Cybersecurity Threats and Data Breaches
VerifiedAdded on 2020/02/24
|11
|2431
|35
AI Summary
This assignment delves into the critical topic of cybersecurity threats. It explores various vulnerabilities, particularly focusing on cloud computing security concerns and the devastating impact of ransomware attacks exemplified by WannaCry in 2017. The report dissects the technical aspects of these threats, their consequences for individuals and organizations, and proposes strategies for mitigating risks and enhancing cybersecurity posture.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: CYBER ATTACKS
Cyber Attacks
Name of the Student:
Student ID:
Subject Code:
Session:
Assessment Number:
Cyber Attacks
Name of the Student:
Student ID:
Subject Code:
Session:
Assessment Number:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Executive Summary
The main objective of this report is to understand the basic description of security breaches in
modern world. ICT has become a threat for all of the world and the main reason for this is the
security breaches. The following report discusses about the Verizon Wireless Cyber Attack of
USA in July 2017 with the discussion, affected people and the recommendations for prevention
of such security breaches. The report also covers the infamous WannaCry Ransomware Cyber
Attack in May 2017, which shook the whole Information and Communications Technology of
the world.
The main objective of this report is to understand the basic description of security breaches in
modern world. ICT has become a threat for all of the world and the main reason for this is the
security breaches. The following report discusses about the Verizon Wireless Cyber Attack of
USA in July 2017 with the discussion, affected people and the recommendations for prevention
of such security breaches. The report also covers the infamous WannaCry Ransomware Cyber
Attack in May 2017, which shook the whole Information and Communications Technology of
the world.
Table of Contents
Introduction......................................................................................................................................4
Part A...............................................................................................................................................4
The Problem.................................................................................................................................4
Reason for the Security Breach...................................................................................................5
Data Breach Occurrence..............................................................................................................6
Solution........................................................................................................................................6
Part B...............................................................................................................................................7
The Problem.................................................................................................................................7
The Affected Countries................................................................................................................8
Procedure of the Attack...............................................................................................................8
Preventive Measures....................................................................................................................8
Conclusion.......................................................................................................................................9
References......................................................................................................................................10
Introduction......................................................................................................................................4
Part A...............................................................................................................................................4
The Problem.................................................................................................................................4
Reason for the Security Breach...................................................................................................5
Data Breach Occurrence..............................................................................................................6
Solution........................................................................................................................................6
Part B...............................................................................................................................................7
The Problem.................................................................................................................................7
The Affected Countries................................................................................................................8
Procedure of the Attack...............................................................................................................8
Preventive Measures....................................................................................................................8
Conclusion.......................................................................................................................................9
References......................................................................................................................................10
Introduction
A computer security breach is any event, which results in unsanctioned use of services,
networks, applications, data or devices by circumventing their fundamental mechanisms of
security. A security breach can also be referred to as a security violation. A security violation
takes place when an application or an individual illegally makes entry to an unauthorized,
confidential or private IT logical perimeter.
This report outlines the case study of cyber security breach of Verizon Wireless of USA,
which became a threat for the whole world in July 2017. It provides a detailed research of the
problem, the affected people and the recommendation that how that breach could had been
stopped. The report further outlines the brief description of the May 2017 Ransomware Cyber-
Attack with the problem, the affected person and the prevention of that case study. The name of
the May 2017 cyber attack is the WannaCry Ransomware Cyber attack. The description of the
above discussion is given in the following paragraphs.
Part A
The Problem
Verizon Wireless is a recognized telecommunication organization that operates its
business in USA. They are responsible for offering wireless devices and services. They have
faced a major security breach because of cloud leak. The Verizon partner was responsible for
leaking all the data in cloud (Mathews, 2017). It exposed approximately the accounts of millions
of customers. All the information present in their account was leaked in July, 2017 creating a lot
of problem.
A computer security breach is any event, which results in unsanctioned use of services,
networks, applications, data or devices by circumventing their fundamental mechanisms of
security. A security breach can also be referred to as a security violation. A security violation
takes place when an application or an individual illegally makes entry to an unauthorized,
confidential or private IT logical perimeter.
This report outlines the case study of cyber security breach of Verizon Wireless of USA,
which became a threat for the whole world in July 2017. It provides a detailed research of the
problem, the affected people and the recommendation that how that breach could had been
stopped. The report further outlines the brief description of the May 2017 Ransomware Cyber-
Attack with the problem, the affected person and the prevention of that case study. The name of
the May 2017 cyber attack is the WannaCry Ransomware Cyber attack. The description of the
above discussion is given in the following paragraphs.
Part A
The Problem
Verizon Wireless is a recognized telecommunication organization that operates its
business in USA. They are responsible for offering wireless devices and services. They have
faced a major security breach because of cloud leak. The Verizon partner was responsible for
leaking all the data in cloud (Mathews, 2017). It exposed approximately the accounts of millions
of customers. All the information present in their account was leaked in July, 2017 creating a lot
of problem.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Reason for the Security Breach
The major reason or cause behind the data breach was a cloud based repository file that
was not configured. This leaked the information of 14 million people of the United States who
were the customers of the Verizon, telecommunication carrier. The ownership of the cloud based
system or software was under the telephonic software and NICE Systems. NICE Systems were
the third party vendor of the Verizon Company (Fox News 2017). Verizon’s data repository was
the S3 bucket of the Amazon Services of the Web. The names, account details, addresses and
other essential information was leaked and accessed through the S3 bucket of the Amazon
Services. The PIN codes of the customers that used to verify the Verizon account were also
leaked and under danger. Their phone numbers were also leaked. This data breach shows the
insecurity of cloud computing and its challenges (Romanosky, Hoffman & Acquisti, 2014). This
leaked the information of 14 million people of the United States who were the customers of the
Verizon, telecommunication carrier. The other main reason for the cause of this data breach was
the non-configuration of the cloud based structure provided by the third party vendor called
NICE Systems. If the third party does not take proper responsibility of the cloud or does it in a
deliberate purpose then this can create data breach affecting millions of users (Khalil et al.,
2013). NICE System has a history that is not strong. History of this third party in supply
technical to different firms reveal an indicator of unsettled manner of the surveillance that was
sponsored by the state. Customers could log in to their accounts and get information from a
repository that can be downloaded. This is an alarming signal because if the data can be
downloaded then it can be shared with any third party resulting in major loss to the US
companies.
The major reason or cause behind the data breach was a cloud based repository file that
was not configured. This leaked the information of 14 million people of the United States who
were the customers of the Verizon, telecommunication carrier. The ownership of the cloud based
system or software was under the telephonic software and NICE Systems. NICE Systems were
the third party vendor of the Verizon Company (Fox News 2017). Verizon’s data repository was
the S3 bucket of the Amazon Services of the Web. The names, account details, addresses and
other essential information was leaked and accessed through the S3 bucket of the Amazon
Services. The PIN codes of the customers that used to verify the Verizon account were also
leaked and under danger. Their phone numbers were also leaked. This data breach shows the
insecurity of cloud computing and its challenges (Romanosky, Hoffman & Acquisti, 2014). This
leaked the information of 14 million people of the United States who were the customers of the
Verizon, telecommunication carrier. The other main reason for the cause of this data breach was
the non-configuration of the cloud based structure provided by the third party vendor called
NICE Systems. If the third party does not take proper responsibility of the cloud or does it in a
deliberate purpose then this can create data breach affecting millions of users (Khalil et al.,
2013). NICE System has a history that is not strong. History of this third party in supply
technical to different firms reveal an indicator of unsettled manner of the surveillance that was
sponsored by the state. Customers could log in to their accounts and get information from a
repository that can be downloaded. This is an alarming signal because if the data can be
downloaded then it can be shared with any third party resulting in major loss to the US
companies.
Data Breach Occurrence
Configuration is the most important issue in a cloud network. There can be any incorrect
configuration leading to issues regarding management of the network. Tools should be used in a
proper technique to allow the cloud to work in an efficient and effective manner. There was
major problem in the base of the infrastructure of the IT. This internal problem was known as
wrong configuration (Uchiumi, Kikuchi & Matsumoto, 2012). The wrong configuration in the
infrastructure can lead to around higher percent data breaches. The other main reason for the
cause of this data breach was the non-configuration of the cloud based structure provided by the
third party vendor called NICE Systems. NICE System has a history that is not strong. The NICE
System should have looked into the matter and made the system more secured before anything
like this could take place. It is extremely challenging for any organization to find out the
loopholes and problems in the configuration of the cloud network. Proper identification of
incorrect configuration can solve the issue regarding this matter.
Solution
The third party vendor should look into the matter and solve the misconfiguration issue.
The configuration of the IT systems should be carefully managed before any stated of disorder
takes place (Patel et al., 2013). The software should be upgraded on a continuous and regular
basis. The hardware performance also needs to be checked so that there is no degradation in the
performance. The downtime in the system must also be resolved in an efficient manner. Proper
cyber security policy along with signature authentication must be incorporated in the system. The
shielding of the vulnerabilities must be done by updating and patching the software on a regular
basis from various points of access. Proper encryption keys must be involved in the system. The
cloud architecture must be protected. The vendor must be transparent with its client (Shabtai,
Configuration is the most important issue in a cloud network. There can be any incorrect
configuration leading to issues regarding management of the network. Tools should be used in a
proper technique to allow the cloud to work in an efficient and effective manner. There was
major problem in the base of the infrastructure of the IT. This internal problem was known as
wrong configuration (Uchiumi, Kikuchi & Matsumoto, 2012). The wrong configuration in the
infrastructure can lead to around higher percent data breaches. The other main reason for the
cause of this data breach was the non-configuration of the cloud based structure provided by the
third party vendor called NICE Systems. NICE System has a history that is not strong. The NICE
System should have looked into the matter and made the system more secured before anything
like this could take place. It is extremely challenging for any organization to find out the
loopholes and problems in the configuration of the cloud network. Proper identification of
incorrect configuration can solve the issue regarding this matter.
Solution
The third party vendor should look into the matter and solve the misconfiguration issue.
The configuration of the IT systems should be carefully managed before any stated of disorder
takes place (Patel et al., 2013). The software should be upgraded on a continuous and regular
basis. The hardware performance also needs to be checked so that there is no degradation in the
performance. The downtime in the system must also be resolved in an efficient manner. Proper
cyber security policy along with signature authentication must be incorporated in the system. The
shielding of the vulnerabilities must be done by updating and patching the software on a regular
basis from various points of access. Proper encryption keys must be involved in the system. The
cloud architecture must be protected. The vendor must be transparent with its client (Shabtai,
Elovici & Rokach, 2012). The client company must analyze and study the issues regarding the
vendor company before deciding the issues. A web gateway application reduces or eliminate the
chances of risks in the system.
Part B
The Problem
The ransomware cyber attack that took place in May 2017 was the most dangerous attack
that took place across the world. It is known as the WannaCry ransomware attack. It is a cyber
attack that was done by the WannaCry ransomware cryptoworm. It had targeted those computers
that were running the operating system of the Microsoft Windows. The data of this operating
system were encrypted. The attackers had demanded ransom payments. These payments were
asked to be paid in the Bitcoin cryptocurrency (Mohurle & Patil, 2017). The attack had taken
place in around 12th of May, 2017. It was on a Friday. It had infected around 230000 computers
and more in more than 150 countries. National Health Service of the United Kingdom was partly
affected (Collier, 2017). It could run few services that were required in emergency situation
when the attack took place. Few days after the attack took place a researcher of security
discovered kill switch and found out the ransom ware code that led to the initial slow process of
the attack. However, later on in 15th of May, 2017 it was found out that the other advanced
versions of the ransomware had been invented and these lacked the kill switch. Microsoft had
detected its vulnerabilities and released the techniques and methods in order to overcome the
flaws and faults in the present system. The newer versions like Windows 7 and Windows 8 are
safe. People who are still using the Windows XP and other unauthorized versions are still under
the security risk.
vendor company before deciding the issues. A web gateway application reduces or eliminate the
chances of risks in the system.
Part B
The Problem
The ransomware cyber attack that took place in May 2017 was the most dangerous attack
that took place across the world. It is known as the WannaCry ransomware attack. It is a cyber
attack that was done by the WannaCry ransomware cryptoworm. It had targeted those computers
that were running the operating system of the Microsoft Windows. The data of this operating
system were encrypted. The attackers had demanded ransom payments. These payments were
asked to be paid in the Bitcoin cryptocurrency (Mohurle & Patil, 2017). The attack had taken
place in around 12th of May, 2017. It was on a Friday. It had infected around 230000 computers
and more in more than 150 countries. National Health Service of the United Kingdom was partly
affected (Collier, 2017). It could run few services that were required in emergency situation
when the attack took place. Few days after the attack took place a researcher of security
discovered kill switch and found out the ransom ware code that led to the initial slow process of
the attack. However, later on in 15th of May, 2017 it was found out that the other advanced
versions of the ransomware had been invented and these lacked the kill switch. Microsoft had
detected its vulnerabilities and released the techniques and methods in order to overcome the
flaws and faults in the present system. The newer versions like Windows 7 and Windows 8 are
safe. People who are still using the Windows XP and other unauthorized versions are still under
the security risk.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
The Affected Countries
It was reported by Europol that approximately 230000 computers that had the Windows
operating system were affected as they were infected by ransomware. This was spread over 150
countries across the world. The most affected countries were reported to be India, Ukraine,
Taiwan and Russia. The National Health Service of the United Kingdom and Scotland hospitals
were affected in a severe manner (Pascariu, Barbu & Bacivarov, 2017). It had infected over
70000 computer devices in the hospitals. It also included the MRI scanners and theatre
equipments. The production in the Nissan Manufacturing in United Kingdom was halted because
the ransomware were infected in their systems. It has also affected Renault. It has stopped its
production in various sites. The attack was not as powerful as any other cyber attack.
Procedure of the Attack
The ransomware attack called WannaCry attack had taken place on 12th of May, 2017.
The initial thing that happened was took place in Asia at around 7:44 am in the morning. It had
taken place through an SMB port that was exposed due to its vulnerability (Mattei, 2017). It was
not done through email phishing. The malware had first checked whether there was any kill
switch domain. In the absence of such domain the ransomware attacks the system and encrypts
its data. It then exploits the vulnerabilities of the SMB. After the attack, it had displayed a
message asking for 300 dollars Bitcoin in a span of three days or 600 dollars in seven days
(O'Gorman & McDonald, 2012). By 14th of June, 2017 there were 327 payments resulting in a
total amount of 130634 dollars that had been transferred.
Preventive Measures
There are certain measures for this problem. Microsoft Protection Center that looks after
the malware issues had mentioned several steps that can be taken in order to prevent the
It was reported by Europol that approximately 230000 computers that had the Windows
operating system were affected as they were infected by ransomware. This was spread over 150
countries across the world. The most affected countries were reported to be India, Ukraine,
Taiwan and Russia. The National Health Service of the United Kingdom and Scotland hospitals
were affected in a severe manner (Pascariu, Barbu & Bacivarov, 2017). It had infected over
70000 computer devices in the hospitals. It also included the MRI scanners and theatre
equipments. The production in the Nissan Manufacturing in United Kingdom was halted because
the ransomware were infected in their systems. It has also affected Renault. It has stopped its
production in various sites. The attack was not as powerful as any other cyber attack.
Procedure of the Attack
The ransomware attack called WannaCry attack had taken place on 12th of May, 2017.
The initial thing that happened was took place in Asia at around 7:44 am in the morning. It had
taken place through an SMB port that was exposed due to its vulnerability (Mattei, 2017). It was
not done through email phishing. The malware had first checked whether there was any kill
switch domain. In the absence of such domain the ransomware attacks the system and encrypts
its data. It then exploits the vulnerabilities of the SMB. After the attack, it had displayed a
message asking for 300 dollars Bitcoin in a span of three days or 600 dollars in seven days
(O'Gorman & McDonald, 2012). By 14th of June, 2017 there were 327 payments resulting in a
total amount of 130634 dollars that had been transferred.
Preventive Measures
There are certain measures for this problem. Microsoft Protection Center that looks after
the malware issues had mentioned several steps that can be taken in order to prevent the
WannaCry ransomware attack (Martin, Kinross & Hankin, 2017). Installation and usage of
antivirus software that is up to date will help to resolve many issues. The software must also be
up to date. They should avoid clicking on any websites or open any type of attachment. There
must be regular backup for important files (O’ Dowd, 2017). Patches should be applied to the
Windows that is recommended by Microsoft Security Bulletin.
Conclusion
Therefore from the above discussion, it can be concluded that security breaches has
become a common problem in the world. The report clearly discusses about the infamous
Verizon data breach in July 2017. It provides a clear description of the reasons, the affected
people and the recommendations for the solution. The report further covers about the WannaCry
ransomware cyber attack of May 2017. The whole ICT world was shaken because of this attack.
The report gives a brief description of the problem and the suffered people and the solutions for
that problem.
antivirus software that is up to date will help to resolve many issues. The software must also be
up to date. They should avoid clicking on any websites or open any type of attachment. There
must be regular backup for important files (O’ Dowd, 2017). Patches should be applied to the
Windows that is recommended by Microsoft Security Bulletin.
Conclusion
Therefore from the above discussion, it can be concluded that security breaches has
become a common problem in the world. The report clearly discusses about the infamous
Verizon data breach in July 2017. It provides a clear description of the reasons, the affected
people and the recommendations for the solution. The report further covers about the WannaCry
ransomware cyber attack of May 2017. The whole ICT world was shaken because of this attack.
The report gives a brief description of the problem and the suffered people and the solutions for
that problem.
References
Collier, R. (2017). NHS ransomware attack spreads worldwide.
Fox News. (2017). Verizon data breach: 14 million customers reportedly exposed. Retrieved 27
August 2017, from http://www.foxnews.com/tech/2017/07/12/verizon-data-breach-14-
million-customers-reportedly-exposed.html
Khalil, I. M., Khreishah, A., Bouktif, S., & Ahmad, A. (2013, April). Security concerns in cloud
computing. In Information Technology: New Generations (ITNG), 2013 Tenth
International Conference on (pp. 411-416). IEEE.
Martin, G., Kinross, J., & Hankin, C. (2017). Effective cybersecurity is fundamental to patient
safety.
Mathews, L. (2017). Millions Of Verizon Customers Exposed By Third-Party Data
Leak. Forbes.com. Retrieved 27 August 2017, from
https://www.forbes.com/sites/leemathews/2017/07/13/millions-of-verizon-customers-
exposed-by-third-party-leak/#929962836bc9
Mattei, T. A. (2017). Privacy, Confidentiality, and Security of Health Care Information: Lessons
from the Recent WannaCry Cyberattack. World Neurosurgery, 104, 972-974.
Mohurle, S., & Patil, M.(2017). A brief study of Wannacry Threat: Ransomware Attack
2017. International Journal, 8(5).
O’Dowd, A. (2017). NHS patient data security is to be tightened after cyberattack.
Collier, R. (2017). NHS ransomware attack spreads worldwide.
Fox News. (2017). Verizon data breach: 14 million customers reportedly exposed. Retrieved 27
August 2017, from http://www.foxnews.com/tech/2017/07/12/verizon-data-breach-14-
million-customers-reportedly-exposed.html
Khalil, I. M., Khreishah, A., Bouktif, S., & Ahmad, A. (2013, April). Security concerns in cloud
computing. In Information Technology: New Generations (ITNG), 2013 Tenth
International Conference on (pp. 411-416). IEEE.
Martin, G., Kinross, J., & Hankin, C. (2017). Effective cybersecurity is fundamental to patient
safety.
Mathews, L. (2017). Millions Of Verizon Customers Exposed By Third-Party Data
Leak. Forbes.com. Retrieved 27 August 2017, from
https://www.forbes.com/sites/leemathews/2017/07/13/millions-of-verizon-customers-
exposed-by-third-party-leak/#929962836bc9
Mattei, T. A. (2017). Privacy, Confidentiality, and Security of Health Care Information: Lessons
from the Recent WannaCry Cyberattack. World Neurosurgery, 104, 972-974.
Mohurle, S., & Patil, M.(2017). A brief study of Wannacry Threat: Ransomware Attack
2017. International Journal, 8(5).
O’Dowd, A. (2017). NHS patient data security is to be tightened after cyberattack.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
O'Gorman, G., & McDonald, G. (2012). Ransomware: A growing menace. Symantec
Corporation.
pascariu, C., barbu, I. D., & bacivarov, I. C.(2017) Investigative Analysis and Technical
Overview of Ransomware Based Attacks. Case Study: WannaCry.
Patel, A., Taghavi, M., Bakhtiyari, K., & JúNior, J. C. (2013). An intrusion detection and
prevention system in cloud computing: A systematic review. Journal of network and
computer applications, 36(1), 25-41.
Romanosky, S., Hoffman, D., & Acquisti, A. (2014). Empirical analysis of data breach
litigation. Journal of Empirical Legal Studies, 11(1), 74-104.
Shabtai, A., Elovici, Y., & Rokach, L. (2012). A survey of data leakage detection and prevention
solutions. Springer Science & Business Media.
Uchiumi, T., Kikuchi, S., & Matsumoto, Y. (2012, September). Misconfiguration detection for
cloud datacenters using decision tree analysis. In Network Operations and Management
Symposium (APNOMS), 2012 14th Asia-Pacific (pp. 1-4). IEEE.
Corporation.
pascariu, C., barbu, I. D., & bacivarov, I. C.(2017) Investigative Analysis and Technical
Overview of Ransomware Based Attacks. Case Study: WannaCry.
Patel, A., Taghavi, M., Bakhtiyari, K., & JúNior, J. C. (2013). An intrusion detection and
prevention system in cloud computing: A systematic review. Journal of network and
computer applications, 36(1), 25-41.
Romanosky, S., Hoffman, D., & Acquisti, A. (2014). Empirical analysis of data breach
litigation. Journal of Empirical Legal Studies, 11(1), 74-104.
Shabtai, A., Elovici, Y., & Rokach, L. (2012). A survey of data leakage detection and prevention
solutions. Springer Science & Business Media.
Uchiumi, T., Kikuchi, S., & Matsumoto, Y. (2012, September). Misconfiguration detection for
cloud datacenters using decision tree analysis. In Network Operations and Management
Symposium (APNOMS), 2012 14th Asia-Pacific (pp. 1-4). IEEE.
1 out of 11
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.