Re: Security Attack

From: Kellyn Pot'Vin-Gorman <dbakevlar_at_gmail.com>
Date: Mon, 8 Jan 2024 14:56:28 -0800
Message-ID: <CAN6wuX1LodQVrh3007=iySV5FuGFt8mdTzskZJ2_70FpvHGeMA_at_mail.gmail.com>

I wanted to jump in here and as someone who's worked at Microsoft can attest, it's not just Microsoft systems. Linux and any OS is vulnerable to security exploits and numerous flaws have been discovered by hackers over the years in every OS platform. As for organizations that have example Oracle ransomware stories, no matter if we're talking Maersk, which a couple of the systems compromised where Oracle and on Solaris or UK health systems, there was either compromised login information that was gathered and used to ransom data or destroy critical data. Encryption often slows them down, but some are just as happy corrupting the datafiles and destroying recovery from backup media.

There are now snapshot copies and monitoring systems that can alert with the help of AI when unusual access patterns occur and use protected snapshots to recover from. A friend of mine just went through this on the SQL Server side with Linux and Microsoft OS, but they had to wipe everything and I mean EVERYTHING(cloud domain, network, infrastructure VMs/storage, etc.) and build from scratch to stop the perpetrators.

*Kellyn Gorman*
DBAKevlar Blog <http://dbakevlar.com>
about.me/dbakevlar

On Mon, Jan 8, 2024 at 2:14 PM Danny B <dbryant_at_dbaontap.com> wrote:

> You might check for municipalities that have been attacked. In 2018 the
> City of Atlanta was hit with a Ransomware attack which was covered quite
> extensively. They did have Oracle ERP so maybe ….
>
>
> Sent from my Commodore VIC 20
> _at_dbaOnTap
> www.dbaOnTap.com
>
> On Jan 8, 2024, at 13:47, Lothar Flatz <l.flatz_at_bluewin.ch> wrote:
>
> 
> Good evening,
>
> thanks. I also believe as well that encrypt datafiles the classical
> ransomware style would result in immediate denial of service.
>
> Regards
>
> Lothar
>
> Am 08.01.2024 um 18:57 schrieb Douglas Dunyan:
>
> Greetings Lothar !
>
> I am not personally aware of news articles or blogs providing that level
> of detail of ransomware events.
>
> The ransomware events I am aware of, have only been via Microsoft
> platforms. Because Oracle Databases can run on Microsoft platforms,
> depending on the attack vectors, it's conceivable to me that datafiles
> *could* become victims.
>
> I would also expect, once an Oracle File ( data, temp, control, online
> log, etc) was encrypted, the alert log would begin to log errors, and
> depending on which files, potentially crash the database.
>
> Additionally, because it is possible to access storage typically
> accessed by NFS services, any file systems mounted to Microsoft platforms
> with write access are at risk as well.
>
> I am not aware of ransomware attacks upon *nix platforms, but I expect
> they do exist.
>
> HTH
>
> Doug
>
>
> On Mon, Jan 8, 2024, 3:24 AM Lothar Flatz <l.flatz_at_bluewin.ch> wrote:
>
>> HI,
>>
>> was there every a ransomeware attack were an Oracle Database got
>> encrypted?
>> Do not share ideas, just references to public available arcticles, please.
>> I could not find any.
>>
>> Thanks
>>
>> Lothar
>> --
>> http://www.freelists.org/webpage/oracle-l
>>
>>
>>
>

--
http://www.freelists.org/webpage/oracle-l

Received on Mon Jan 08 2024 - 23:56:28 CET

This message: [ Message body ]
Next message: Clay Jackson: "RE: Security Attack"
Previous message: Danny B: "Re: Security Attack"
In reply to: Danny B: "Re: Security Attack"
In reply to Lothar Flatz: "Re: Security Attack"
Next in thread: Rajeev Prabhakar: "Re: Security Attack"
Reply: Rajeev Prabhakar: "Re: Security Attack"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message