Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I think Saudi Aramco was hacked a few years back too.

Having worked at a major oil company, it doesn’t surprise me that these things happen. It’s not that anybody is particularly unintelligent, moreso that large sometimes sleepy companies have lots of vulnerable points in IT.

I’m sure the same could be said for a host of other corporations, tech, finance, and defense aside.



The Aramco hack is discussed in Paul's Security Weekly episode 498:

https://wiki.securityweekly.com/Episode498


Man that is an amazing website / series of podcasts (not just the Security Weekly one, but their others also).

I'm submitting https://wiki.securityweekly.com/Security_Weekly as it's own post on HN because this is news to me. It's so broad and deep! Just when I was out of podcasts.


If you enjoyed that one, check out Risky Business as well https://risky.biz/


Why do these companies not have dedicated red teams?


Because if you don't know tech, you can't hire for tech. Or won't, because "it's just a cost" (see: Sony).

And if the person you've hired to manage the tech doesn't really know tech...you get this.


They probably do, still vulnerable




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: