6 Replies Latest reply on Jun 13, 2013 4:16 AM by vuilverwerking

    Anonymous hack attack

      Hello McAfee specialists,

       

       

      I work in Oil and gas company. We use McAfee antivirus. Today i found an information that oil and gas companyes would be attacked very soon.

      Can you please advise what should our It security department  should do. Did McAfee specialist any actions regarding this hack attac.

      waiting for your reply.

       

      Best regards,

      Abylaikhan

       

       

       

       

       

       

       

      Dear colleagues,

       

      with this email we want to informyou that the activist group known as Anonymous announced theoperation identified with the hashtag #OpPetrol.

      A massive attack isprogrammed for 20th June 2013 against Governments andmajor Oil Companies of these twelve Countries (USA, CANADA, ENGLAND,ISRAEL, ARABIA SAUDIA, CHINA, ITALY, FRANCE, RUSSIA, GERMANY, KUWAIT, QATAR).

       

       

       

      #OpPetrol progression is aided by other operations, such as #OpIsrael and#Opsaudi, and since the declaration time a lot of hacks has been performed:

      • More than 500     defacing of minor Websites not directly attribuitable to Oil Companies    
      • FBI, CIA and Saudi     Arabia Government secret documents and e-mails leakage
      • Near 100.000 Mauritania,     Germany, Kuwait Facebook accounts violated
      • Other minor hacks

       

      The first real points of attack,declared in a recent video published on Youtube (30th May 2013) are:

      • BP
      • Chevron
      • ConocoPhillips
      • ExxonMobil
      • Shell
        • 1. Re: Anonymous hack attack
          Peter M

          Can you advise exactly what McAfee product & version is being used please so I can move this to the appropriate section?

          • 2. Re: Anonymous hack attack

            McAfee VirusScan enterprise +AntiSpyware Enterprise

             

            Version Number: 8.8.0 (8.8.0.849)

            Build date:   9/14/2011

            Thank for your reply

            • 3. Re: Anonymous hack attack
              Peter M

              Thank you.

               

              I moved this provisionally to VSE in the Business section for better attention.

               

               

               

              .

               

              Message was edited by: Ex_Brit on 07/06/13 8:02:27 EDT AM
              • 4. Re: Anonymous hack attack
                pato

                Generally speaking, check that your browser plugins are up to date (foremost Adobe and Java stuff), check that your pdf reader is up to date (some Acrobat Reader 11.x is best, as it has some additional protections built in) and check that all your machines run updated DAT files for Mcafee.

                Also you should keep your Operating System updated and also your Office Suite.

                That would protect you from most viruses.

                Then your users should not have Administrator rights by default, so they can't install a malicious software. Also check that your mailservers block "evil" files, like pdf's, executables and maybe compressed files.

                 

                Most of this should already in place and probably can't be changed in a short term, but this would greatly raise your protection level.

                 

                Oh and don't forget to do security teachings for your stuff, like what is social engineering and how to protect from it...

                • 5. Re: Anonymous hack attack
                  Attila Polinger

                  Hello,

                   

                  What Pato has mentioned about social engineering is one of the security risks that often gets overlooked (in my opinion) so raising awareness about that is important.

                   

                  On top of that I'd add also the following as risks:

                  - company employees using company notebooks at home for private purpose (private email, social networking, etc. - where unverified content can be transferred and where peopel can click on link unprotected)

                  - company employees visiting public websites such as school's, community's, etc using company notebooks (these websites can be hacked).

                   

                  Apart from keeping operating systems and applications patch level to the latest and antivirus signatures and engine getting kept up to date I'd also advise making sure of the following about Access Protection module:

                   

                  -  Access Protection module is enabled

                  -  Prevent McAfee services from being stopped checkbox is set

                   

                  Regarding Access Protection rules - make sure these rules are set to block and report:

                   

                  - Anti-spyware standard protection - Protect Internet Explorer favourites and settings

                  - Anit-virus standard protection - Prevent Task Manager and Registry Editor from being disabled

                                                                    - Prevent remote creation of autorun files

                  - Common Standard Protection -  (The first 3 rules should be all set to block and report)

                                                                    - Protect Internet Explorer settings

                                                                    - Prevent Installation of Browser Helper objects and Shell Extensions (!! trojan entry points are browser plugin installations)

                                                                     - Prevent hooking of McAfee processes (!!)

                  - Common Maximum Protection - Prevent programs registering to autorun (!! not just the Run key)

                   

                  I've worked in the oil and gas business for many years and these rules have been used without problems for many years. They do need tuning (adding exclusions, mostly), however but when security is a priority, these rules are just indispensable.

                   

                  Attila

                   

                  Message was edited by: apoling on 10/06/13 14:08:33 CEST
                  • 6. Re: Anonymous hack attack

                    Get a good firewall.

                     

                    Captures Mallware and Blocks unwanted network traffic.

                     

                     

                    http://searchnetworking.techtarget.com/feature/Choosing-a-next-generation-firewa ll-Vendor-comparison