Thursday, December 12, 2019

Severity Level of Security Breaches

Question: Discuss about the Severity Level of Security Breaches. Answer: Introduction As the business and society become increasingly dependent on data, the threat landscape exponentially expanding day by day. Organizations are trying their heart and soul to introduce innovative and stronger defenses against security threats (Allodi, KotovMassacci,2013). Simultaneously cyber criminals applied more new tactics and techniques that break away all that efforts (Jaferian et al., 2016). This report concentrates on two recent and biggest security breaches; one is LinkedIn data breach and other is Anthem medical security breach. In the following sections, background of the problem, its impacts and the best possible solutions to avoid this kind of problems in future is discussed. Bitcoint Theft in Hong Kong Background of the Security Breach From a reported security breach from Bitfinex, it has come in front that, Bitcoins (Currency Exchange Office in Hong Kong) of worth around 72 million dollar was stolen. It is the second largest theft occurred in august 2016, after the cyber security attack in Mt Gox, where almost 12, 000 units of bitcoins were stolen (Coppola, 2016, August 06). Bitfinex is the largest exchange office of the world to exchange bitcoin into dollars. It is one of the renowned digital currency communitieswhich have deep liquidity in bitcoin currency in USA. This security breach comes in front after two months of scrutiny for prohibited transactions. Bitcoins is a digital currency created with safety and anonymity in mind. Unfortunately, no buyer protection is there. Whenever, customers went to buy any products by paying a Bitcoin, the transaction was failed. From the incident it can be stated that, the ownership of the organization is always masked which leads to this kind of security attack (Coppola, 201 6, August 06). Occurrence of the Security Breach BitFinex has come under the allegation of Futures Trading Comission and U.S commodity for providing financial exchange transactions in the digital currencies using bitcoin. As a virtual digital currency system, transaction is done though bitcoin without any intermediary state. This is also known as cryptocurrency and is the largest in terms of market value. The security attack is the reminiscent of 2014 security breach where Mt GOx (Tokyo Based Exchange Office) lost 500 million dollars bitcoin (Coppola, 2016, August 06). After the security breach happened in Hong Kong, Bitfinex announced that the compensation will be done by providing BFX labeled tokens. However, this is still not transferred into reality which put off many persons to not adapt this. Amongst the total unit of Bitcoin, only .75 percent amount was stolen. Users who logged in the platform of this organization, have discovered that 36.06 percentage of people suffered due to this cyber security attack. Multiple accounts were hacked and significant number of customers or a subset of bitcoin trade community was highly impacted. Customers expressed their anger and stated that absence of proper security protocols such as two factor authentication resulted in the transfer of funds to exchange. The greatest impact is price has fallen down by 20% after the massive security breach occurred. For a long time, users were not been able to access their funds. They were not also able to withdraw their account which leads to grater conflicts and disruptions. Best Possible Countermeasures Countermeasures can be adopted but risks are always there (Kolfal, Patterson Yeo, 2013). Bitcoin is still unknown to many persons and everyone does not feel comfortable to have a currency which is not printed in a physical format properly (Barlow et al., 2013). In addition, this consists of anonymous transactions such as torrent website which proves that the system is not proper. People should avoid purchasing of large amount of goods with the help of Bitcoins to reduce volatility. Seeking help from third party can be taken to settle down this kind of disputes in future. From technical point of view, the digital currency should encrypt their digital wallet with a strong password such as mix of upper and lower case letters almost of 16 characters including numbers and punctuation marks (Kurmus et al., 2013). In addition, users should use offline wallet for saving purposes which will not be connected to any kind of network or grid. This kind of mechanism is known as cold storage. Users can also backup their wallet by restoring all the private keys of invisible and visible Bitcoin addresses. Encrypting the online backups is one of the best security countermeasures. Instead of central storage, multiple secure locations should be used to store the wallet which can recover the Bitcoins failure in future. Amongst all these preventions, cold storage mechanism is the best to recover this situation by mitigating all the vulnerabilities. Anthem Medical Data Breach Background of the Problem Anthem Inc. is the second largest health insurance organization, headquartered in USA faced massive cyber security breach in 4th February of 2015 (AnthemFacts.com. 2016, August 12). More than 37 million information were hacked by the criminal hackers which was stored in central server of the organization. In this cyber security attack personal information of 78 million people were hacked, however, financial and medical information were not affected. Unfortunately, confidential information of 80 million companies were compromised in this security breach which comprised of medical IDs, email addresses, social security number, employment information and many others (AnthemFacts.com. 2016, August 12). The victims are former as well as new members of Anthem Health plans whose personal information were stolen by the hackers due to the presence of security loopholes in IT system of the organization. According to the investigation report, almost 10 million Americans were trapped under this s ecurity attack. As this type of organization does not use simple PII (Personally Identifiable Information) like mobile company or banks, cyber crooks can easily made their targets on internal database of the organization. Various medical plans of this organization such as Blue Cross Blue Shield (BCBS), Blue Cross have been largely impacted which are not operated by Anthem but also by various providers in USA (AnthemFacts.com. 2016, August 12). Impacts of Security Breach This has significant negative impacts on the organizational associations, the business partners and most importantly on the customers. Whenever this incident has become publicly available, customers were worried about their security and they lose their trust from the organization. As a result, most of them withdrawn their medical policies which leads to significant losses for the organization. Occurrence of the Security Breach Based on the former name of Anthem, Wellpoint, the attackers has created a domain name wellpoint.com. By creating this site, the attackers were tried to get access on the internal IT system including the database and server of the organization through phishing attack. Through this attack, hackers created a fake log in page which helped to gain access in the actual websites of the organization (Bogdanoski, ShuminoskiRisteski, 2013). The fake log in page has consists of two files; one is login.php and the other one is index.html page. The hackers uploaded these pages on the hosting site which helped the attackers to create their own accounts. After creating the own account, attackers uploaded both the files of phishing page on the control panel of IT system. Now, whenever the users try to access the service of Anthem the log.txt page stores password of the users and all the confidential information of the users got hacked. The phishing emails contain malicious software which can slow d own the computer operation or can track users activities. By sending the fake emails to the users, users accounts got hacked by the cyber criminals and all the confidential details were stolen. Best Possible Countermeasures Credit Freeze: Security freeze is one of the best options to prevent oneself from this kind of security attacks. Using of this mechanism will halt the hackers to get access on users account without their permission (Loske et al., 2014). Eve if the cyber criminals try to to gain access, alert will be displayed to the users and the criminal will be blocked. Two Factor Authentications: Two step authentications is the best where one time password is not enough to get access on the account (Nwobodo, JahankhaniEdoh, 2014). Whenever anyone will try to log in to the business account, after giving the password for the first time, it will again ask for processing with the second step. In this ways, hackers will not be able to get access of users or business accounts (Chen et al., 2016). Change Id and Password Frequently: Users, whose accounts are associated with Anthem medical organization, should been protected with strong password and the password along with log in id should be frequently changed (PadrStanilovsky, 2012). In addition, the setting on the account should be properly configured, so that whenever hackers will try to steal the confidential information, automatic alert message will be displayed on the personal devices of the users (Breitenbauch, 2015). Avoid Phishing Scams: users should be always aware of the emails coming from unrecognized senders (Jing et al., 2014). Whenever, users will do any kind of transactions, the site should be checked properly such as the lock icon on the status bar or the URL link which should be initiated with https rather than http. Emails coming from the unknown senders should be checked before fetching any attachment or clicking on any website (Ristov, GusevDonevski, 2013). Users or organization should not provide any kind of personal or confidential information from on the pop up screen. Moreover, web address should not be copied on the browsers which are displayed on the prop up screen. Encryption Technique and Firewall: Entire system of the organization should be properly secured with advanced security applications firewall, encryption technique and others (Hossain FotouhiHasan, 2015). These kinds of security protocols help to analyze each and every incoming and outgoing data of the network which helps to protect the system from malicious software and viruses (Borgohain, KumarSanyal, 2015). In addition, antivirus software should be used to guard the system and keep updated from regular patches. Conclusion Two massive security breaches are described in this report which helps to conclude the fact that, cyber attacks not only disrupts the entire business performance but also leads to greater conflicts amongst the customers. Two recent cyber security attacks one is Bitcoin theft of Hong Kong and other is Anthem medical data breach forced to think that enhancement of security is very crucial for the societal as well as cultural well fare. Both of these incidents are analyzed properly and it ha been discovered from the investigation that significant negative impacts of these cyber security breaches leads to think about the adaption of best possible solutions as preventive methods. Based on the analysis, encryption technique, two factor authentications and cold storage mechanism are suggested which can mitigate these problems in future for sure. References Allodi, L., Kotov, V. Massacci, F., (2013). Malwarelab: Experimentation with cybercrime attack tools. InPresented as part of the 6th Workshop on Cyber Security Experimentation Test. AnthemFacts.com. (2016, August 12). Anthem. Retrieved from https:/www.anthemfacts.com Barlow, J.B., Warkentin, M., Ormond, D. Dennis, A.R., (2013). Don't make excuses! Discouraging neutralization to reduce IT policy violation.Computers security,39, pp.145-159. Bogdanoski, M., Shuminoski, T. Risteski, A., (2013). Analysis of the SYN flood DoS attack.International Journal of Computer Network Information Security,5(8), p.1. Borgohain, T., Kumar, U. Sanyal, S., (2015). Survey of security privacy issues of internet of things.arXiv preprint arXiv:1501.02211. Breitenbauch, H. (2015). Defence Planning.Academic Foresights, (13). Chen, D.D., Egele, M., Woo, M. Brumley, D., (2016). Towards Automated Dynamic Analysis for Linux-based Embedded Firmware. InISOC Network Distributed System Security Symposium (NDSS). Coppola, F. (2016, August 06). Forbes. Retrieved from Forbes.com: https://www.forbes.com/sites/francescoppola/2016/08/06/theft-and-mayhem-in-the-bitcoin-world/ Hossain, M.M., Fotouhi, M. Hasan, R., (2015), June. Towards an Analysis of Security Issues, Challenges, Open Problems in the Internet of Things. In2015 IEEE World Congress on Services(pp. 21-28). IEEE. Jaferian, P., Hawkey, K., Sotirakopoulos, A., Velez-Rojas, M. Beznosov, K., (2014). Heuristics for evaluating IT security management tools.HumanComputer Interaction,29(4), pp.311-350. Jing, Q., Vasilakos, A.V., Wan, J., Lu, J. Qiu, D., (2014). Security of the internet of things: Perspectives challenges.Wireless Networks,20(8), pp.2481-2501. Kolfal, B., Patterson, R.A. Yeo, M.L., (2013). Market impact on it security spending.Decision Sciences,44(3), pp.517-556. Kurmus, A., Tartler, R., Dorneanu, D., Heinloth, B., Rothberg, V., Ruprecht, A., Schrder-Preikschat, W., Lohmann, D. Kapitza, R., (2013), February. Attack Surface Metrics Automated Compile-Time OS Kernel Tailoring. InNDSS. Loske, A., Widjaja, T., Benlian, A. Buxmann, P., (2014). Perceived IT security risks in cloud adoption: the role of perceptual incongruence between users providers. Nwobodo, I., Jahankhani, H. Edoh, A., (2014). Security challenges in the distributed cloud computing.International Journal of Electronic Security Digital Forensics 9,6(1), pp.38-51. Padr, L. Stanilovsky, E., (2012)Freeling 3.0: Towards wider multilinguality. InLREC2012. Ristov, S., Gusev, M. Donevski, A., (2013). Openstack cloud security vulnerabilities from inside outside.CLOUD COMPUTING, pp.101-107.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.