Part A:
Search the web for news on computer security breaches that occurred during September-December 2015. Research one such reported incident. Prepare a report focusing on what the problem was, how and why it occurred and what are the possible solutions. Part B:
Research about any popular hack case on the web which happened between 2012 and 2016 (For example, one very popular hack case is JPMorgan chase hack case (2015)) and prepare a report focusing on the following questions:
What was the problem?
Who were affected and how?
How was the attack carried out?
What could have been done to prevent the attack?
This assessment task is based on the following topics discussed in the subject: the overview of Information security fundamentals, security threats, cryptography, malicious software and its countermeasures, operating system security and software security.
The assessment task is aligned with the following learning outcomes of the subject:
On successful completion of this subject, students will
be able to justify security goals and the importance of maintaining the secure computing environment against digital threats;
be able to explain the fundamental concepts of cryptographic algorithms;
be able to examine malicious activities that may affect the security of a computer program and justify the choice of various controls to mitigate threats.
• be able to compare and contrast the security mechanisms of a trusted operating system with those used in a general purpose operating system;
Lloyds Bank is a public limited company offering financial services including banking and insurance (Lloyds, 2015). In September 2015, the bank acknowledged a data breach that had exposed particular details of its customers. The stolen data had been in a storage device belonging to Royal Sun Alliance (RSA) one of the banks partners (Williams-Grut, 2015). The bank said RSA was providing insurance covers for a number of their clients who had premier accounts. In a statement on their website, Royal Sun Alliance confirmed that the data theft had occurred at one of their data centers (The Guardian, 2015). The device comprised of private details of thousands of Lloyds Bank customers including their names, account numbers, addresses, and sort codes. The affected customers maintained premier accounts with the Bank that came with emergency home insurance (Milligan, 2015). According to an article by BBC News (2015), the data theft only affected clients who had opened accounts in the middle of 2006 and 2012, and those who had made claims on their insurance policies.
Company data and information are very significant to its growth and productivity. Therefore organizations need to heighten information security mechanisms for their data and information. Data threats are not only external but are also internal which is even more risky for businesses. An intruder was able to access one of Royal Sun Alliance (RSA) data centers and steal a storage device holding client information. Royal Sun Alliance (RSA), the bank’s partner offering insurance to their customers said there was no indication that the storage device had been by swindlers (Milligan, 2015). The company said that none of their accounts in their system had been attacked since the data breach occurred. However, clients were instructed to carry out identity protection to add on to their security layer (Milligan, 2015).
There is no documented evident reason as to why the intruders stole the storage device in the case of the Lloyds Bank. However, the researcher can deduce from the stolen information, that the attacker obviously would use the stolen data for malicious reasons including identity theft or for selling the information in the black market. Just this year, a Brazilian bank lost its online platform to hackers who gained control of the bank's Domain Name System (DNS) and work emails for about five hours (Olenick, 2017). The attackers then went ahead to insert data frames that forwarded bank clients and guests to completely different sites containing malware. February 2017 also recorded various polish bank hack attacks where data and information were stolen by unknown attackers (BadCyber, 2017). While there are many reasons why hackers intrude business organizations, their major motivation is financial gain. According to a report by Kaspersky a major cyber security firm, North Korea has now been connected to hack attacks on banks in more than 15 countries (Pagliery, 2017). System intrusions by hackers is increasing at alarming rates and the hackers targeting banking institutions are clearly driven by financial gains. The researcher is of the opinion that, if the attack is directed to a financial institution, then the attacker’s motive is money related. Either, direct money theft or information theft that will be subsequently sold in the black market for financial gains. Other motives for hacking include the following
- Inspections of system vulnerabilities, often done to cross check system weaknesses
- Individual challenges and thrills from hackers who set targets for themselves to gauge how skilled they have become
- Malicious resolutions by rebels and external governments against enemies
Problem Statement
According to Prince (2017), one of the most effective mechanism against security breaches is user security alertness training. Teaching inside workers enables prevention of mistakes that could otherwise lead to security breaches. Most successful major attacks have been as a result of hackers manipulating employees. Other measures that can help evade avoid systems attacks include
- Encryption mechanisms - employing good encryption policies on business systems and IT devices is keytowards reducing system attacks.
- Intrusion detections and deterrence ought to be used for all systems reachable through the Internet.
- Employing 2-Factor Authentication (FA) which offers extra security above usernames and passwords by adding features that only user have on them
- Vulnerability system inspections -businesses should always perform consistent vulnerability system assessment scans all their internal and external systems
- Use of biometric methods for verification as they rely on physical attributes that only authorized users have such as fingerprint, face, voice etc.
- Regular performance of all software updates since hackers take advantage of applications that have.
Named after its founder, Kaspersky Lab is an international cyber security and anti-virus provider based in Moscow, Russia. Kaspersky Lab creates and markets password management, antivirus, endpoint security, internet security including other cyber security services and products (Kaspersky Lab, 2017). The company boasts of around 400 million users and aims at enhancing systems security intelligence and expertise. It is therefore continually renovating into security services and solutions to safeguard companies, customers and governments worldwide. In September 2015, Kaspersky Lab owner said in an article that they had discovered an attack attempt on their internal network (Kaspersky, 2015). According to him, the invaders were concerned with learning about the technologies utilized at the company including security networks and operating systems and fraud preventing procedures (Kaspersky, 2015). The spasm was wisely calculated and implemented by the attackers that were also behind the scandalous Duqu APT attack. The Lab believed that the attack was a nation-state supported campaign. The attackers also desired to discover about investigations that were going on at the company, study their analysis abilities and prevention procedures. The company CEO also added that they were attacked as they were well recognized for safeguarding information against malicious codes (Kaspersky, 2015).
The attack utilized zero-day exposures after which the malware spread in the network after elevating itself to domain administrator rights. The cyber-attack did not leave any files or modify system settings which made its detection particularly difficult. Above and beyond intellectual theft, no extra indications of the malicious action were discovered. The investigation revealed that the aim of the hackers was to scout on the Lab technologies, their ongoing research and inside processes. No intrusion with system processes was discovered (Kaspersky Lab, 2015).
According to a statement on their website, the cyber security giant, Kaspersky Lab, stated that some hackers had intruded their systems. According to them, the hackers were a generation into the future and they had not seen it coming (Kaspersky, 2015). The attackers had used a technique that targets zero-day vulnerabilities (Hautala 2015). Zero day vulnerabilities refer to holes in software applications that developers do not know about and can be very serious threats to organizations (Security News, 2017). This security holes are usually ill-used by hackers before the developers come to be aware and try to fix the vulnerabilities. Zero day attacks can comprise penetrating spyware, malware or permitting unwelcome information access to end users (Security News, 2017). Hackers use zero-day to exploit applications soon after they have discovered them. They attack rapidly before security teams or the software vendors know about the weakness or have yet been able to repair them. Hackers therefore take advantage of the developer’s absence of mindfulness and the lack of patches which simplifies their malicious activities.
Motive for the bank's data breach
According to a Symantec internet security report done released in 2014, there were extra zero-day weaknesses revealed in 2013 than in the previous years. Four years later the zero-day vulnerabilities could have only increased (Symantec Corporations).There are no major techniques to detect zero-day exploits that are one hundred percent dependable but organizations can always perform defensive measures intended to avoid infections (Stobing, 2015). Not much could have been done to stop the zero day attack at Kaspersky but some measures could have been used to detect and prevent it including
- Software patch management – ensuring that all software systems were upgraded with up to date software patches. The outcome of this procedure is a little lacking since the attack is still unknown and there would be no patch readily available to address the attack. Nevertheless, with all software systems up-to-date, it would have been possible to minimize the impacts of such an attack and contain additional threats.
- Making use of good antivirus solutions that detect and prevent against both known and unknown threats.
- Ensuring that safeguarding of network software is performed periodically thus preventing renewed threats.
- Repeated network systems inspections double- system log and active processes
Conclusion
From the study and research conducted above, it is clear that no one organization is secure from the alarming rate of cyber security attacks that has proliferated today’s cooperate world. Hackers are capable of attacking any business or company irrespective of how small, large or secured it is deemed. This is seen from the fact that they attempted to intrude Kaspersky Lab systems, one of the largest company providing systems security worldwide. Hacker attacks have greatly increased. A lot of business procedures have been automated and companies are storing most of their data and information on the cloud. Business organizations are more connected than never before. Company local area networks (LANs) connected to wide area networks (WANs), cloud computing technologies, wireless networking including other technological advances have made attacker tactics simple. In addition some businesses are majorly ecommerce businesses meaning all their operations are online. Banking institutions have introduced online banking procedures. This emerging technologies have improved the way business processes are carried out but on the other hand have introduced data and information theft by hackers. It is important therefore that organizations employ secure procedures to safeguard their data and information. Lack of securing business systems will see to it that hackers will continue intruding and stealing business information for malicious gains.
Technological advancements have on one hand enhanced business procedures, and on the other, improved practices of data and information theft. Attacks on data and information theft are being reported day in day out. Although securing business organizations cannot be done one hundred percent, it is vital that organizations should apply mechanisms to ensure data and information security. Organizations should embrace and deploy secure measures of protecting data and information from attackers. Businesses ought to safeguard their data and information through the use of up to date software applications, systems audits and inspections to discover and prevent system exposures. Businesses should also inform workforces about user validity and authenticity to safeguard against social engineering and other phishing swindles.
References
BadCyber (2017). Several Polish banks hacked, information stolen by unknown attackers. Retrieved from https://badcyber.com/several-polish-banks-hacked-information-stolen-by-unknown-attackers/
Hautala, L. (2015). CNET News: None of us is safe: Major cyber Security Company hacked. Retrieved from https://www.cnet.com/news/none-of-us-are-safe-major-cybersecurity-company-hacked/
Kaspersky Lab. (2017). Kaspersky Lab Overview: Our values and services. Retrieved form https://www.kaspersky.com/
Lloyds Bank. (2015). Products and Services. Retrieved from https://www.lloydsbank.com/
Joshi, A. (2004). How to protect your company from 'zero-day' exploits. Retrieved from https://www.computerworld.com/article/2575145/security0/how-to-protect-your-company-from--zero-day--exploits.html
Kaspersky, E. (2015). Kaspersky Lab investigates hacker attack on its own network. Retrieved from https://blog.kaspersky.com/kaspersky-statement-duqu-attack/8997/
Milligan, B. (2015). BBC News: Thousands of Lloyd’s customers have personal data stolen. Retrieved from https://www.bbc.com/news/business-34209500
Olenick, D. (2017). Brazilian bank hacked, loses control of its online presence. Retrieved from https://www.scmagazine.com/brazilian-bank-hacked-loses-control-of-its-online-presense/article/648773/
Pagliery, H. (2017). North Korea-linked hackers are attacking banks worldwide. Retrieved form https://edition.cnn.com/2017/04/03/world/north-korea-hackers-banks/
Prince, K. (2017). Ways to Prevent Data Breaches: IT business Edge. Retrieved from https://www.itbusinessedge.com/slideshows/show.aspx?c=79585&slide=7
Security News (2017). What is a Zero-Day Vulnerability? Retrived from https://www.pctools.com/security-news/zero-day-vulnerability/
Symantec Corporation, (2014). Internet security threat report. Retrieved from https://www.symantec.com/content/en/us/enterprise/other_resources/bistr_main_report_v19_21291018.en-us.pdf.
Stobing, C. (2015). What is a zero-day attack, and can anything defend against it? Retrieved from https://www.digitaltrends.com/computing/what-is-a-zero-day-attack-and-can-anything-defend-against-it/
Read more: https://www.digitaltrends.com/computing/what-is-a-zero-day-attack-and-can-anything-defend-against-it/#ixzz4df0cJyM9
The Guardian. (2015). Bank details of thousands of Lloyds's customers lost. Retrieved from https://www.theguardian.com/money/2015/sep/10/bank-details-of-thousands-of-lloydss-customers-lost
Williams-Grut, O. (2015). Thousands of Lloyds Bank's top customers just had their data stolen in the most depressingly simple way, Business Insider. Retrieved from https://uk.businessinsider.com/lloyds-premier-account-data-breach-2015-9?IR=T
To export a reference to this article please select a referencing stye below:
My Assignment Help. (2021). Security Breaches In Sep-Dec 2015 And Popular Hack Cases (2012-2016) Essay.. Retrieved from https://myassignmenthelp.com/free-samples/c04295-information-technology/financial-services.html.
"Security Breaches In Sep-Dec 2015 And Popular Hack Cases (2012-2016) Essay.." My Assignment Help, 2021, https://myassignmenthelp.com/free-samples/c04295-information-technology/financial-services.html.
My Assignment Help (2021) Security Breaches In Sep-Dec 2015 And Popular Hack Cases (2012-2016) Essay. [Online]. Available from: https://myassignmenthelp.com/free-samples/c04295-information-technology/financial-services.html
[Accessed 12 November 2024].
My Assignment Help. 'Security Breaches In Sep-Dec 2015 And Popular Hack Cases (2012-2016) Essay.' (My Assignment Help, 2021) <https://myassignmenthelp.com/free-samples/c04295-information-technology/financial-services.html> accessed 12 November 2024.
My Assignment Help. Security Breaches In Sep-Dec 2015 And Popular Hack Cases (2012-2016) Essay. [Internet]. My Assignment Help. 2021 [cited 12 November 2024]. Available from: https://myassignmenthelp.com/free-samples/c04295-information-technology/financial-services.html.