Wednesday, December 4, 2019
Data Leakage Detection and Prevention Solutions â⬠Assignmenthelp
Question: Discuss about the Data Leakage Detection and Prevention Solutions. Answer: Introduction A computer security breach is any event, which results in unsanctioned use of services, networks, applications, data or devices by circumventing their fundamental mechanisms of security. A security breach can also be referred to as a security violation. A security violation takes place when an application or an individual illegally makes entry to an unauthorized, confidential or private IT logical perimeter. This report outlines the case study of cyber security breach of Verizon Wireless of USA, which became a threat for the whole world in July 2017. It provides a detailed research of the problem, the affected people and the recommendation that how that breach could had been stopped. The report further outlines the brief description of the May 2017 Ransomware Cyber-Attack with the problem, the affected person and the prevention of that case study. The name of the May 2017 cyber attack is the WannaCry Ransomware Cyber attack. The description of the above discussion is given in the following paragraphs. Verizon Wireless is a recognized telecommunication organization that operates its business in USA. They are responsible for offering wireless devices and services. They have faced a major security breach because of cloud leak. The Verizon partner was responsible for leaking all the data in cloud (Mathews, 2017). It exposed approximately the accounts of millions of customers. All the information present in their account was leaked in July, 2017 creating a lot of problem. Reason for the Security Breach The major reason or cause behind the data breach was a cloud based repository file that was not configured. This leaked the information of 14 million people of the United States who were the customers of the Verizon, telecommunication carrier. The ownership of the cloud based system or software was under the telephonic software and NICE Systems. NICE Systems were the third party vendor of the Verizon Company (Fox News 2017). Verizons data repository was the S3 bucket of the Amazon Services of the Web. The names, account details, addresses and other essential information was leaked and accessed through the S3 bucket of the Amazon Services. The PIN codes of the customers that used to verify the Verizon account were also leaked and under danger. Their phone numbers were also leaked. This data breach shows the insecurity of cloud computing and its challenges (Romanosky, Hoffman Acquisti, 2014). This leaked the information of 14 million people of the United States who were the customers of the Verizon, telecommunication carrier. The other main reason for the cause of this data breach was the non-configuration of the cloud based structure provided by the third party vendor called NICE Systems. If the third party does not take proper responsibility of the cloud or does it in a deliberate purpose then this can create data breach affecting millions of users (Khalil et al., 2013). NICE System has a history that is not strong. History of this third party in supply technical to different firms reveal an indicator of unsettled manner of the surveillance that was sponsored by the state. Customers could log in to their accounts and get information from a repository that can be downloaded. This is an alarming signal because if the data can be downloaded then it can be shared with any third party resulting in major loss to the US companies. Data Breach Occurrence Configuration is the most important issue in a cloud network. There can be any incorrect configuration leading to issues regarding management of the network. Tools should be used in a proper technique to allow the cloud to work in an efficient and effective manner. There was major problem in the base of the infrastructure of the IT. This internal problem was known as wrong configuration (Uchiumi, Kikuchi Matsumoto, 2012). The wrong configuration in the infrastructure can lead to around higher percent data breaches. The other main reason for the cause of this data breach was the non-configuration of the cloud based structure provided by the third party vendor called NICE Systems. NICE System has a history that is not strong. The NICE System should have looked into the matter and made the system more secured before anything like this could take place. It is extremely challenging for any organization to find out the loopholes and problems in the configuration of the cloud network. Prop er identification of incorrect configuration can solve the issue regarding this matter. The third party vendor should look into the matter and solve the misconfiguration issue. The configuration of the IT systems should be carefully managed before any stated of disorder takes place (Patel et al., 2013). The software should be upgraded on a continuous and regular basis. The hardware performance also needs to be checked so that there is no degradation in the performance. The downtime in the system must also be resolved in an efficient manner. Proper cyber security policy along with signature authentication must be incorporated in the system. The shielding of the vulnerabilities must be done by updating and patching the software on a regular basis from various points of access. Proper encryption keys must be involved in the system. The cloud architecture must be protected. The vendor must be transparent with its client (Shabtai, Elovici Rokach, 2012). The client company must analyze and study the issues regarding the vendor company before deciding the issues. A web gatewa y application reduces or eliminate the chances of risks in the system. The ransomware cyber attack that took place in May 2017 was the most dangerous attack that took place across the world. It is known as the WannaCry ransomware attack. It is a cyber attack that was done by the WannaCry ransomware cryptoworm. It had targeted those computers that were running the operating system of the Microsoft Windows. The data of this operating system were encrypted. The attackers had demanded ransom payments. These payments were asked to be paid in the Bitcoin cryptocurrency (Mohurle Patil, 2017). The attack had taken place in around 12th of May, 2017. It was on a Friday. It had infected around 230000 computers and more in more than 150 countries. National Health Service of the United Kingdom was partly affected (Collier, 2017). It could run few services that were required in emergency situation when the attack took place. Few days after the attack took place a researcher of security discovered kill switch and found out the ransom ware code that led to the initial slow process of the attack. However, later on in 15th of May, 2017 it was found out that the other advanced versions of the ransomware had been invented and these lacked the kill switch. Microsoft had detected its vulnerabilities and released the techniques and methods in order to overcome the flaws and faults in the present system. The newer versions like Windows 7 and Windows 8 are safe. People who are still using the Windows XP and other unauthorized versions are still under the security risk. It was reported by Europol that approximately 230000 computers that had the Windows operating system were affected as they were infected by ransomware. This was spread over 150 countries across the world. The most affected countries were reported to be India, Ukraine, Taiwan and Russia. The National Health Service of the United Kingdom and Scotland hospitals were affected in a severe manner (Pascariu, Barbu Bacivarov, 2017). It had infected over 70000 computer devices in the hospitals. It also included the MRI scanners and theatre equipments. The production in the Nissan Manufacturing in United Kingdom was halted because the ransomware were infected in their systems. It has also affected Renault. It has stopped its production in various sites. The attack was not as powerful as any other cyber attack. Procedure of the Attack The ransomware attack called WannaCry attack had taken place on 12th of May, 2017. The initial thing that happened was took place in Asia at around 7:44 am in the morning. It had taken place through an SMB port that was exposed due to its vulnerability (Mattei, 2017). It was not done through email phishing. The malware had first checked whether there was any kill switch domain. In the absence of such domain the ransomware attacks the system and encrypts its data. It then exploits the vulnerabilities of the SMB. After the attack, it had displayed a message asking for 300 dollars Bitcoin in a span of three days or 600 dollars in seven days (O'Gorman McDonald, 2012).By 14th of June, 2017 there were 327 payments resulting in a total amount of 130634 dollars that had been transferred. There are certain measures for this problem. Microsoft Protection Center that looks after the malware issues had mentioned several steps that can be taken in order to prevent the WannaCry ransomware attack (Martin, Kinross Hankin, 2017). Installation and usage of antivirus software that is up to date will help to resolve many issues. The software must also be up to date. They should avoid clicking on any websites or open any type of attachment. There must be regular backup for important files (O Dowd, 2017). Patches should be applied to the Windows that is recommended by Microsoft Security Bulletin. Conclusion Therefore from the above discussion, it can be concluded that security breaches has become a common problem in the world. The report clearly discusses about the infamous Verizon data breach in July 2017. It provides a clear description of the reasons, the affected people and the recommendations for the solution. The report further covers about the WannaCry ransomware cyber attack of May 2017. The whole ICT world was shaken because of this attack. The report gives a brief description of the problem and the suffered people and the solutions for that problem. References Collier, R. (2017). NHS ransomware attack spreads worldwide. Fox News. (2017). Verizon data breach: 14 million customers reportedly exposed. Retrieved 27 August 2017, from https://www.foxnews.com/tech/2017/07/12/verizon-data-breach-14-million-customers-reportedly-exposed.html Khalil, I. M., Khreishah, A., Bouktif, S., Ahmad, A. (2013, April). Security concerns in cloud computing. InInformation Technology: New Generations (ITNG), 2013 Tenth International Conference on(pp. 411-416). IEEE. Martin, G., Kinross, J., Hankin, C. (2017). Effective cybersecurity is fundamental to patient safety. Mathews, L. (2017).Millions Of Verizon Customers Exposed By Third-Party Data Leak.Forbes.com. Retrieved 27 August 2017, from https://www.forbes.com/sites/leemathews/2017/07/13/millions-of-verizon-customers-exposed-by-third-party-leak/#929962836bc9 Mattei, T. A. (2017). Privacy, Confidentiality, and Security of Health Care Information: Lessons from the Recent WannaCry Cyberattack.World Neurosurgery,104, 972-974. Mohurle, S., Patil, M.(2017). A brief study of Wannacry Threat: Ransomware Attack 2017.International Journal,8(5). ODowd, A. (2017). NHS patient data security is to be tightened after cyberattack. O'Gorman, G., McDonald, G. (2012).Ransomware: A growing menace. Symantec Corporation. pascariu, C., barbu, I. D., bacivarov, I. C.(2017) Investigative Analysis and Technical Overview of Ransomware Based Attacks. Case Study: WannaCry. Patel, A., Taghavi, M., Bakhtiyari, K., JNior, J. C. (2013). An intrusion detection and prevention system in cloud computing: A systematic review.Journal of network and computer applications,36(1), 25-41. Romanosky, S., Hoffman, D., Acquisti, A. (2014). Empirical analysis of data breach litigation.Journal of Empirical Legal Studies,11(1), 74-104. Shabtai, A., Elovici, Y., Rokach, L. (2012).A survey of data leakage detection and prevention solutions. Springer Science Business Media. Uchiumi, T., Kikuchi, S., Matsumoto, Y. (2012, September). Misconfiguration detection for cloud datacenters using decision tree analysis. InNetwork Operations and Management Symposium (APNOMS), 2012 14th Asia-Pacific(pp. 1-4). IEEE.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.