Re: Security Attack

 Hi Lothar,      

I am going to send you the links.      

Regards,   

Rajeev         

>
> On Jan 8, 2024 at 5:58 PM, <Kellyn Pot'Vin-Gorman (mailto:dbakevlar_at_gmail.com)> wrote:
>
>
>
> I wanted to jump in here and as someone who's worked at Microsoft can attest, it's not just Microsoft systems. Linux and any OS is vulnerable to security exploits and numerous flaws have been discovered by hackers over the years in every OS platform. As for organizations that have example Oracle ransomware stories, no matter if we're talking Maersk, which a couple of the systems compromised where Oracle and on Solaris or UK health systems, there was either compromised login information that was gathered and used to ransom data or destroy critical data. Encryption often slows them down, but some are just as happy corrupting the datafiles and destroying recovery from backup media.
>
>
> There are now snapshot copies and monitoring systems that can alert with the help of AI when unusual access patterns occur and use protected snapshots to recover from. A friend of mine just went through this on the SQL Server side with Linux and Microsoft OS, but they had to wipe everything and I mean EVERYTHING(cloud domain, network, infrastructure VMs/storage, etc.) and build from scratch to stop the perpetrators.
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> Kellyn Gorman
>
> DBAKevlar Blog (http://dbakevlar.com)
>
> about.me/dbakevlar (http://about.me/dbakevlar)
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> On Mon, Jan 8, 2024 at 2:14 PM Danny B <dbryant_at_dbaontap.com (mailto:dbryant_at_dbaontap.com)> wrote:
>
> >
> > You might check for municipalities that have been attacked. In 2018 the City of Atlanta was hit with a Ransomware attack which was covered quite extensively. They did have Oracle ERP so maybe ….
> >
> >
> >
> >
> > Sent from my Commodore VIC 20
> > _at_dbaOnTap
> >
> > www.dbaOnTap.com (http://www.dbaOnTap.com)
> >
> >
> >
> >
> > > On Jan 8, 2024, at 13:47, Lothar Flatz <l.flatz_at_bluewin.ch (mailto:l.flatz_at_bluewin.ch)> wrote:
> > >
> >
> > >
> > > 
> > > Good evening,
> > >
> > > thanks. I also believe as well that encrypt datafiles the classical ransomware style would result in immediate denial of service.
> > >
> > > Regards
> > >
> > > Lothar
> > >
> > > Am 08.01.2024 um 18:57 schrieb Douglas Dunyan:
> > >
> > > >
> > > >
> > > > Greetings Lothar !
> > > >
> > > >
> > > >
> > > > I am not personally aware of news articles or blogs providing that level of detail of ransomware events.
> > > >
> > > >
> > > >
> > > > The ransomware events I am aware of, have only been via Microsoft platforms. Because Oracle Databases can run on Microsoft platforms, depending on the attack vectors, it's conceivable to me that datafiles *could* become victims.
> > > >
> > > >
> > > >
> > > > I would also expect, once an Oracle File ( data, temp, control, online log, etc) was encrypted, the alert log would begin to log errors, and depending on which files, potentially crash the database.
> > > >
> > > >
> > > >
> > > > Additionally, because it is possible to access storage typically accessed by NFS services, any file systems mounted to Microsoft platforms with write access are at risk as well.
> > > >
> > > >
> > > >
> > > > I am not aware of ransomware attacks upon *nix platforms, but I expect they do exist.
> > > >
> > > > HTH
> > > >
> > > >
> > > > Doug
> > > >
> > > >
> > > >
> > > >
> > > > On Mon, Jan 8, 2024, 3:24 AM Lothar Flatz <l.flatz_at_bluewin.ch (mailto:l.flatz_at_bluewin.ch)> wrote:
> > > >
> > > > > HI,
> > > > >
> > > > > was there every a ransomeware attack were an Oracle Database got encrypted?
> > > > > Do not share ideas, just references to public available arcticles, please.
> > > > > I could not find any.
> > > > >
> > > > > Thanks
> > > > >
> > > > > Lothar
> > > > > --
> > > > > http://www.freelists.org/webpage/oracle-l
> > > > >
> > > > >
> > > >
> > >

--
http://www.freelists.org/webpage/oracle-l