All those employees getting paid for doing no work is just the start of it.

    Most businesses fundamentally do not understand security, and most programmers fundamentally work against good security, and so does most of the industry. Security has always been an after the fact effort.

    • 2012 was the heart of the financial crises and great recession. Italy had unemployment rates close to 20%. The CEO and the shareholders needed to keep their bonuses and the spreadsheets looking good.

      The best way to do this is always outsourcing IT as it adds no follow the shareholders or the executives who want to keep their jobs and money.

  • Two companies involved with the pollution and destruction of our planet. If Stuxnet can target Iranian centrifuges perhaps we're seeing the start of a new type of anti-oil activism?

Keep up the good work! But please don't ask me to help.

Working...