A Cybersecurity Architecture to Mitigate Shamoon Attacks

Theyab Alrubaie, Wael Elmedany, Nedal Ababneh, Sherali Zeadally, Kevin Curran

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

2 Scopus citations

Abstract

Shamoon attacks are one of the most recent Advanced Persistent Threat (APT) attacks that is being used against several organizations in the energy sector in Saudi Arabia. It is a very destructive malware that corrupts files on the targeted computer and overwrites the Master Boot Record (MBR) to render a computer unusable. In this paper, we propose an enhanced cybersecurity architecture that helps in the effort of halting the chain of attack at any stage and mitigate Shamoon attacks. Before that, we analyze the historical, tactical, and technical aspects of the Shamoon attacks. Our analysis explores the various methods of attack and the different stages through which the attackers achieve their penetration to the targeted organization network. By conducting such analysis, we reveal the weaknesses of the cybersecurity architecture that were exploited by the attackers.

Original languageEnglish
Title of host publication2022 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies, 3ICT 2022
Pages266-277
Number of pages12
ISBN (Electronic)9781665451932
DOIs
StatePublished - 2022
Event2022 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies, 3ICT 2022 - Virtual, Online, Bahrain
Duration: Nov 20 2022Nov 21 2022

Publication series

Name2022 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies, 3ICT 2022

Conference

Conference2022 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies, 3ICT 2022
Country/TerritoryBahrain
CityVirtual, Online
Period11/20/2211/21/22

Bibliographical note

Publisher Copyright:
© 2022 IEEE.

Keywords

  • Cybersecurity
  • Industrial Internet of Things
  • Internet of Things
  • Threats Mitigation

ASJC Scopus subject areas

  • Artificial Intelligence
  • Computer Networks and Communications
  • Computer Science Applications
  • Information Systems
  • Information Systems and Management
  • Control and Optimization

Fingerprint

Dive into the research topics of 'A Cybersecurity Architecture to Mitigate Shamoon Attacks'. Together they form a unique fingerprint.

Cite this