Tra Bui's First Web Page

Welcome Homepage

Hello! I'm Tra Bui and this is my first website!

Linkedin | Email | Facebook | Github | Leetcode | My CV

CYBER SECURITY QUESTIONS (PROFESSOR RILEY)

1. What did attackers break into?

2. How did the attackers break into it?

3. Who was impacted?

4. How was it investigated?


Case I: Qatar Agency News

In April 2017, there was a major security attack on the website system of Qatar News Agency (QNA). In order to challenge the investigation of the IT team, the attackers use many advanced technological means to cover their trace. For example, they tried to employ VPN software and European phone numbers to fabricate their identity. The ​​Ministry of the Interior (MOI) confirmed that the attackers use high-level skills to exploit an “electrical gap” to break into the QNA website.

Being the main target of this attack, the Qatari government suffered from great loss. This incident was one of the main reasons that ignite Qatar’s diplomatic crisis (2017) with many other neighboring countries in the Arabic region.

The investigation of the incident involves not only IT experts from Qatar but also front the outside support such as the FBI in the US. The whole process took several months before the culprits were brought to justice. The authority eventually found out that the attackers are five individuals based in Turkey. The criminals are arrested in August 2017.


More article and reference:
https://www.marhaba.qa/qatar-cyberattack
https://www.gco.gov.qa/en/top-news/qatar-marks-one-year-since-qna-hack/
https://mofa.gov.qa/en/all-mofa-news/details/2017/06/07/ministry-of-the-interior-statement-on-piracy-crime-on-qatar-news-agency-website
https://www.reuters.com/article/us-gulf-qatar-cyber-idUSKCN1B608L/

Case II: Qatar National Bank

Qatar National Bank witnessed a data leak crisis in 2016. There was 1.4 GB of data including bank details, passwords, and personal information of approximately 1,200 customers being exposed online. One reason that contributes to the occurrence of this attack is users’ habits. Perhaps the hacker makes use of the fact that users do not use strong passwords to dig into their personal data.

The incident caused trouble to many involved parties. First, the bank’s reputation is definitely damaged. More importantly, the customers’ safety and property are at risk as well. Indeed, there was a report showing that the stolen data was uploaded to the online marketplace for sale.

The culprit was found to be a group called "Bozkurt Hackers" in Turkey. However, little was known about the motivation behind their misdeed and more investigation was still going on.


More article and reference:
https://www.middleeasteye.net/fr/news/qatar-national-bank-allegedly-hacked-data-1200-entities-leaked-online-1642830110
​​https://www.hackread.com/uae-investbank-qatar-national-bank-data-dark-web/
https://www.itp.net/security/607376-qatar-national-bank-admits-data-breach
https://www.trendmicro.com/vinfo/pl/security/news/cyber-attacks/turkish-hackers-responsible-for-qatar-national-bank-breach