Cybersecurity and Data Breach Analysis
VerifiedAdded on 2020/02/24
|9
|2441
|45
AI Summary
This assignment delves into the critical topic of cybersecurity by examining various data breach incidents and their consequences. Students will analyze real-world examples like the WannaCry ransomware attack and OSHA's data breach, exploring the vulnerabilities that led to these incidents. Furthermore, the assignment encourages students to evaluate risk mitigation strategies and propose solutions to enhance organizational cybersecurity posture.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Information Security
Table of Contents
Introduction.................................................................................................................................................3
Security Breach at OSHA............................................................................................................................3
Ransomware Attack – May 2017.................................................................................................................5
Conclusion...................................................................................................................................................7
References...................................................................................................................................................8
2
Table of Contents
Introduction.................................................................................................................................................3
Security Breach at OSHA............................................................................................................................3
Ransomware Attack – May 2017.................................................................................................................5
Conclusion...................................................................................................................................................7
References...................................................................................................................................................8
2
Information Security
Introduction
There are numerous web-based and cloud computing applications and services that are being
used by the organizations. The automation of the business activities and operations have
provided the organizations with the ability to carry out the tasks quickly and accurately. The
volumes and variety of the data has also increased as a result. One organization handles various
projects at the same time and there is a lot of information that an organization manages and
processes. This has led to certain drawbacks and occurrences to look upon. There are many
security risks, events and threats that take place in association with the user and business
information that may have some extremely dangerous and harmful impacts. Information Security
and protection are the disciplines that have grown immensely in the recent years. There are
varied information and data sets that are present, such as, sensitive, critical, public, personal etc.
The report covers the analysis of a recent information security breach along with the ransomware
attack that was given shape by the attackers in May, 2017.
Security Breach at OSHA
OSHA stands for Occupational Safety and Health Administration which is a public sector agency
based out of the United States and operates in the department of labor. There are certain
categories and types of information that are extremely sensitive in nature and the health
information belongs to the same. The majority of the data sets at OSHA are therefore sensitive.
There are technological changes that are taking place with each passing day and OSHA is an
agency that decided to incorporate the same in its data operations and management. The health
information was converted to its electronic form for storage and transmission. The process
welcomed certain flaws in security which gave shape to the information breach in August, 2017.
The electronic reporting mechanism that was carried out at OSHA was shut down as an outcome.
OSHA had launched an injury tracking application (ITA) on 1st August 2017. The motive of the
application was the record maintenance of the injuries that were reported in an automated
manner. The attackers took advantage of the security flaws in ITA and there were some initial
pages that were targeted and affected. It then spread to the entire application and system which
exposed the sensitive health information to the malevolent parties (Gonzalez, 2017).
3
Introduction
There are numerous web-based and cloud computing applications and services that are being
used by the organizations. The automation of the business activities and operations have
provided the organizations with the ability to carry out the tasks quickly and accurately. The
volumes and variety of the data has also increased as a result. One organization handles various
projects at the same time and there is a lot of information that an organization manages and
processes. This has led to certain drawbacks and occurrences to look upon. There are many
security risks, events and threats that take place in association with the user and business
information that may have some extremely dangerous and harmful impacts. Information Security
and protection are the disciplines that have grown immensely in the recent years. There are
varied information and data sets that are present, such as, sensitive, critical, public, personal etc.
The report covers the analysis of a recent information security breach along with the ransomware
attack that was given shape by the attackers in May, 2017.
Security Breach at OSHA
OSHA stands for Occupational Safety and Health Administration which is a public sector agency
based out of the United States and operates in the department of labor. There are certain
categories and types of information that are extremely sensitive in nature and the health
information belongs to the same. The majority of the data sets at OSHA are therefore sensitive.
There are technological changes that are taking place with each passing day and OSHA is an
agency that decided to incorporate the same in its data operations and management. The health
information was converted to its electronic form for storage and transmission. The process
welcomed certain flaws in security which gave shape to the information breach in August, 2017.
The electronic reporting mechanism that was carried out at OSHA was shut down as an outcome.
OSHA had launched an injury tracking application (ITA) on 1st August 2017. The motive of the
application was the record maintenance of the injuries that were reported in an automated
manner. The attackers took advantage of the security flaws in ITA and there were some initial
pages that were targeted and affected. It then spread to the entire application and system which
exposed the sensitive health information to the malevolent parties (Gonzalez, 2017).
3
Information Security
It was not only the patients that were impacted by the security breach as the privacy and
confidentiality of their information was compromised. The incident took its toll on the members
of the staff at OSHA as well. The demographic and employability details of the staff members
were also exposed. The occurrence proved to be disastrous for OSHA as the customers could no
longer trust the agency and its services which led to disengagement of the customers and the
poor impact on the reputation in the market (Tornone, 2017).
There is a threat agent or the mode of attack that is always involved in any of the security
breaches and events. The case was no different with the security breach at OSHA as the ITA had
a weak and an unsecure access point. ITA is an application that was not deployed at OSHA
earlier. None of the similar applications were being used by the agency either. Due to the lack of
experience and a complete idea of the possible security flaws, the implementation team and the
application developers did not check on the security of the access points. This loophole and
vulnerability in the application security was later used by the malicious parties to give shape to
the security breach at OSHA (Golla, 2017).
Network based security attacks are being executed at a rapid scale in the present day
applications. It is because of the reason that networks are the prime links that are used in the
modern day applications and there are varied access points that are also present. OSHA could
have used the latest network security measures to prevent the security occurrence that took place.
Researchers and technocrats are extensively working in the area of network security and have
come up with the automated network security solutions for the activities such as network
monitoring, network based intrusion detection and prevention, maintenance of logs on the
network activity, network audits and reviews. These tools would have generated the adequate
alerts at the time of the initial attempts that were made by the attackers at OSHA (Bertino, 2015).
The security of the applications, systems and the entire organization cannot be generalized.
There is no common or standard security protocol that can be applied to protect and safeguard all
the elements at once. It is required to develop and implement the security policies and protocols
as per the nature of the element and the set of requirements. For instance, in the case of OSHA,
access control is one of the most significant security steps that should have been upgraded as per
the requirements. There is physical access control that was required at all the entry and exit gates
along with the technical and logical access control mechanisms for the protection of systems and
4
It was not only the patients that were impacted by the security breach as the privacy and
confidentiality of their information was compromised. The incident took its toll on the members
of the staff at OSHA as well. The demographic and employability details of the staff members
were also exposed. The occurrence proved to be disastrous for OSHA as the customers could no
longer trust the agency and its services which led to disengagement of the customers and the
poor impact on the reputation in the market (Tornone, 2017).
There is a threat agent or the mode of attack that is always involved in any of the security
breaches and events. The case was no different with the security breach at OSHA as the ITA had
a weak and an unsecure access point. ITA is an application that was not deployed at OSHA
earlier. None of the similar applications were being used by the agency either. Due to the lack of
experience and a complete idea of the possible security flaws, the implementation team and the
application developers did not check on the security of the access points. This loophole and
vulnerability in the application security was later used by the malicious parties to give shape to
the security breach at OSHA (Golla, 2017).
Network based security attacks are being executed at a rapid scale in the present day
applications. It is because of the reason that networks are the prime links that are used in the
modern day applications and there are varied access points that are also present. OSHA could
have used the latest network security measures to prevent the security occurrence that took place.
Researchers and technocrats are extensively working in the area of network security and have
come up with the automated network security solutions for the activities such as network
monitoring, network based intrusion detection and prevention, maintenance of logs on the
network activity, network audits and reviews. These tools would have generated the adequate
alerts at the time of the initial attempts that were made by the attackers at OSHA (Bertino, 2015).
The security of the applications, systems and the entire organization cannot be generalized.
There is no common or standard security protocol that can be applied to protect and safeguard all
the elements at once. It is required to develop and implement the security policies and protocols
as per the nature of the element and the set of requirements. For instance, in the case of OSHA,
access control is one of the most significant security steps that should have been upgraded as per
the requirements. There is physical access control that was required at all the entry and exit gates
along with the technical and logical access control mechanisms for the protection of systems and
4
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Information Security
applications. Identity management using two-fold authentication scheme would have also proved
to be extremely useful in case of OSHA (Wangen, 2017).
Malware are the malicious codes and programs that are designed with the aim to cause deliberate
damage to the victim by triggering the code at the desired point of time. OSHA should have
made use of firewalls and proxy servers as the basic measures to security along with the
implementation of anti-viruses and other anti-malware packages. These packages would have
generated the logs and alerts in case of the presence of any malware in the entire chain of
systems and applications.
Administrative checks and controls also have a huge significance in the maintenance and
execution of security. There are Chief Information Officers (CIO), Security Managers, Security
Auditors and several other resources that are recruited in the security department. OSHA must
also have a vigilant security department. However, these security teams are required to develop
administrative properties and measures to make sure there is complete adherence and compliance
to the security policies. There should be active use of the automated tools and protocols as well
for the purpose.
May 2017 – WannaCry Ransomware Attack
It is now seen that the users have become used to the security occurrences and cases that have a
low to medium impact. This is due to the reason that the frequency of such attacks has increased
at an immense rate. However, some of these cases become notable due to their degree of damage
and the number of victims that are impacted.
One of the recent cases that took the world by storm was WannaCry ransomware attack in the
month of May, 2017. There are various forms of malware that have been launched by the hackers
and attackers and one such malware is the ransomware. It is a malicious code that encrypts the
user information and also blocks the access to the files and the system. In order to re-gain the
access, the users are asked to pay a price which is the ransom.
WannaCry was a ransomware attack that was execute at a large scale and impacted the systems
and applications worldwide. There were over 150 countries that had to bear the toll of the attack.
A cryptoworm was launched by the team of attackers that targeted the machines that were based
5
applications. Identity management using two-fold authentication scheme would have also proved
to be extremely useful in case of OSHA (Wangen, 2017).
Malware are the malicious codes and programs that are designed with the aim to cause deliberate
damage to the victim by triggering the code at the desired point of time. OSHA should have
made use of firewalls and proxy servers as the basic measures to security along with the
implementation of anti-viruses and other anti-malware packages. These packages would have
generated the logs and alerts in case of the presence of any malware in the entire chain of
systems and applications.
Administrative checks and controls also have a huge significance in the maintenance and
execution of security. There are Chief Information Officers (CIO), Security Managers, Security
Auditors and several other resources that are recruited in the security department. OSHA must
also have a vigilant security department. However, these security teams are required to develop
administrative properties and measures to make sure there is complete adherence and compliance
to the security policies. There should be active use of the automated tools and protocols as well
for the purpose.
May 2017 – WannaCry Ransomware Attack
It is now seen that the users have become used to the security occurrences and cases that have a
low to medium impact. This is due to the reason that the frequency of such attacks has increased
at an immense rate. However, some of these cases become notable due to their degree of damage
and the number of victims that are impacted.
One of the recent cases that took the world by storm was WannaCry ransomware attack in the
month of May, 2017. There are various forms of malware that have been launched by the hackers
and attackers and one such malware is the ransomware. It is a malicious code that encrypts the
user information and also blocks the access to the files and the system. In order to re-gain the
access, the users are asked to pay a price which is the ransom.
WannaCry was a ransomware attack that was execute at a large scale and impacted the systems
and applications worldwide. There were over 150 countries that had to bear the toll of the attack.
A cryptoworm was launched by the team of attackers that targeted the machines that were based
5
Information Security
on the operating system as Microsoft Windows. The cryptoworm encrypted all of the
information that was present in these systems and a message was flashed on the screens to pay
the ransom in the form of Bitcoin cryptocurrency (Wong & Solon, 2017).
National Health Staff (NHS) located in United Kingdom is the organization that was among the
first reported of the WannaCry attack. The first report was lodged on May 12, 2017. NHS
witnessed the shutting down of all of its systems one by one with a message being displayed on
each system as a ransom of USD 300 (£230) was to be provided by the system owners. Many of
the other countries from Europe also reported of the similar experience after the passage of time.
Russia also provided an account of the similar happening and it is being said that Russia was
hugely impacted by the attack (Hern & Gibbs, 2017).
There were many other countries in Europe and Asia that had to experience the massive attack
on the information and system security. Some of these countries include China, Turkey, India,
Japan, Malaysia, Germany, Italy, France etc.
The attackers executed the attack after a great research and analysis of the security vulnerabilities
in Microsoft Windows. There was one of such security flaws termed as EternalBlue that was
highlighted in the Windows systems. It was declared that the vulnerability was overcome with
the release and installation of the necessary security patches. A group of hackers called Shadow
Brokers made EternalBlue public in April, 2017. It is the same flaw that was used in the
execution and spread of the WannaCry ransomware.
WannaCry is an example of the security attack that took place because of weaknesses in the
security architecture and the negligence of the service providers and service users. The security
vulnerability in the Windows systems was identified and analyzed well before the WannaCry
attack. Adequate and necessary steps were not taken by the service providers and the service
users to ensure that the system was completely secure and the security vulnerability was not
present any longer (Palmer, 2017).
User awareness is one of the requirements to make sure that the security information and the
measures to improve the security status are taken by every user. The same should have been
done by Microsoft as well with the use of so many mediums to connect with the users such as
social media accounts, discussion forums, emails and so on (Erlich & Zviran, 2010).
6
on the operating system as Microsoft Windows. The cryptoworm encrypted all of the
information that was present in these systems and a message was flashed on the screens to pay
the ransom in the form of Bitcoin cryptocurrency (Wong & Solon, 2017).
National Health Staff (NHS) located in United Kingdom is the organization that was among the
first reported of the WannaCry attack. The first report was lodged on May 12, 2017. NHS
witnessed the shutting down of all of its systems one by one with a message being displayed on
each system as a ransom of USD 300 (£230) was to be provided by the system owners. Many of
the other countries from Europe also reported of the similar experience after the passage of time.
Russia also provided an account of the similar happening and it is being said that Russia was
hugely impacted by the attack (Hern & Gibbs, 2017).
There were many other countries in Europe and Asia that had to experience the massive attack
on the information and system security. Some of these countries include China, Turkey, India,
Japan, Malaysia, Germany, Italy, France etc.
The attackers executed the attack after a great research and analysis of the security vulnerabilities
in Microsoft Windows. There was one of such security flaws termed as EternalBlue that was
highlighted in the Windows systems. It was declared that the vulnerability was overcome with
the release and installation of the necessary security patches. A group of hackers called Shadow
Brokers made EternalBlue public in April, 2017. It is the same flaw that was used in the
execution and spread of the WannaCry ransomware.
WannaCry is an example of the security attack that took place because of weaknesses in the
security architecture and the negligence of the service providers and service users. The security
vulnerability in the Windows systems was identified and analyzed well before the WannaCry
attack. Adequate and necessary steps were not taken by the service providers and the service
users to ensure that the system was completely secure and the security vulnerability was not
present any longer (Palmer, 2017).
User awareness is one of the requirements to make sure that the security information and the
measures to improve the security status are taken by every user. The same should have been
done by Microsoft as well with the use of so many mediums to connect with the users such as
social media accounts, discussion forums, emails and so on (Erlich & Zviran, 2010).
6
Information Security
Malware are the malicious codes and programs that are designed with the aim to cause deliberate
damage to the victim by triggering the code at the desired point of time. Microsoft along with all
the business units and organizations should have made use of firewalls and proxy servers as the
basic measures to security along with the implementation of anti-viruses and other anti-malware
packages. These packages would have generated the logs and alerts in case of the presence of
any malware in the entire chain of systems and applications (Al-Hamdani, 2009).
Technology has provided the users with so many applications and automated tools for the
maintenance of security and the installation of the measures for enhancement of the security
infrastructure. Such tools and applications shall be analyzed according to the specific needs and
requirements of the system. There shall be measures that must be taken for understanding the
different features and functionalities that are offered by different vendors and the most applicable
out of all shall be implemented. It is necessary to regularly update the systems and applications
to the latest versions that are offered by the vendors so that the security occurrences that are
specific to particular versions are avoided by default.
Conclusion
Information is one of the most important and primary asset of the organizations and the users. It
is necessary to develop the measures that can lead to the avoidance of the security breaches and
the technology shall be put to use for the same.
7
Malware are the malicious codes and programs that are designed with the aim to cause deliberate
damage to the victim by triggering the code at the desired point of time. Microsoft along with all
the business units and organizations should have made use of firewalls and proxy servers as the
basic measures to security along with the implementation of anti-viruses and other anti-malware
packages. These packages would have generated the logs and alerts in case of the presence of
any malware in the entire chain of systems and applications (Al-Hamdani, 2009).
Technology has provided the users with so many applications and automated tools for the
maintenance of security and the installation of the measures for enhancement of the security
infrastructure. Such tools and applications shall be analyzed according to the specific needs and
requirements of the system. There shall be measures that must be taken for understanding the
different features and functionalities that are offered by different vendors and the most applicable
out of all shall be implemented. It is necessary to regularly update the systems and applications
to the latest versions that are offered by the vendors so that the security occurrences that are
specific to particular versions are avoided by default.
Conclusion
Information is one of the most important and primary asset of the organizations and the users. It
is necessary to develop the measures that can lead to the avoidance of the security breaches and
the technology shall be put to use for the same.
7
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Information Security
References
Al-Hamdani, W. (2009). Three Models to Measure Information Security Compliance.
International Journal Of Information Security And Privacy, 3(4), 43-67.
http://dx.doi.org/10.4018/jisp.2009100104
Bbc. (2017). Massive ransomware infection hits computers in 99 countries - BBC News. BBC
News. Retrieved 31 August 2017, from http://www.bbc.com/news/technology-39901382
Bertino, E. (2015). Security and privacy of electronic health information systems. International
Journal Of Information Security, 14(6), 485-486. http://dx.doi.org/10.1007/s10207-015-
0303-z
Erlich, Z., & Zviran, M. (2010). Goals and Practices in Maintaining Information Systems
Security. International Journal Of Information Security And Privacy, 4(3), 40-50.
http://dx.doi.org/10.4018/jisp.2010070103
Gollan, J. (2017). Labor Department blames data breach for injury reporting site’s
shutdown. Reveal. Retrieved 31 August 2017, from https://www.revealnews.org/blog/labor-
department-blames-data-breach-for-shutdown-of-employee-injury-reporting-site/
Gonzalez, G. (2017). Security breach shuts down OSHA electronic reporting application -
Business Insurance. Business Insurance. Retrieved 31 August 2017, from
http://www.businessinsurance.com/article/20170816/NEWS08/912315224/Security-breach-
shuts-down-OSHA-electronic-reporting-application
Hern, A., & Gibbs, S. (2017). What is WannaCry ransomware and why is it attacking global
computers?. the Guardian. Retrieved 31 August 2017, from
https://www.theguardian.com/technology/2017/may/12/nhs-ransomware-cyber-attack-
what-is-wanacrypt0r-20
Palmer, D. (2017). Your failure to apply critical cybersecurity updates is putting your company
at risk from the next WannaCry or Petya | ZDNet. ZDNet. Retrieved 31 August 2017, from
http://www.zdnet.com/article/your-failure-to-apply-critical-cyber-security-updates-puts-
your-company-at-risk-from-the-next/
8
References
Al-Hamdani, W. (2009). Three Models to Measure Information Security Compliance.
International Journal Of Information Security And Privacy, 3(4), 43-67.
http://dx.doi.org/10.4018/jisp.2009100104
Bbc. (2017). Massive ransomware infection hits computers in 99 countries - BBC News. BBC
News. Retrieved 31 August 2017, from http://www.bbc.com/news/technology-39901382
Bertino, E. (2015). Security and privacy of electronic health information systems. International
Journal Of Information Security, 14(6), 485-486. http://dx.doi.org/10.1007/s10207-015-
0303-z
Erlich, Z., & Zviran, M. (2010). Goals and Practices in Maintaining Information Systems
Security. International Journal Of Information Security And Privacy, 4(3), 40-50.
http://dx.doi.org/10.4018/jisp.2010070103
Gollan, J. (2017). Labor Department blames data breach for injury reporting site’s
shutdown. Reveal. Retrieved 31 August 2017, from https://www.revealnews.org/blog/labor-
department-blames-data-breach-for-shutdown-of-employee-injury-reporting-site/
Gonzalez, G. (2017). Security breach shuts down OSHA electronic reporting application -
Business Insurance. Business Insurance. Retrieved 31 August 2017, from
http://www.businessinsurance.com/article/20170816/NEWS08/912315224/Security-breach-
shuts-down-OSHA-electronic-reporting-application
Hern, A., & Gibbs, S. (2017). What is WannaCry ransomware and why is it attacking global
computers?. the Guardian. Retrieved 31 August 2017, from
https://www.theguardian.com/technology/2017/may/12/nhs-ransomware-cyber-attack-
what-is-wanacrypt0r-20
Palmer, D. (2017). Your failure to apply critical cybersecurity updates is putting your company
at risk from the next WannaCry or Petya | ZDNet. ZDNet. Retrieved 31 August 2017, from
http://www.zdnet.com/article/your-failure-to-apply-critical-cyber-security-updates-puts-
your-company-at-risk-from-the-next/
8
Information Security
Tornone, K. (2017). OSHA halts new online reporting following security breach. HR Dive.
Retrieved 31 August 2017, from http://www.hrdive.com/news/osha-halts-new-online-
reporting-following-security-breach/449551/
Wangen, G. (2017). A framework for estimating information security risk assessment method
completeness. International Journal Of Information Security.
http://dx.doi.org/10.1007/s10207-017-0382-0
Wong, J., & Solon, O. (2017). Massive ransomware cyber-attack hits nearly 100 countries
around the world. the Guardian. Retrieved 31 August 2017, from
https://www.theguardian.com/technology/2017/may/12/global-cyber-attack-ransomware-
nsa-uk-nhs
9
Tornone, K. (2017). OSHA halts new online reporting following security breach. HR Dive.
Retrieved 31 August 2017, from http://www.hrdive.com/news/osha-halts-new-online-
reporting-following-security-breach/449551/
Wangen, G. (2017). A framework for estimating information security risk assessment method
completeness. International Journal Of Information Security.
http://dx.doi.org/10.1007/s10207-017-0382-0
Wong, J., & Solon, O. (2017). Massive ransomware cyber-attack hits nearly 100 countries
around the world. the Guardian. Retrieved 31 August 2017, from
https://www.theguardian.com/technology/2017/may/12/global-cyber-attack-ransomware-
nsa-uk-nhs
9
1 out of 9
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.