The Data-Annihilation Attack Is Back
By: Kelly Jackson Higgins, Dark Reading
The data-destroying Shamoon malware and recent wave of aggressive targeted attacks against utilities in the Middle East should serve as a wake-up call for all types of organizations to be prepared for a whole other aspect of a breach -- losing data and systems to destructive hacks.
Data-destruction attacks are not new, but have been rare in the past decade or so as financially motivated cybercrime and cyberespionage have been at the forefront of threats mainly focused on monetizing stolen information. Hacktivists, meanwhile, have employed data-wiping from time to time, but not in the volume or mass approach that Shamoon can accomplish.
Richard Bejtlich, chief security officer at Mandiant, says these recent attacks should serve as a cautionary tale for all types of organizations. "This is something everybody should worry about ... This ability to destroy people's computers and wipe them clean has been around a couple of decades, but it has taken mass events, probably caused by the Iranian government and its proxies, to wake people up," he says. "Utilities are just one victim, chosen for economic and political reasons: It could be anybody."