Computer Crime Research Center


An Unmatched Cyber Attack

Date: January 28, 2015
Source: Computer Crime Research Center
By: Vishwas Rudramurthy

It was a shocking moment to hear about an unmatched/unparalleled cyber attack which took the US employers by surprise. The surprising event was a severe cyber attack on one of the big company`s data which were stolen allegedly from the their server some time back. In fact, the scope of this attack differs from any we have responded to in the past, as its purpose was to both destroy property and release confidential information to the public. The bottom line is that, this was an unparalleled and well planned crime, carried out by an organized group, for which neither SPE nor other companies could have been fully prepared. The suggestions made by the top company executives were really appreciated, but there is also the concern about the damages that are incurred to a particular organization. The intensity of the damaged caused to the company is priceless and also there were no defined malware attacks or defined hacking methods used for cracking the servers. Also one of the top executives from a company mentioned: “The intensity of the damage caused is very severe and the method used for the attack was well planned before the event had happened. The root cause of the event caused might be the lack of security measures or might be the proper security measures not defined to handle such ad-hoc malicious events”. There are many other possible measures which should be followed in order to avoid possible cyber threats. That minimum compliance is the goal speaks volumes about some company`s attitude towards the security of their
 data. Companies have fallen victim to tens of successful attacks in recent years, leading us to question the importance of security in the broader conglomerate. The assessment of possible cyber attack will be the asset for the company in securing their critical/confidential information. The public timeline of events implies that the intrusion was only discovered when the attackers moved from theft to destruction, announcing their presence bombastically with the altered desktop. The threat happened was seriously condemned by the entire entertainment industry and the Hollywood celebrities across United States of America.

One of the top executive from US department of home land security mentioned that the attack was not only for the company, but also big loss to the nation. He also suggested that the companies to adopt the NIST cyber security standard framework in order to avoid the future cyber security risks and threats. It is felt that attackers have destroyed the data from the Company`s server after being exploited. Hackers are targeting for the attack in three ways anonymously: 1) Some unknown groups aiming to shame the companies for their behaviour, 2) Criminal groups stealing critical information in order to make money and 3) Nation state actors involved in corporate espionage. One of the executives from a top Cyber Security company mentioned that: “These attacks show how the hackers are moving from stealing data to destroying it”. He added: “It`s very alarming incident which indicates of the future potential threats that is going to arise in the coming years. We really believe that the people doing these attacks will move from using the data for malicious activities to till destroying it”. The companies should ensure that there is proper security policies defined and the proper security back-up should be defined in to order handle the anonymous malicious/hacking events.

There are some best practices to be followed in order to secure the network from the anonymous hacking events:

There are many ways to secure the organisation from various malicious attacks or anonymous attacks, but the kind of solution depends on the situation and scenarios which needs to be applied at the particular right moment.

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo