Proper Network Segmentationthe Improper Provide R
I have attached the chapter 10 textbook please refer to end of the pages for case studies.please read the posts and reply.
Main que:
Select one of the case studies beginning on page 256 – 259. Find at least 2 articles relating to the case study that you decided on (Dark Reading is a good site for security-related articles). In a minimum of 250-words, summarize the policy and process failures that allowed the breach to occur. Address the impact to an organization when this type of breach occurs, and discuss the steps that you would have taken to ensure that this type of breach wouldn’t occur in your organization.
ajay-InterContinental Hotel Chain (IHG) Breach:
Data breach occurs when an unauthorized access to sensitive, protected, or confidential
Data which have huge negative consequences for the business or organization involved,
as well as its customers and clients. A data breach triggers questions about the prior
warning signs, the event itself, and the required response and recovery after the data breach. So, consider IHG data breach this attack was occurred at cash register and compromised 1000 of its properties were affected because of malicious software designed to siphon customer payment details. After discovering this attack IHG coordinated with an outside computer forensic team to investigate this attack and determined that card-stealing cyber have planted malicious software on the point of sale device at hotel restaurant and this malware have driven most of the credit card details over years which even included intrusion code which are installed trough hacked remote tools and once they succeed in this process and able to get access to payment system and can remotely capture date of each card swiped at sale devices. With that card information they can encode the stolen data with a magnetic stripe and use it for high priced electronic purchase this issue was happed due to lack of proper encryption system installed on payment device and which cause huge impact on business.
Preventive method:
So any business sector can avoid this certain cyber attack further by following encryption pattern data transaction like after this event most of the business sectors like target, best buy and major shopping sector using (Point-to-point encryption) P2PE encryption method to protect customer card data even this can be even installed on point of sale device. In general, P2PE solution provider are third-party entity and they are overall responsible for design and implementation of specific P2PE solutions in any business sector as per there need. This P2PE standards contain detailed security requirement and testing procedure for application vendor to meet the protection of customer card data.
Some other thing which ever business sector needs to consider is audit coordination and regulator liaison, physical security, penetration testing and help desk incident response this could be regular method to keep our organization secure.
David-
Case Study: NASA Government Laptop Compromised (Pg 257)
Policy/Process Failures and prevention/remediation proposal:
There are several policy failures that occurred here. First, there were not enough preventative measures put into place to prevent the laptop from being stolen in the first place. First, employees should not be allowed to travel off-site with PII sensitive data that is not sufficiently protected. Second, an acceptable use policy should be enforced to encourage employees to properly handle equipment with confidential information. Although prevention is key, some backup measures should also be implemented in case those preventative controls fail. Ideally, everything should be encrypted, but at the very least all hard drives that contain sensitive data or are a high-risk of corruption or theft should be encrypted.
Impact of Failures:
The impact of this data being released could vary greatly depending on the laptops contents, the password strength used, and the criminal’s sophistication. If that data on the laptop contained enough information, wide-spread identity theft could occur or provide an attacker with enough information to impersonate high-ranking officials to gain access or pivot about the system. If the password used on the computer was long with mixed characters and symbols, it’s unlikely a brute force style attack would allow a hacker to gain access. It was even rumored the laptop contained commands for the international space station creating a potential national security problem. At the very least, this information is a potential foothold for a criminal to gain more information and at worst it is the information an attacker might want in the first place.
sasank-
Policy failure
Access control policy was a failure that resulted to the SCADA data breach. There was lack of enough controls on the users who would access the data and information in organization. The policy did not include enough security checks that would classify users who would be allowed to read only, others to write and modify and others to execute. Also, there was lack of classification of the data and adding of appropriate authentication mechanisms to access such data (Nicholson et al, 2012).
Lack of proper network segmentation
The improper network segmentation also contributed to the data breach. The process of allowing the network flow inside and outside the network resulted to the occurrence of the breach. This is because the internet is filled up with data traffic that is not secure for the network well being of the organizations involved. As a result, the attackers would find loopholes through which they can penetrate and attack the organization.
Impact
There is an impact in loss of privacy of the confidential data. Also, the loss in terms of fines in compensating for the victims of the breach was incurred. This greatly impacted the normal operations of the organizations involved in the breach (Newton, 2018).
Recommendations
In order to prevent such a data breach from happening, it would be important to secure the network infrastructure, routers, switches and wireless networks. Also, summation of the network to separate the SCADA deployment and the connected wireless technologies would be appropriate. Also, it is recommendable that there should be enforcement of the policies related to access and identity management policies in preventing the employees form gaining access to unauthorized parts. Also, endpoint security to internet of things should be implemented (Newton, 2018).
Gowri-
Data breaches can expose personal information, financial information such as credit card numbers from individuals and corporate secrets, their software codes, customers and even intellectual property, as in the major Sony breach. After a data breach, losses may result from an attacker impersonating someone from the targeted network and his gaining access to otherwise secure networks.
Personal computer hacks have become so common that almost everyone has to deal with it at least once in their lives. And it’s not just simple pranks that amateur hackers used to pull in the early days of mainstream computer adoption. Today, cyberattacks are sophisticated, well-orchestrated and capable of posing severe threats to the personal data of Internet users.( Hua, N. (2019))
Government laptop compromised :
FREQUENT RANDOM POP-UPS :
This is one of the most explicit indications of a computer being infected. If start seeing more annoying pop-ups in web browser, and they often flash in sites that usually don’t generate pop-ups, this is a bad sign.
ANTIVIRUS SHUTTING DOWN :
Some types of malware disable antivirus or anti-malware programs and make it difficult to re-enable them. If notice that antivirus has suddenly stopped working and can’t open the Task Manager properly, it is very likely that system has been infected with malware.
PROGRAMS SHOW UP DIDN’T INSTALL :
A malicious program may be disguised as legitimate software to slip into computer. Usually, it is done by worms or malware that attach to other software to get installed together as a bundle. So, if notice an unknown program residing on system, it’s likely a malicious one.
PASSWORDS NO LONGER WORK :
Getting locked out of online accounts might mean that have fallen into a phishing trap. A common tactic scammers use is to send an authentic-looking email from a bank or any other service ‘re signed up for, asking to update password by clicking the included link. Once do it, provide access to account to hackers. organization breach occurs, government laptop compromised hackers wouldn’t occur in personal security of passwords. (Sonne, P. (2018))