Limited Time OfferFLAT 20% off & $20 bonus sign up. Order Now
New! Hire Essay Assignment Writer Online and Get Flat 20% Discount!!Order Now
A security breach is an event where data, information, systems and digital devices such as mobile phones and computers are accessed without authorization or malware that secretly sends data to a remote location installed without the user’s knowledge.
This report outlines the security breach that involved a malware called XcodeGhost (Wehner, Mills, & Smith, 2015) being sneaked into the iOS App Store, how and why it occurred and what are the possible solutions and also a hacking incident involving Saudi Arabian Oil Company (Saudi Aramco) by an activist group calling itself ‘Cutting Sword of Justice’.
Chinese iOS developers reported a new malware in a social media application called Sina Weibo. An analysis report was done on the suspected malware and ended up being christened XcodeGhost.
The XcodeGhost is claimed to be the first compiler malware whose malicious code was packaged into certain releases of Xcode installation files. These files were then uploaded to the cloud commonly used by Chinese iOS developers and thus ended up being downloaded by the developers.
The iOS developers used the infected IDE to create applications with some of them successfully passing the security checks and code review at Apple and hence being available for download by users of the App Store (Xiao, 2015).
The essence of the attack was to steal information from the iPhone mobile devices of unsuspecting users who downloaded the infected applications (Fox-Brewster, 2015). The malware would gather information from these devices including the present time, the name of the application that was infected, the name of the device and type, its network and its Universal Unique Identifier (UUID), the language being used by the device and the country and the iCloud username and password (Cluley, 2015).
Considering the proliferation of financial services and online transactions on mobile applications, unknown vulnerabilities may occur thereby exposing the users to the risk of being compromised through malicious applications which in many of the cases are legitimate and have been developed by legitimate developers (Zibreg, 2015).
Due to advanced and modern security measures adopted by applications development companies, there have been increased difficulty in planting malware by cyber attackers and where they succeed, the malwares are easily detected and the necessary actions are quickly taken to mitigate on the effects of the malware attack.
This have contributed to advanced security breach methods that are hard to detect and the target victims of the malware attack are the legitimate developers. This is because the malwares are compiler based and hence they get packaged together with the code meant for a legitimate application (Cluley, 2015).
Considering that the security breach is hard to detect due to it being compiler based as well as targeting developers of legitimate applications, the following are the possible solutions that can be adopted to protect both the developers and the users of the developed applications.
Therefore, it is of utmost importance to the developers to ensure that for the sake of safety, they should always download and update their IDE installations directly from the rightful owners of the IDE. Majority of the companies that develop the Integrated Development Environments have a subscription service where during downloading, one is expected to sign up and provide an email so that when there are new updates, one can get easily notified.
Saudi Aramco is a Saudi Arabian national petroleum and natural gas company and was hacked on the August of 2012 by an activist group calling itself Cutting Sword of Justice.
On August 15, 2012 at 11:08 AM, a malware was unleashed on an estimated 35,000 computers belonging to Saudi Aramco. The computers’ data was totally or partially wiped out and replaced with a burning American flag (Perlroth, 2012). The wiped data was said to include emails, documents and files as well as spreadsheets.
The attack affected Saudi Aramco entirely to a point where the IT personnel had to physically unplug the computers from the Internet connection and also disable remote access to the networks belong to the company.
The malware used in the attack was designed to overwrite and replace the data such as emails, documents and files as well as spreadsheets in the hard drives with an image of a burning flag belonging to the United States of America after which it would send a report containing the addresses of the affected computers back to a computer within Saudi Aramco’s network (Perlroth, 2012).
Due to the fear and threat of a follow up attack, Saudi Aramco was forced to upload to Pastebin router and admin passwords and names as well as emails belonging to the chief executive of the company (Leyden, 2012).
The company was forced to disconnect all the data centers and thereby rendering it offline. It resorted to using typewriters and faxes. All the work such as supplies management, shipment tracking and handling contracts between the company and entities such as partners and governments was done manually on paper. Also due to the shutdown of the information technology systems, payments were delayed as they couldn’t be processed contributing to stranded gasoline trucks that needed to be refilled (Rashid, 2015).
The company’s computer networks got accessed into after an employee opened and clicked on a link from an email that had been spear phished though it was unknown when the email was sent (Pagliery, 2015).
Spear phishing is the act of fraudulently sending emails particularly from a sender who is known to the recipient in order to purposely induce the recipient to reveal classified or confidential data and information.
On 15th august, 2012, employees noticed abnormal activities on their computers such as flickers on the screens, files missing or disappearing and computers shutting down suddenly. The attack involved a virus called Shamoon. It had a timer set to 1108 hours and worked by replacing the data on the hard drives with the image of a burning flag. The timer was supposed to trigger the virus into action.
Based on this report, it is apparent that cyber criminals have become sophisticated and will continue doing so. It is the responsibility of an individual to ensure that they update themselves with emerging security problems in order to best handle new threats. Organizations should at least invest in a information security department in order to be always secure from attacks.
Clark, J. (2012). 11 tips to stop spear-phishing. CSO Online. Retrieved 1 April 2017, from http://www.csoonline.com/article/2132618/social-engineering/11-tips-to-stop-spear-phishing.html
Cluley, G. (2015). XcodeGhost FAQ: Malware sneaks into the iOS App Store. Graham Cluley. Retrieved 31 March 2017, from https://www.grahamcluley.com/ios-app-xcodeghost-malware/
Fox-Brewster, T. (2015). Hackers Sneak Malware Into Apple App Store 'To Steal iCloud Passwords'. Forbes.com. Retrieved 31 March 2017, from https://www.forbes.com/sites/thomasbrewster/2015/09/18/xcodeghost-malware-wants-your-icloud/#12e471933977
Leyden, J. (2012). Hack on Saudi Aramco hit 30,000 workstations, oil firm admits. Theregister.co.uk. Retrieved 1 April 2017, from https://www.theregister.co.uk/2012/08/29/saudi_aramco_malware_attack_analysis/
Mertens, X. (2015). Detecting XCodeGhost Activity - SANS Internet Storm Center. SANS Internet Storm Center. Retrieved 1 April 2017, from https://isc.sans.edu/forums/diary/Detecting+XCodeGhost+Activity/20171.
Morgan, L. (2015). List of data breaches and cyber attacks in September 2015. IT Governance Blog. Retrieved 1 April 2017, from https://www.itgovernance.co.uk/blog/list-of-data-breaches-and-cyber-attacks-in-september-2015/.
Pagliery, J. (2015). The inside story of the biggest hack in history. CNNMoney. Retrieved 1 April 2017, from http://money.cnn.com/2015/08/05/technology/aramco-hack/
Perlroth, N. (2012). Cyberattack on Saudi Oil Firm Disquiets U.S.. Nytimes.com. Retrieved 1 April 2017, from http://www.nytimes.com/2012/10/24/business/global/cyberattack-on-saudi-oil-firm-disquiets-us.html.
Rashid, F. (2015). Inside The Aftermath Of The Saudi Aramco Breach. Dark Reading. Retrieved 1 April 2017, from http://www.darkreading.com/attacks-breaches/inside-the-aftermath-of-the-saudi-aramco-breach/d/d-id/1321676
Wehner, M., Mills, C., & Smith, C. (2015). Nobody is safe: Major App Store malware breach may affect millions of iPhone users. BGR. Retrieved 31 March 2017, from http://bgr.com/2015/09/21/ios-app-store-xcodeghost-malware/
What is Code Signing?. (2009). Sslshopper.com. Retrieved 1 April 2017, from https://www.sslshopper.com/what-is-code-signing.html
Xiao, C. (2015). Novel Malware XcodeGhost Modifies Xcode, Infects Apple iOS Apps and Hits App Store - Palo Alto Networks Blog. Palo Alto Networks Blog. Retrieved 31 March 2017, from http://researchcenter.paloaltonetworks.com/2015/09/novel-malware-xcodeghost-modifies-xcode-infects-apple-ios-apps-and-hits-app-store/
Zibreg, C. (2015). XcodeGhost: a new malware infecting many popular iOS apps. Idownloadblog.com. Retrieved 31 March 2017, from http://www.idownloadblog.com/2015/09/19/xcodeghost-malware/.
No matter how close the deadline is, you will find quick solutions for your urgent assignments.
All assessments are written by experts based on research and credible sources. It also quality-approved by editors and proofreaders.
Our team consists of writers and PhD scholars with profound knowledge in their subject of study and deliver A+ quality solution.
We offer academic help services for a wide array of subjects.
We care about our students and guarantee the best price in the market to help them avail top academic services that fit any budget.
15,000+ happy customers and counting!