Symantec Breach in June 2019
Added on 2022-12-19
3 Pages1966 Words90 Views
|
|
|
Abstract— Over the last few decades, the network security’s
state-of-the-art has evolved from initial focus on solutions. Like
encryption and firewalls through technologies of second-generation
which targeted in identifying the possible vulnerabilities in a
network. Security breach occurred in Symantec where data like
account numbers, passwords and list of essential clients were taken.
However Symantec said no sensitive information was taken from the
breach. Symantec implemented a new service for protection of their
data. This new service delivers automatic mode of protection that
invokes cloud based APIs. Symantec after that security breach
incident has provided more security to their network so that this kind
of information does not take place again.
Key word: network security, vulnerabilities, threats, APIs,
automation.
I. INTRODUCTION
A data breach in February at Symantec provided hackers for
accessing passwords, account numbers and a list of important
Australian clients as per report of Guardian Australia. It was
characterized by platform security vendor that that breach was
a minor incident as self-enclosed demo lab was involved in the
breach which was not linked with the corporate network of
Symantec. It was told by Symantec to the Guardian Australia
that there was no report of the breach as the demo lab have
any private sensitive data extracted or did not host from it. The
Australian Privacy Act needs notifications whenever a serious
harm is caused to individual whose private data is exposed
from data breach. Symantec, however said there was no report
disclosed in that breach which would activate any kind of
regulatory obligation.
II. DISCUSSION
The American giant cyber security Symantec has seen a
data breach which allowed hackers in accessing passwords
and a list of its reputed clients which includes large
Australian government agencies and organizations. The
hackers chose the accounts of Symantec which belongs to
many huge Australian businesses along with every major
departments of Australian government. The similar actor
who breached Symantec also took responsibility of stealing
data from Medicare program of Australia which later was
on sale on dark web. The hackers got list of respected
clients of CloudSOC CASB services of Symantec along
with account numbers and account managers. The data
found in exposed system contained small number of non-
sensitive and low-level files and dummy emails which was
only used for demonstration and not for production purpose.
No sensitive private data was accommodated nor was the
corporate network of Symantec. Symantec, as world’s
largest cyber-security organization, the target on Symantec
by hackers and several other cybercriminals was not
uncommon at all. The client list had the names of Australian
major banks, universities, insurers, federal police, retailers
and departments of federal government of New South
Wales. This was an older list of many private and public
entities present in Australia. Those entities in the list were
not customers of Symantec, nor were they provided services
by the organization. Department of Social Services of
Australia uses the products of Symantec which includes
CloudSOC, however any customer details or sensitive data
were no stored on the CASB tool of Symantec.
Many government departments of Australia which
consists of agriculture, home affairs, arts and
communication, employment and education claimed of
using other products of Symantec, however it is not
CloudSOC CASB tool. It was stated by home affairs that no
sensitive information about departments were hold by
Symantec. Other federal departments of Australia which
includes industry, finance, infrastructure and human
services said the CloudSOC services of Symantec was not
used by them nor any data were stored with Symantec. The
security breach extended for unstable period in Symantec
that included internal accounting investigation, unrest
activist investor and struggles of enterprise sales.
There are several factors which put the organization at
higher level of risk for a data breach such as leaving folders
unprotected and open. Cause for data breach might be the
hacking attacks, however it can be often a lost or weak
password which is vulnerability which was exploited by
opportunist hacker. Symantec implemented new service for
Cloud Workload Protection (CWP) solution of Symantec
and automated remediation were provided by Amazon
GuardDuty and threat intelligence were enhanced for
storage and workloads of AWS. Enterprises will help this
service in navigating the landscape of complex security
which allows AWS users to streamline and automate cloud
security’s key components. Automation is essential in
solving challenges of cloud-scale and supplement gap of
cyber security. The new service of Cloud Workload
Protection of Symantec addresses the challenges through
enhancing threat intelligence, automated remediation and
continuous assessment. CWP works with Amazon
GuardDuty in detecting security threats automatically and
misconfigurations in storage and workload in AWS.
Automatic mode of protection is also delivered by this
service where cloud APIs are invoked to receive automated
responses.
In the year 2019, a security breach took place in the
Symantec Company stealing data from some reputed
business organization. The same set of hackers or hacker
took the liberty to hack the Australia’s Medicare program to
sell them on dark web.
There are certain security measures that has to be taken in
order to prevent these incidents from taking place in the
country.
Symantec Breach in June 2019
Michael Novinson
1
Abstract— Over the last few decades, the network security’s
state-of-the-art has evolved from initial focus on solutions. Like
encryption and firewalls through technologies of second-generation
which targeted in identifying the possible vulnerabilities in a
network. Security breach occurred in Symantec where data like
account numbers, passwords and list of essential clients were taken.
However Symantec said no sensitive information was taken from the
breach. Symantec implemented a new service for protection of their
data. This new service delivers automatic mode of protection that
invokes cloud based APIs. Symantec after that security breach
incident has provided more security to their network so that this kind
of information does not take place again.
Key word: network security, vulnerabilities, threats, APIs,
automation.
I. INTRODUCTION
A data breach in February at Symantec provided hackers for
accessing passwords, account numbers and a list of important
Australian clients as per report of Guardian Australia. It was
characterized by platform security vendor that that breach was
a minor incident as self-enclosed demo lab was involved in the
breach which was not linked with the corporate network of
Symantec. It was told by Symantec to the Guardian Australia
that there was no report of the breach as the demo lab have
any private sensitive data extracted or did not host from it. The
Australian Privacy Act needs notifications whenever a serious
harm is caused to individual whose private data is exposed
from data breach. Symantec, however said there was no report
disclosed in that breach which would activate any kind of
regulatory obligation.
II. DISCUSSION
The American giant cyber security Symantec has seen a
data breach which allowed hackers in accessing passwords
and a list of its reputed clients which includes large
Australian government agencies and organizations. The
hackers chose the accounts of Symantec which belongs to
many huge Australian businesses along with every major
departments of Australian government. The similar actor
who breached Symantec also took responsibility of stealing
data from Medicare program of Australia which later was
on sale on dark web. The hackers got list of respected
clients of CloudSOC CASB services of Symantec along
with account numbers and account managers. The data
found in exposed system contained small number of non-
sensitive and low-level files and dummy emails which was
only used for demonstration and not for production purpose.
No sensitive private data was accommodated nor was the
corporate network of Symantec. Symantec, as world’s
largest cyber-security organization, the target on Symantec
by hackers and several other cybercriminals was not
uncommon at all. The client list had the names of Australian
major banks, universities, insurers, federal police, retailers
and departments of federal government of New South
Wales. This was an older list of many private and public
entities present in Australia. Those entities in the list were
not customers of Symantec, nor were they provided services
by the organization. Department of Social Services of
Australia uses the products of Symantec which includes
CloudSOC, however any customer details or sensitive data
were no stored on the CASB tool of Symantec.
Many government departments of Australia which
consists of agriculture, home affairs, arts and
communication, employment and education claimed of
using other products of Symantec, however it is not
CloudSOC CASB tool. It was stated by home affairs that no
sensitive information about departments were hold by
Symantec. Other federal departments of Australia which
includes industry, finance, infrastructure and human
services said the CloudSOC services of Symantec was not
used by them nor any data were stored with Symantec. The
security breach extended for unstable period in Symantec
that included internal accounting investigation, unrest
activist investor and struggles of enterprise sales.
There are several factors which put the organization at
higher level of risk for a data breach such as leaving folders
unprotected and open. Cause for data breach might be the
hacking attacks, however it can be often a lost or weak
password which is vulnerability which was exploited by
opportunist hacker. Symantec implemented new service for
Cloud Workload Protection (CWP) solution of Symantec
and automated remediation were provided by Amazon
GuardDuty and threat intelligence were enhanced for
storage and workloads of AWS. Enterprises will help this
service in navigating the landscape of complex security
which allows AWS users to streamline and automate cloud
security’s key components. Automation is essential in
solving challenges of cloud-scale and supplement gap of
cyber security. The new service of Cloud Workload
Protection of Symantec addresses the challenges through
enhancing threat intelligence, automated remediation and
continuous assessment. CWP works with Amazon
GuardDuty in detecting security threats automatically and
misconfigurations in storage and workload in AWS.
Automatic mode of protection is also delivered by this
service where cloud APIs are invoked to receive automated
responses.
In the year 2019, a security breach took place in the
Symantec Company stealing data from some reputed
business organization. The same set of hackers or hacker
took the liberty to hack the Australia’s Medicare program to
sell them on dark web.
There are certain security measures that has to be taken in
order to prevent these incidents from taking place in the
country.
Symantec Breach in June 2019
Michael Novinson
1
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Symantec Data Breach: Causes and Critical Security Controlslg...
|6
|1510
|86
Semantic Data Breachlg...
|9
|2369
|32
JP Morgan Data Breachlg...
|5
|722
|96
Cyber Security Management for Australian Red Cross Blood Servicelg...
|9
|1783
|385
Internet of Things (IoT) Security: Current Status, Challenges and Prospective Measureslg...
|12
|760
|401
Network Security - Major Incidents and Predictions for 2018lg...
|6
|1818
|189