IT Risk Management: Wireless and Mobile Communication & Equifax Data Breach

Verified

Added on 2024/07/01

AI Summary

This document explores the risks associated with wireless and mobile communication, highlighting vulnerabilities like rogue access points, malicious attacks, and data interception. It then delves into the Equifax data breach, analyzing the causes, vulnerabilities exploited, and recommendations for mitigation. The document emphasizes the importance of robust security measures, including intrusion detection systems, access control lists, and network segregation, to protect against such threats.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

IT RISK MANAGEMENT
1

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Forum 1
Wireless and Mobile Communication
INTRODUCTION
Wireless communication simply means the transfer of the data between two or more things without
connection to any electrical conductors. In early times, the mobile system’s main focus was on
voice only but now transmission of data is also supported by the wireless mobile communication.
Today, the use of wireless mobile communication is increasing rapidly. It has reduced the
equipment cost and improved the capacity and efficiency by adding new more features. Everyone
is using various wireless communication devices such as laptops, PDA (Personal Digital Assistant)
etc. to connect to corporate networks to transfer files, exchanges data and perform other functions.
It supports many applications related to the data and internet and achieved higher data rates.
Although the data can be transmitted very rapidly, there are many risk and threats associated with
the wireless and mobile communications. But these threats can be solved by the risk management
approaches.
2

Risk Associated with the Wireless Mobile Communications:
 Configuration problems
 Rogue-Access points
 Risk related to the shared applications and technology
 Malicious attacks:
 Risk of confidential information
 Radio Congestion
 Security and data breach:
Wireless and mobile communications threats
 Denial of Service: DOS (Denial of Service) attacks means the attacker makes the network
resource unavailable to the user and steal the data.
 Passive Capturing: Passive capturing means capturing the data by listening and targeting the
wireless device and network.
 Network Interruption: In the local network, an access point is installed and any station can
access the internet which gives hackers to intercept the data.
 Data Interception: The data that is transmitted over the wireless mobile device is not always
encrypted. The data can be easily stolen if the transmission is done on the encrypted network.
 Leeching: Intruders can use the bandwidth of your network device while transmitting the
device.
Risk mitigation of Wireless and mobile communications
 To mitigate the Rogue-Access point, use SNMP (Simple Network Management Protocol)
passwords on the access points of the network.
 Instead of sharing the encrypted key, set the authentication technique to open any network.
 If there is no ACL (Access Control List) capability on the access points, then turn off the DHCP
(Dynamic Host Control Protocol), and the user static IP because DHCP automatically provides
IP address of the network which is accessing on the wireless mobile devices.
3

 To prevent the DoS (Denial of service attack), an Intrusion Detection System (IDS) is used that
will control the all actions performed and detects if any intruder enters or not.
 Enable the wireless security service WEP to provide security to the wireless mobile
communications and use other encryption application like SSL (Secure Socket Layer), Pretty
Good Privacy and SSH (Secure Shell).
 Implement the risk assessment that includes various security policies, technical requirements
and acknowledged vulnerabilities, threats and data breaches.
 Another risk mitigation approach includes implementing the security factors like make a
restriction on the shared files and certification among the users, make OTP services for more
security to get secure from the malicious attackers.
4

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

References
Alsop, R (2017) Security Think Tank: 10 control areas to mitigate against malware attacks. Retrieved
from https://www.computerweekly.com/opinion/Security-Think-Tank-10-control-areas-to-mitigate-
against-malware-attacks
Wilkins, S. (2011) Wireless Security Considerations: Common Security Threats to Wireless
Networks. Retrieved from https://www.pluralsight.com/blog/it-ops/wireless-lan-security-threats
Zalud, V. (2012) Wireless Cellular Mobile Communications. Retrieved from
https://www.researchgate.net/publication/26511538_Wireless_Cellular_Mobile_Communication
s
5

Forum 2
Equifax Data Breach
6

INTRODUCTION
Equifax, one of the largest credit providing company had suffered the data loss of around 140
million users’ personal information such as name, contact details like phone number, address, birth
data and license numbers from the security threat and data breach. The company discovered the
data breach in September 2017 but it was started in the mid of month May. Apart from the loss of
consumer’s information, around 209,000 users also lost their credit card details. Equifax had also
recognized the unauthorized access of information of the residents from the Canada and UK. As the
threat identified by the company, the security team of the technical department had blocked the
attacker and applied the security issues to restore the data loss. The company has used various risk
mitigation approaches to block the unauthorized access to entering in the network of the company.
How did it happen?
The data breach happened accidentally on the company Equifax without its knowledge. But after
one month, the company gets knowledge of some data loss but they still took it lightly and the
hacker got a chance to hack more data. Due to this, the company Equifax suffers the huge loss as
many consumers lost their personal data and some lost their credit card details. The data breach
happened due to the vulnerability of an open-source and open software Apache Struts.
Susceptibilities that were oppressed
 The main reason for this security threat happen in the Equifax company is that they were aware
of the vulnerability at that time but did not aware their consumers about it and took lots of time
in identifying the vulnerability system.
 The data breach occurred because of the attack on DoS (Denial of Service) which is now the
most common cyber-attack on the wireless communication devices.
 It also happened due to the trustworthy issues of some employees.
 Also, many vulnerabilities have been suspected but the company was not sure which has
caused the data breach.
Recommendation for risk mitigation
7

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

 Identify the main reason for the security risks that have been characterized by identifying the
security intelligence approaches like security alert.
 Use packet analyzer to identify which data packet has entered into the system and which has
exited from it.
 To secure from the attacks and data breaches while using wireless and mobile communication
devices, apply filters and install antivirus software such as firewalls.
 Keep checking on the vulnerable areas within some time periods to avoid the risk of data loss.
 Use IDS (Intrusion Detection System) into a system that alerts when any unidentified packets
enter in the network on the wireless mobile communication system. It stops denial of service
attack.
 Network segregation prevents the malware attackers.
 Implement and use SSO which is the single sign-on. Using SSO in the Equifax company can
prevent data from the untrustworthy employees of the company.
 The security risk from the attackers and data breach can also be secured and mitigate by
executing and implementing the ACL which is access control list that controls and access the
data and authenticates the user’s personal information as well as other credentials.
8

References:
Fruhlinger, J (2017) What is Stuxnet, who created it and how does it work? Retrieved from
https://www.csoonline.com/article/3218104/malware/what-is-stuxnet-who-created-it-and-
how-does-it-work.html
Kennedy, S (2003) Best Practices for Wireless Network Security retrieved from
https://www.computerworld.com/article/2573986/mobile-wireless/best-practices-for-wireless-network-
security.html
Robb, D (2015) 10 Tips to Mitigate Data Breaches. Retrieved from
https://www.esecurityplanet.com/network-security/10-tips-to-mitigate-data-breaches.html
9

1 out of 9

+13062052269

info@desklib.com

IT Risk Management: Wireless and Mobile Communication & Equifax Data Breach

Contribute Materials

Secure Best Marks with AI Grader

Secure Best Marks with AI Grader

Paraphrase This Document

Related Documents

Network Security in Wireless Communication Network

Strategies for Ensuring Secure Data Transfer in Wireless Networks

Wireless Networking Concepts - Comparative Analysis and Ping Test

Mobile and Wireless Security: Threats, Risks, and Prevention Techniques

Wireless and BYOD Security Plan

Distinct Differences Between Wired and Wireless Technology Essay 2022