Prof Riley/Security Note
Case study 1 Qatar National Bank Breach
What did attackers break into?
the bank details, telephone numbers and dates of birth of several journalists for Doha-based state-funded broadcaster Al-Jazeera, supposed members of the ruling Al-Thani family, and government and defence officials, a local news website reported on 27 April
(https://www.meed.com/hackers-target-qatar-national-bank/)
How did the attackers break into it?
There are secretive online criminal marketplaces, where auctions for personal financial information and pre-paid debit cards held by a third-party services company take place. Hackers could use of publicly available information from social media to augment stolen data
(https://www.reuters.com/article/technology/qatar-national-bank-investigating-alleged-data-hack-idUSKCN0XO22S/)
(https://seceon.com/qatar-national-bank-breach-explained-how-the-attack-happened-and-whats-next/#:~:text=In%20a%20significant%20cybersecurity%20incident,card%20details%2C%20and%20personal%20data.)
Who was impacted?
-
QNB customer
-
Qatar national bank
How was it investigated?
engaged an external third party expert to review all the systems
https://www.qnb.com/sites/qnb/qnbglobal/en/en1may2016news#:~:text=While%20some%20of%20the%20data,the%20integrity%20of%20your%20information.
Case study 2 Qatari Domain Registry Got Compromised by Syrians
https://thehackernews.com/2013/10/qatar-is-down-syrian-electronic-army.html
What did the attacker break into?
Popular website in Qatar including:
moi.gov.qa
facebook.qa
gov.qa
vodafone.qa
aljazeera.net.qa
google.com.qa
ooredoo.com.qa
diwan.gov.qa
qaf.mil.qa
mofa.gov.qa
How did the attacker break into?
-
the Syrian Electronic Army gained access to Qatar Domain Registrar
-
modifies the DNS entires to redirects the targeted websites to servers controlled by hackers(A DNS entry is a fundamental component of the Domain Name System (DNS) that stores information about a domain, such as its IP address, within a DNS database on a DNS server)
-
defacement
Who was impacted?
The Financial Times
The Guardian
the Associated Press
Media that posted stories Syrian Electronic Army(SEA) don’t like.
How was it investigated?
Companies start to properly layer defense strategies