Russian Cyber Attack and Prevention Measures

Verified

Added on  2019/11/20

|13
|2688
|271
Report
AI Summary
A ransomware attack called WannaCry, also known as WanaCrypt0r 2.0, was launched on May 12, 2017, which exploited exposure in Windows operating systems and demanded $300 worth of Bitcoin from users to release important files. This attack affected over 100 countries worldwide, with nearly 1,000 PCs influenced. The paper discusses the prevention measures that can be taken by companies to prevent such attacks, including keeping backups of essential data, not opening spam emails, restricting website access, and using antivirus software.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Running Head: Information Security
Information Security

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Information Security 1
Contents
Introduction......................................................................................................................................2
Part-A...............................................................................................................................................3
Facts of the case...........................................................................................................................3
Impact of case..............................................................................................................................3
Reasons for the attack..................................................................................................................4
Steps were taken to prevent the attack.........................................................................................5
Part – B............................................................................................................................................6
Facts of the case...........................................................................................................................6
Impact of the case........................................................................................................................6
Reasons for the attack..................................................................................................................7
Steps were taken to prevent the attack.........................................................................................8
Conclusion.......................................................................................................................................9
References......................................................................................................................................10
Document Page
Information Security 2
Introduction
Computer security breach is any incident that results in unauthorized access of data, applications,
and services or devices bypassing their underlying security mechanism. A security breach takes
place generally when an individual enters a private, unauthorized and confidential. The report
throws light on recent computer security breach (Schou, & Hernandez, 2014).
Document Page
Information Security 3
Part-A
News Article - Spambot leaks more than 700m email addresses in massive data breach
Link- https://www.theguardian.com/technology/2017/aug/30/spambot-leaks-700m-email-
addresses-huge-data-breach-passwords
Facts of the case
More than 700 million email addresses, and various passwords, have spilled openly
because of a misconfigured spambot, in one of the biggest information ruptures ever. As of now,
a huge number of email locations and passwords have been leaked on the Internet. It might be
possible that this is the biggest data dump ever in which 700 million of email addresses were
exposed online (Alexhern, 2017). As per the Troy Hunt, a researcher and a person who take care
of security alert site HaveIBeenPwned said that might be possible each e-mail id belongs to a
person but the dump also contains some duplicate and fake addresses. There might be the
possibility that the small number of users got affected. The problem was detected by the security
researcher Benkow who claim that Netherlands-based Onliner spambot server encompasses of
email id along with the passwords and details related to the e-mail servers. He said that it gives
off an impression of being associated with a strain of malware called Ursnif, a Trojan that takes
usernames and passwords and in addition managing an account record and payment card details
(Leyden, 2017).
Impact of case
Due to this spambot, the general public got affected. As their email addresses along with
the passwords were disclosed. The e-mail id might contain essential details of the users. So there

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Information Security 4
can be a threat to the users of the leakage of the official as well as personal details. The personal
details of the users contain bank details, some authentic documents, phone numbers, etc. there
are many such details that can be saved in the email address (Gregg, 2017). The email id of the
customer might include the card information. These details can be misused by the third person.
This may lead to problems for the genuine users whose email ids are disclosed. The third person
can make use of the card details to safeguard the same. Each and every people need to monitor
credit card transactions to check the information on each transaction. Credit card users should
talk to bank branch if they found any suspicious activity. The official details might be related to
the details of the client and the plans of the company. These details can be used by the rival
companies to overtake the competitive company. People should not keep their official details in
personal e-mail id. There should be proper management of the details that one person maintains
in their e-mail ids.
Reasons for the attack
The reason for a spambot is to convey a huge number of touchy messages at any given
moment, yet without them being caught by the spam channels set up on all significant email
frameworks. By utilizing the points of interest put away on the server, the botnet could go around
a significant number of these channels, by influencing the messages to show up as though they
had been sent genuinely. The data was available due to spammers failed to secure their servers.
This server can allow the visitors to download gigabytes of data without any need for the
credentials. It is difficult to know what number of others other than the spammer who ordered
the database has downloaded their own duplicates (Newcomb, 2017).
There was millions of password enclosed in the breach that took place. According to the
Hunt, the major number of passwords seems that they have been gathered from the earlier leaks.
Document Page
Information Security 5
In May 2016, approximately 164 million passwords got stolen from LinkedIn. A small set of 4.2
million of the passwords was stolen from Exploit.in.
Steps were taken to prevent the attack
Securing of the email address should be done by the users on the top priority. The user
can activate the safety measures for this users need to add a phone number to the e-mail account.
Use of password on social accounts need to be carefully done. Every time user should change the
password or need to set a unique password. For each social account user should set different
passwords. A password manager like Dashlane will help in storing and creating unique different
passwords for every account (Collins, 2017). This will generate the difficulties for the hackers to
replicate the combination of the e-mail id. This is a truth that the email is first in the malware
infection chain. The user should avoid clicking on links that they receive on emails. While
operating the email address the user should not connect to free public Wi-Fi networks. E-mail
users need to be capable enough to identify online scams. Users need to be careful while using
email to services and websites.
The user should ensure that they use https so that their personal data can be
communicated safely to the servers. There is various social networking website in which
customer mentions their email id for daily purposes. Those social networking websites should
establish security systems to keep the customer's details secure. To avoid these kinds of an
incident will not take place again in the future. There are many websites in which customer
details related to email id and password is must to access the website. Users should avoid using
their personal and official email id everywhere.
Document Page
Information Security 6
Part – B
Massive ransomware cyber-attack hits nearly 100 countries around the world
Link- https://www.theguardian.com/technology/2017/may/12/global-cyber-attack-ransomware-
nsa-uk-nhs
Facts of the case
A ransomware digital assault that may have begun from the burglary of "digital weapons"
connected to the US government has hobbled doctor's facilities in England and spread to nations
over the world. According to the security researchers through Kaspersky Lab said that they
recorded 45,000 attacks in approximately 99 countries. These 99 countries include UK, Russia,
India, Ukraine, Italy, Egypt, etc. telecommunication like Telefonica also got infected in Spain
(Wong, and Solon, 2017). Basically, Ransomware is one of the types of malware that blocks the
access to the computer or its data. Apart from it this malware demand for the money to get a
release from the blockage (Mercaldo, Nardone, Santone, & Visaggio, 2016). The problem starts
when the company gets in touch with this malware. Once the company gets infected with this
ransomware, the important documents and files get encrypts. To save the documents and files
company need to pay the amount of $300. Basically, the companies were not able to access the
files. The company was also in a threat that they will not be able to restore the data and
information due to encryption of the information.
Impact of the case
All the computer and web users were affected with ransomware. Computer users of different
industries across the world got affected with this malware. NSAGOV disclosed that the malware

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Information Security 7
was established to attack hospitals. Most of the hospitals got affected with this malware (Smith,
Ortiz, & Mccausland, 2017). This was the reason due to which the patients got affected. The
functioning and activities got affected due to the ransomware malware. Different organizations
including France's BNP Paribas SA, U.K. publicizing monster WPP Plc and Hamburg-based
Beiersdorf AG, the producer of Nivea and Labello lip medicine, were additionally adapting to
the aftermath. The working of the company got affected, the activities of the business come to an
end. The confidential details of the company will get a leak in the market. The company needs to
bear the legal replication due to leakage of the confidential details (Wire, 2017). The company
can face the issue related to the brand value of the company. The details of the company which
should not be disclosed in front of the public will be disclosed. This affects the customers as they
change their perception for the companies. This can impact the goodwill of the company in the
market (India Times, 2017).
Reasons for the attack
By 12th May the ransomware had spread to the United States and South America; however,
Europe and Russia remained the hardest hit, as per security scientists Malware Hunter Team. The
Russian inside service says in regards to 1,000 PCs have been influenced. This attack used
malicious software called “WanaCrypt0r 2.0” or WannaCry, which exploits exposure in
Windows. The ransomware asked users to pay $300 worth of cryptocurrency Bitcoin to release
the important files (Mullen, Larson, & Burke, 2017). For instance, a hospital in Los Angeles paid
approximately $ 17,000 in bitcoin to ransomware hackers. The reason being they want to save
the documents that contain useful information. After some time people actually started paying
the amount that helps in raising the payment from the users. Ramson message transaction is
available in 28 languages. This malware attracts in the system through e-mail. The malware was
Document Page
Information Security 8
made accessible online on 14 April through a dump by a gathering called Shadow Brokers,
which guaranteed a year ago to have stolen a reserve of "digital weapons" from the National
Security Agency (NSA). At the time, there was distrust about whether the gathering was
overstating the size of its back.
Steps were taken to prevent the attack
The affected companies can take Prevention from the attack. The companies can keep the
backup of the details for the near future. Backup of all the details that are essential for the
company’s working should be done. This can prevent the companies from paying the amount to
restore the information. Spam e-mail should not be entertained by the users. The attack was done
through emails only; people who opened these spam mails they started facing the problem on
their computers (Wermuth, 2017). There should be privacy on the use of the laptop by the users.
This prevents the usage of the laptop and computers by other users. There should be restricted
use of the websites, not all the sites should be accessible on the computers. The reason being du e
to the use of the unauthentic sites, the malware can affect the computers (AFP, 2017).
The use of antivirus can help the users in identifying the spam material and can prevent the
computer from different kinds of malware. There are different types of tools that can be used by
the users such as Anti-Exploit, Anti-Malware, Anti-Espionage, and Anti-Ransomware. These
tools help the users to prevent the computers from any kind of issue related to the cyber-attack
(Jang, Yun, Woo, & Kim, 2014). Bitdefender Anti-Ransomware is a free security tool that can
fight against the ransomware attacks.
Document Page
Information Security 9
Conclusion
The emergence of technology can be harmful to the general public. There are many cases that
took place in the past few months related to the computer security breach. The paper talks about
the two cases one talks about the leak of more than 700 million e-mail ids along with the
passwords, other talks about the ransomware malware attack on the computers.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Information Security 10
References
AFP. (2017). Massive cyber-attack hits nearly 100 countries. The Express Tribune. Viewed on
8th September 2017. https://tribune.com.pk/story/1408701/fast-moving-cyberattacks-
wreak-havoc-worldwide/
Alexhern. (2017 August 30). Spambot leaks more than 700m email addresses in massive data
breach. The Guardian. Viewed on 8th September 2017
https://www.theguardian.com/technology/2017/aug/30/spambot-leaks-700m-email-
addresses-huge-data-breach-passwords
Collins, T., (2017 August 30th). Change your email password now! More than 700 million
account details are leaked in the biggest spambot dump ever. Daily mail. Viewed on 8th
September 2017 http://www.dailymail.co.uk/sciencetech/article-4836496/More-700-
million-email-addresses-leaked-spammers.html
Gregg, K., (2017). SPAMBOT LEAKS MORE THAN 700M EMAIL ADDRESSES IN
MASSIVE DATA BREACH. Viewed on 8th September 2017.
https://boardtownblast.com/spambot-leaks-more-than-700m-email-addresses-in-massive-
data-breach/
India Times. (2017 May 13th). Massive Ransomware Attack Hits Nearly 100 Countries, Stops
Computer Networks Worldwide. India Times. Viewed on 8th September 2017
http://www.indiatimes.com/technology/news/massive-ransomware-attack-hits-nearly-
100-countries-stops-computer-networks-worldwide-321535.html
Document Page
Information Security 11
Jang, J. W., Yun, J., Woo, J., & Kim, H. K. (2014, April). Andro-profiler: anti-malware system
based on behavior profiling of mobile malware. In Proceedings of the 23rd International
Conference on World Wide Web (pp. 737-738). ACM.
Leyden, J., (2017). Open and accessible' spambot server leaks 711 million records. Viewed on 8th
September 2017 https://www.theregister.co.uk/2017/08/30/spambot_leak/
Mercaldo, F., Nardone, V., Santone, A., & Visaggio, C. A. (2016, June). Ransomware steals
your phone. formal methods rescue it. In International Conference on Formal Techniques
for Distributed Objects, Components, and Systems (pp. 212-221). Springer, Cham.
Mullen, J., Larson, S., & Burke, S., (2017 May 13th). World reels from massive cyberattack that
hit nearly 100 countries. CNN Tech. Viewed on 8th September 2017.
http://money.cnn.com/2017/05/13/technology/ransomware-attack-nsa-microsoft/
index.html
Newcomb, A., (2017). Data Breach Exposes 700M Email Addresses — And Some Passwords.
NCB News. Viewed on 8th September 2017.
https://www.nbcnews.com/tech/security/data-breach-exposes-700m-email-addresses-
some-passwords-n797421
Schou, C., & Hernandez, S. (2014). Information Assurance Handbook: Effective Computer
Security and Risk Management Strategies. McGraw-Hill Education Group.
Smith, S., Ortiz, E., & Mccausland, P., (2017 May 13th). Huge Cyberattack Hits Nearly 100
Countries With ‘Wanna Decryptor’ Malware, NBC NEWS. Viewed on 8th September
2017. https://www.nbcnews.com/news/world/national-health-service-cyberattack-hits-
english-hospitals-hackers-demand-bitcoin-n758516
Document Page
Information Security 12
Wermuth, S., (2017 May 13th). 'Biggest ransomware outbreak in history' hits nearly 100 countries
with data held for ransom. ABC NEWS. Viewed on 8th September 2017.
http://www.abc.net.au/news/2017-05-13/biggest-ransomware-outbreak-in-history-hits-
nearly-100-nations/8523102
Wire, C., (2017 May 12th). More Than 75,000 Ransomware Cyber Attacks Hit Nearly 100
Countries. KTLA. Viewed on 8th September 2017. http://ktla.com/2017/05/12/more-than-
75000-ransomware-cyber-attacks-hit-nearly-100-countries/
Wong, J.C., & Solon, O., (2017 May 12th). Massive ransomware cyber-attack hits nearly 100
countries around the world. The Guardian. Viewed on 8th September 2017
https://www.theguardian.com/technology/2017/may/12/global-cyber-attack-ransomware-
nsa-uk-nhs
1 out of 13
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]