Lots of press on the Aramco virus and DDoS attack. But there are two key points that should be emphasized about the breach:
- This is the first significant use of malware in a hacktivist attack. In the past, as we described in our February report, most hacktivist attacks were primarily application or DDoS attacks.
- Antivirus doesn't work. Hackers claim to have infected 30K PCs, which, if true, represents a 75% infection rate of all the company's computers. Ouch. Evidence continues to pile up for the need for a new security model.
However, one should not miss the key evolutionary step this attack represents. In the last couple of years, it became very popular to single out the Chinese, US and Israeli governments for cyber-warfare.
However, this is why the Aramco attack is so interesting. Why? In this case, it wasn’t a government, it wasn’t an agency nor a company. This time it was hacktivists working for a political and social cause. In other words, a group of hobbyists and hacktivists with several very strong minded developers and hackers achieved results similar to what we have allegedly seen governments accomplish. Does this mean that the power of the hacktivism has become so strong that it can compete with government cyber warfare organizations?