Cybercrime investigation in Saudian Corporates
Learning Outcomes: At the end of the assignment, student should be able:
• To have an understanding of the different cybercrimes committed in Saudi Arabia law
• To understand how these crimes will be investigated under Saudi anti cybercrime law?
• Which sections of cybercrime law will be applied to different cybercrimes based on their nature, occurrence and type?
Company Name: (Choose any Saudian Company)
Example: Aramco Says Cyberattack Was Aimed at Production
JEDDAH, Saudi Arabia (Reuters) - Saudi Arabia's national oil company, Aramco, said on Sunday that a cyberattack against it in August that damaged some 30,000 computers was aimed at stopping oil and gas production in Saudi Arabia, the biggest exporter in the Organization of the Petroleum Exporting Countries.
The attack on Saudi Aramco - which supplies a tenth of the world's oil - failed to disrupt production, but was one of the most destructive hacker strikes against a single business.
"The main target in this attack was to stop the flow of oil and gas to local and international markets and thank God they were not able to achieve their goals," Abdullah al-Saadan, Aramco's vice president for corporate planning, said on Al Ekhbariya television. It was Aramco's first comments on the apparent aim of the attack.
Hackers from a group called Cutting Sword of Justice claimed responsibility for the attack, saying that their motives were political and that the virus gave them access to documents from Aramco's computers, which they threatened to release. No documents have yet been published.
Aramco and the Saudi Interior Ministry are investigating the attack. A ministry spokesman, Maj. Gen. Mansour al-Turki, said the attackers were an organized group operating from countries on four continents.
The attack used a computer virus known as Shamoon, which infected workstations on Aug. 15. The company shut its main internal network for more than a week. General Turki said the investigation had not shown any involvement by Aramco employees. He said he could not give more details because the investigation was not complete.
Shamoon spread through Aramco's network and wiped computers' hard drives clean. Aramco said damage was limited to office computers and did not affect systems software that might harm technical operations.
General Assumptions
• The cybercrime selected must have a proper reference and link to check its validity.
• The cybercrime must have occurred in Saudi corporate sector.
• The cybercrime can related to any corporate either private or public
Individual Deliverables (Research & Documentation by individual members)
1. Corporate background and its details related to its function and operations?
2. Type and nature of cybercrime occurred and also its causes? And how much damage it caused to the corporate?
3. Type of sections of Saudi anti cybercrime law applied to different cybercrimes occurred in corporate based on their nature, occurrence and type?
4. Explain the whole Forensics process applied to specific cybercrime to justify that it has been committed and has damaged the corporate?