High Profile Security Attacks - Case Study Of Kmart Essay.

Assessment of the Cyber Attack

Describe about the High Profile Security Attacks for the Case Study of Kmart.

In Australia the Kmart is one of the biggest retailers having the revenue of 4.6 billion AUD in the year 2015. Last year the company confirmed that there is a security breach in their customer database. This caused the exposure of the different sensitive information about the consumers of this company (Brookes 2015). The information’s like the consumers name, their physical address, mailing address, billing address and the history of their purchases in the past.

According to the Kmart officials, consumer who has purchased items from the Kmart Australia are affected by the security breach (Tajpour Ibrahim and Zamani 2013). The organization proactively notified the OAIC (Office of the Australian Information Commissioner). Furthermore the company engaged a group of IT forensic engineers to find the different loopholes that are responsible for the breach (Paczkowski et al. 2015). As the Kmart Australia is only source of information about the attack but the details of the information is not validated by the publically available information.

In Australia the retailers are frequently targeted for this type of data theft or security breach attacks (Wright and De Hert 2012). The main objectives behind these kinds of attacks, is to get the different financial information’s of the consumers. The financial information’s includes the credit card numbers, passwords of the theses cards, details about the consumer’s bank account etc.

Figure1: Logo of Kmart

(Source: Kmart.com.au)

The security threats to the information system of an organization can be defined by the entities, persons or the objects that can be a danger to the organizational assets (Von Solms and Van Niekerk 2013). These threats can be acts of espionage by the competitive organizations, human error or failure, deliberate act of theft or software attacks etc (Tajpour Ibrahim and Zamani 2013). In addition to that there are some other unintentional flaws like the lack of training for the staffs, addition of the unauthorized security devices, and lack of the proper reporting hierarchy in the organization acts as the catalyst in the security breach (Lee et al. 2013). Following are the possible way of maintaining Security Breach at Kmart –

The Botnet’s can be defined as the network of bots that are created to automatically spread malware in a computer network so that they can exploit the workstations of a organizations and get the organizational and its consumer information’s.

Possible ways of maintaining Security Breach at Kmart

Fast flux- The Fast flux is a DNS technique that is used by the Botnet’s to hide the delivery site of the Phising and malwares. This is done by the covering the sites under the ever-changing network of systems (Von Solms and Van Niekerk 2013). These networks are actually network of the compromised hosts which are acting as the proxies in the whole process.

These are devices that are used in fraudulent activities. These devices are used to steal the credit card details. In this technique the information’s of the credit cards are stolen at the time of swiping the card in the device (Hutchings and Holt 2014).

Most of the key loggers are malwares. The Trojan horse may contain keylogger as the functionality of this virus. This malwares are used to get the credit card numbers, passwords and other sensitive information’s.

In the case of Kmart Australia the malware infected the point of sales system. Using this malicious software’s, the attackers try to get the customer’s credit card and debit card information’s (Irwin and Choo 2013). According to the officials of Kmart, only the track 2 details of the credit and debit cards are stolen.

According to Von Solms and Van Niekerk (2013), security is a process and not a product. Therefore the process needs to be modified according to the needs or requirements of the organization. At the same time it is also important that while implementing security methodologies, the availability of the business must not be affected (Herath et al. 2014). Thus the balance between the protection from the fraudulent activities and the availability of the business to the customers must be maintained.  

Protection from malware

The Company decided to establish and maintain malware defense methods to detect and respond to the known as well as unknown malware attacks.

This method is used to patch known vulnerabilities with the latest version of the software. This patch helps the organization to prevent the attacks which exploits software bugs (Tajpour Ibrahim and Zamani 2013).

It is done to restrict the functionality of each and every device used in the stores or by the employees.

Encryption is used by the individuals and organizations to keep data secret.  By using the encryption technique, the organization can convert the intended message into a form that needs to be decrypted to get the actual information (Hutchings and Holt 2014). This encrypted data is called the cipher text.

Incident Strategy

Execution control

The Kmart asked its employees to control the execution of any unknown program on their workstations.  It is used to prevent unknown software (malwares) from being able to run or install itself into the workstations (Wright and De Hert 2012). This kind of programs includes the “AutoRun” on USB and CD drives.

This mitigation technique includes the use of the secure content management system. In this method for a given document a set of hashes are created depending upon the data at rest (Chen and Zhao 2012). Utilizing this technique the original document is converted in to a collection of hashes.

Figure 2: Encryption of data

(Source: Chen and Zhao 2012, pp-552)

Authenticate the identity of the users

It is important for the organizations to verify the individual’s identity on the network.  Also it is to be ensured that, the right level of access privileges and restrictions are enforced on the database to protect the organizational and consumer data from the intruders.

In order to overcome this type of threats the company realizes that it is important to train the employees so that they can make themselves secure while working online (Tajpour Ibrahim and Zamani 2013). They are advised to not to click links or pop-ups, open attachments or respond to email from strangers or unknown sources. 

In order to avoid the future cyber attacks the Kmart should think about implementing the following security measures,

Use of URLs:

The employees of Kmart must be advised to use URLs instead of links. Moreover, they should not to respond to online requests or mails asking for Personally Identifiable Information.

Stateful inspection:

The Company should think about using the stateful inspection of the data packets at the network firewall that are arriving and leaving the network. The stateful inspection is about inspection of some significant attributes like the IP addresses of the work stations, ports used in the connection and the sequence number of the data packets.

As the new technologies are emerging, the organizations tend to use those in their different business processes. As an example the organizations are using the VoIP, instant messaging for communication purpose inside and outside the organization. With this use of new technologies the probability of the security risks are also increasing day by day. There is much vulnerability in these technologies that can exploited by the hackers and the sensitive data can be affected. The organization needs to understand the importance of the data – both what it is and what it is worth to the business. Therefore to get the maximum benefit from the consumer data and to make the consumers feel safe the Kmart should take initiatives like appointing some cyber security experts to detect the loopholes in the existing system. These experts can also help in creating new methods that can improve the security of the organizational data.

References

Brookes, C., 2015. Cyber Security: Time for an integrated whole-of-nation approach in Australia. Indo-Pacific Strategic Papers.

Chen, D. and Zhao, H., 2012, March. Data security and privacy protection issues in cloud computing. In Computer Science and Electronics Engineering (ICCSEE), 2012 International Conference on (Vol. 1, pp. 647-651). IEEE.

Ghosh, A., Gajar, P.K. and Rai, S., 2013. Bring your own device (BYOD): Security risks and mitigating strategies. Journal of Global Research in Computer Science, 4(4), pp.62-70.

Herath, T., Chen, R., Wang, J., Banjara, K., Wilbur, J. and Rao, H.R., 2014. Security services as coping mechanisms: an investigation into user intention to adopt an email authentication service. Information systems journal, 24(1), pp.61-84.

Hutchings, A. and Holt, T.J., 2014. A crime script analysis of the online stolen data market. British Journal of Criminology, p.azu106.

Irwin, A. and Choo, K.K.R., 2013. The Future of Technology in Customer Identification & Relationship Risk. Thomson Reuters Accelus, pp.1-13.

Kearns, G.S., 2016. Countering Mobile Device Threats: A Mobile Device Security Model. Journal of Forensic & Investigative Accounting, 8(1).

Lee, S.B., Wong, S.H.Y., Lee, K.W. and Lu, S., 2013. Content management in a mobile ad hoc network: beyond opportunistic strategy. International Journal of Communication Networks and Distributed Systems, 10(2), pp.123-145.

Paczkowski, L.W., Parsel, W.M., Persson, C.J. and Schlesener, M.C., Sprint Communications Company LP, 2015. Trusted Security Zone Containers for the Protection and Confidentiality of Trusted Service Manager Data. U.S. Patent 9,049,013.

Tajpour, A., Ibrahim, S. and Zamani, M., 2013. Identity Theft Methods and Fraud Types. IJIPM: International Journal of Information Processing and Management.

Von Solms, R. and Van Niekerk, J., 2013. From information security to cyber security. computers & security, 38, pp.97-102.

Wright, D. and De Hert, P., 2012. Introduction to privacy impact assessment. In Privacy Impact Assessment (pp. 3-32). Springer Netherlands.