Regarding the recent attacks on Saudi Aramco, the world’s largest oil company, Rob Rachwald, Director of Security Strategy at Imperva commented on the rumours that hackers are going to hit again and looks at why this attack is an evolutionary and dangerous step in hacktivism.
"The Saudi Aramco attack is the first significant use of malware in a so-called hacktivist attack. In the past, hacktivists have typically used application or distributed denial of service (DDoS) attacks - in which they clog a website with traffic until it goes offline. However, the attack on Saudi Aramco is the first significant use of malware in a hacktivist attack. Hacktivists rarely use malware, if other hacktivists jump on this trend it could become very dangerous.
The hackers claim to have infected 30K PCs, which, if true, represents a 75% infection rate of all the company's computers. The attack has highlighted the ineffectiveness of the antivirus solutions that are supposed to protect computer systems against malware threats. Evidence continues to pile up for the need for a new security model.
However, one should not miss the key evolutionary step this attack represents. In the last couple of years, it became very popular to single out the Chinese, US and Israeli governments for cyber-warfare. However, with the Aramco attack, it wasn’t a government, it wasn’t an agency nor a company. This time it was hacktivists working for a political and social cause. In other words, a group of hobbyists and hacktivists with several very strong minded developers and hackers achieved results similar to what we have allegedly seen governments accomplish. Does this mean that the power of the hacktivism has become so strong that it can compete with government cyber warfare organizations?"