Wednesday, May 6, 2020
Data Leakage Detection and Prevention â⬠Free Samples to Students
Question: Discuss about the Data Leakage Detection and Prevention. Answer: Introduction In this era of information and communication technology (ICT), security is a major issue. Data breach is a situation where the sensitive and major important information of an organization is accessed in an unauthorized manner. This information is later on copied and lost. Proper security policies must be incorporated in the system in order to overcome such issues. This report discusses about the Verizon data breach that took place in July, 2017. It gives a detailed report on the causes, affected people and the possible solutions for this problem. The second part of the report discusses about the WannaCry ransomware attack that took place in May, 2017. It points out the reason behind and the preventive measures of the ransomware attack. Verizon Wireless is a well reputed telecommunication company which operates its business in America (Mathews, 2017). They are responsible for offering wireless devices and services. They have faced a major data breach because of cloud leak. The Verizon partner was responsible for leaking all the data in cloud. It exposed approximately the accounts of millions of customers. All the information present in their account was leaked in July, 2017 creating a lot of problem and chaos. The major reason or cause behind the data breach was a cloud based repository file that was not configured. This leaked the information of 14 million people of the United States who were the customers of the Verizon, telecommunication carrier. The ownership of the cloud based system or software was under the telephonic software and NICE Systems. NICE Systems were the third party vendor of the Verizon Company. Verizons data repository was the S3 bucket of the Amazon Services of the Web (Fox News 2017). This data repository was administered and monitored by the NICE Systems. They were responsible for the back office as well as call centre works of Verizon. The names, account details, addresses and other essential information was leaked and accessed through the S3 bucket of the Amazon Services. The PIN codes of the customers that used to verify the Verizon account were also leaked and under danger. Their phone numbers were also leaked. This data breach shows the insecurity of cloud computing and its challenges (Romanosky, Hoffman Acquisti, 2014). This leaked the information of 14 million people of the United States who were the customers of the Verizon, telecommunication carrier. The other main reason for the cause of this data breach was the non configuration of the cloud based structure provided by the third party vendor called NICE Systems. This was reported by the UpGuard on around 13th June and it was closed on 22nd June. The reason behind such data breach is a business risk as the sensitive information is under the main control of the third party. If the third party does not take proper responsibility of the cloud or does it in a deliberate purpose then this can create data breach affecting millions of users. NICE System has a history that is not strong. History of this third party in supply technical to different firms reveal an indicator of unsettled manner of the surveillance that was sponsored by the state. Customers could log in to their accounts and get information from a repository that can be downloaded (Khalil et al., 2013). This is an alarming signal because if the data can be downloaded then it can be shared with any third party resulting in major loss to the US companies. How did the Data Breach Occur Configuration is the most important issue in a cloud network. There can be any incorrect configuration leading to issues regarding management of the network. Tools should be used in a proper technique to allow the cloud to work in an efficient and effective manner. There was major problem in the base of the infrastructure of the IT. This internal problem was known as misconfiguration (Uchiumi, Kikuchi Matsumoto, 2012). This misconfiguration in the infrastructure can lead to around 70 to 99 per cent data breaches. There were no external or malicious hackers. These third party vendors have visibility in the total tool chain of the IT system and this led to the problem in Verizon. There was business risk due to dysfunction. These dysfunctional characteristics were not identified at the early stage. The other main reason for the cause of this data breach was the non configuration of the cloud based structure provided by the third party vendor called NICE Systems. NICE System has a histo ry that is not strong. The NICE System should have looked into the matter and made the system more secured before anything like this could take place. It is extremely challenging for any organization to find out the loopholes and problems in the configuration of the cloud network. Proper identification of incorrect configuration can solve the issue regarding this matter. The third party vendor should look into the matter and solve the misconfiguration issue. The configuration of the IT systems should be carefully managed before any stated of disorder takes place (Patel et al., 2013). The software should be upgraded on a continuous and regular basis. The hardware performance also needs to be checked so that there is no degradation in the performance. The downtime in the system must also be resolved in an efficient manner. Proper cyber security policy along with signature authentication must be incorporated in the system. The shielding of the vulnerabilities must be done by updating and patching the software on a regular basis from various points of access. Proper encryption keys must be involved in the system. The cloud architecture must be protected. Third party vendors should be selected properly by reviewing its history. Here the NICE Systems history was not commendable. There must be important and secure privacy policies in order to access the pri vate information of the system. The vendor must be transparent with its client (Shabtai, Elovici Rokach, 2012). The client company must analyze and study the issues regarding the vendor company before deciding the issues. A web gateway application can also reduce or eliminate the chances of risks in the system. The ransomware cyber attack that took place in May 2017 was the most dangerous attack that took place across the world. It is known as the WannaCry ransomware attack. It is a cyber attack that was done by the WannaCry ransomware cryptoworm (Mohurle Patil, 2017). It had targeted those computers that were running the operating system of the Microsoft Windows. The data of this operating system were encrypted. The attackers had demanded ransom payments. These payments were asked to be paid in the Bitcoin cryptocurrency. The attack had taken place in around 12th of May, 2017. It was on a Friday. It had infected around 230000 computers and more in more than 150 countries. National Health Service of the United Kingdom was partly affected (Collier, 2017). It could run few services that were required in emergency situation when the attack took place. Few days after the attack took place a researcher of security discovered kill switch and found out the ransomware code that led to the initial slow process of the attack. But later on in 15th of May, 2017 it was found out that the other advanced versions of the ransomware had been invented and these lacked the kill switch. Microsoft had detected its vulnerabilities and released the techniques and methods in order to overcome the flaws and faults in the present system. The newer versions like Windows 7 and Windows 8 are safe. People who are still using the Windows XP and other unauthorized versions are still under the security risk. The Affected Organizations or Countries It was reported by Europol that approximately 230000 computers that had the Windows operating system were affected as they were infected by ransomware. This was spread over 150 countries across the world. The most affected countries were reported to be India, Ukraine, Taiwan and Russia. The National Health Service of the United Kingdom and Scotland hospitals were affected in a severe manner (PASCARIU, BARBU BACIVAROV, 2017). It had infected over 70000 computer devices in the hospitals. It also included the MRI scanners and theatre equipments. The production in the Nissan Manufacturing in United Kingdom was halted because the ransomware were infected in their systems. It has also affected Renault. It has stopped its production in various sites. The attack was not as powerful as any other cyber attack. The firm called Cyence had made a risk model that showed that there were economic losses that was approximately 4 billion dollars. Other groups had estimated that there were losses of 1 00 million dollars. Names of few of the organizations were Honda, Deutsche Bahn, Hitachi and many more. These affected organizations and countries faced huge trouble due to the ransomware attack. The ransomware attack called WannaCry attack had taken place on 12th of May, 2017. The initial thing that happened was took place in Asia at around 7:44 am in the morning. It had taken place through an SMB port that was exposed due to its vulnerability (Mattei, 2017). It was not done through email phishing. The malware had first checked whether there was any kill switch domain. In the absence of such domain the ransomware attacks the system and encrypts its data. It then exploits the vulnerabilities of the SMB. After the attack, it had displayed a message asking for 300 dollars Bitcoin in a span of three days or 600 dollars in seven days (O'Gorman McDonald, 2012).By 14th of June, 2017 there were 327 payments resulting in a total amount of 130634 dollars that had been transferred. Windows XP were still under high risk as the WannaCry ransomware could affect it. Microsoft Protection Center that looks after the malware issues had mentioned several steps that can be taken in order to prevent the WannaCry ransomware attack (O Dowd, 2017). Installation and usage of antivirus software that is up to date will help to resolve many issues. The software must also be up to date. They should avoid clicking on any websites or open any type of attachment. There must be regular backup for important files. The pop up advertisements must be blocked in every page. Software must be installed that will help to identify any type of phishing or malware attacks (Martin, Kinross Hankin, 2017). Patches should be applied to the Windows that is recommended by Microsoft Security Bulletin. Conclusion This report concludes that the data breaches are spreading with time. This report has discussed about the Verizon data breach that took place in July, 2017. It also gave a detailed report on the causes, affected people and the possible solutions for this problem. The second part of the report stated about the WannaCry ransomware attack that took place in May, 2017. It pointed out the reason behind and the preventive measures of the ransomware attack. It can be concluded that these attacks can be resolved by using several preventive measures. References Collier, R. (2017). NHS ransomware attack spreads worldwide. Fox News. (2017). Verizon data breach: 14 million customers reportedly exposed. Retrieved 27 August 2017, from https://www.foxnews.com/tech/2017/07/12/verizon-data-breach-14-million-customers-reportedly-exposed.html Khalil, I. M., Khreishah, A., Bouktif, S., Ahmad, A. (2013, April). Security concerns in cloud computing. InInformation Technology: New Generations (ITNG), 2013 Tenth International Conference on(pp. 411-416). IEEE. Martin, G., Kinross, J., Hankin, C. (2017). Effective cybersecurity is fundamental to patient safety. Mathews, L. (2017).Millions Of Verizon Customers Exposed By Third-Party Data Leak.Forbes.com. Retrieved 27 August 2017, from https://www.forbes.com/sites/leemathews/2017/07/13/millions-of-verizon-customers-exposed-by-third-party-leak/#929962836bc9 Mattei, T. A. (2017). Privacy, Confidentiality, and Security of Health Care Information: Lessons from the Recent WannaCry Cyberattack.World Neurosurgery,104, 972-974. Mohurle, S., Patil, M.(2017). A brief study of Wannacry Threat: Ransomware Attack 2017.International Journal,8(5). ODowd, A. (2017). NHS patient data security is to be tightened after cyberattack. O'Gorman, G., McDonald, G. (2012).Ransomware: A growing menace. Symantec Corporation. PASCARIU, C., BARBU, I. D., BACIVAROV, I. C.(2017) Investigative Analysis and Technical Overview of Ransomware Based Attacks. Case Study: WannaCry. Patel, A., Taghavi, M., Bakhtiyari, K., JNior, J. C. (2013). An intrusion detection and prevention system in cloud computing: A systematic review.Journal of network and computer applications,36(1), 25-41. Romanosky, S., Hoffman, D., Acquisti, A. (2014). Empirical analysis of data breach litigation.Journal of Empirical Legal Studies,11(1), 74-104. Shabtai, A., Elovici, Y., Rokach, L. (2012).A survey of data leakage detection and prevention solutions. Springer Science Business Media. Uchiumi, T., Kikuchi, S., Matsumoto, Y. (2012, September). Misconfiguration detection for cloud datacenters using decision tree analysis. InNetwork Operations and Management Symposium (APNOMS), 2012 14th Asia-Pacific(pp. 1-4). IEEE.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.