Network Security - Major Incidents and Predictions for 2018
VerifiedAdded on 2023/06/15
|6
|1818
|189
AI Summary
This report discusses six major incidents related to network security in the real world, their significance, impact, frequency of occurrence, technical nature, and predictions for 2018. The incidents include Cloudbleed, Data Breaches, Phishing Attack, Malware Attack, Ransomware in Cloud, and NotPetya Attack. The report also provides an analysis of the attacks that are similar and predictions for 2018. The subject is Network Security, and the course code and name are not mentioned. The college/university is not mentioned.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Name of the Student
Network Security -- Private Communication in a Public World
Network Security -- Private Communication in a Public World
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1Name of the Student
The report has a specific focus on the network security related to the real world. In
this report, six major incidents of the recent year will be discussed. The content of the
incident will be categories with the significance, cost, impact, frequent occurrence, technical
nature of the attack. Finally, the analysis will be done regarding the attacks that are similar
and provide with information predicted for 2018
Rev 1: February 25, 2017
Cloudbleed:
Significance- The significance of Cloudbleed is that it kept user’s sensitive information at
stake. The information of users including passwords from Cloudflare organisation was leaked
to thousands of websites (Holland, 2017). It caused revealing of private information of
Cloudflare customers on the almost 3,400 websites.
Impact- The impact of CloudFlare was devastating, but it was minimal as it leaked private
information such as photos or videos of users (Holland, 2017). The introduction of vulnerable
HTML parser contributed in affecting almost 180 sites. The Cloudbleed affected users as it
was going on for a long time.
Frequent occurrence- The occurrence of this type of attack is less if it is detected quickly
and this type of attack cannot occur very frequently.
Technical nature- The technical nature of this attack is that it leaked user’s private
information such as username and password on several websites.
Analysis-
The attacks similar to Cloudbleed is Heartbleed which affected almost half of million
websites (Nieva, 2014). The Heartbleed attack was vulnerable, and attackers can gain access
to data servers on OpenSSL software.
The prediction of Cloudbleed attack in 2018 is that CloudFlare should be aware of its
security activities. They should adopt and implement potential strategies to mitigate the
similar risks in future.
Rev 2: January 02, 2018
Data Breaches:
Significance- The significance of Data Breaches is that the information of the personal
identification can be obtained through identity criminals.
Impact- If the user responded to the data breaches then it will impact the identity crime of
the incidence.
Frequent occurrence- Frequent notification has seen in the United States and the overseas
legislatures regarding the data breaches. Currently, the Australian Government made it
mandatory for the notification of data breach process (2017 Data Breach Investigations
Report, 2018).
Technical nature- The technical nature of the attack is that through personal information
data such as date-of-birth, social security number and more can be a breach and stole.
1
The report has a specific focus on the network security related to the real world. In
this report, six major incidents of the recent year will be discussed. The content of the
incident will be categories with the significance, cost, impact, frequent occurrence, technical
nature of the attack. Finally, the analysis will be done regarding the attacks that are similar
and provide with information predicted for 2018
Rev 1: February 25, 2017
Cloudbleed:
Significance- The significance of Cloudbleed is that it kept user’s sensitive information at
stake. The information of users including passwords from Cloudflare organisation was leaked
to thousands of websites (Holland, 2017). It caused revealing of private information of
Cloudflare customers on the almost 3,400 websites.
Impact- The impact of CloudFlare was devastating, but it was minimal as it leaked private
information such as photos or videos of users (Holland, 2017). The introduction of vulnerable
HTML parser contributed in affecting almost 180 sites. The Cloudbleed affected users as it
was going on for a long time.
Frequent occurrence- The occurrence of this type of attack is less if it is detected quickly
and this type of attack cannot occur very frequently.
Technical nature- The technical nature of this attack is that it leaked user’s private
information such as username and password on several websites.
Analysis-
The attacks similar to Cloudbleed is Heartbleed which affected almost half of million
websites (Nieva, 2014). The Heartbleed attack was vulnerable, and attackers can gain access
to data servers on OpenSSL software.
The prediction of Cloudbleed attack in 2018 is that CloudFlare should be aware of its
security activities. They should adopt and implement potential strategies to mitigate the
similar risks in future.
Rev 2: January 02, 2018
Data Breaches:
Significance- The significance of Data Breaches is that the information of the personal
identification can be obtained through identity criminals.
Impact- If the user responded to the data breaches then it will impact the identity crime of
the incidence.
Frequent occurrence- Frequent notification has seen in the United States and the overseas
legislatures regarding the data breaches. Currently, the Australian Government made it
mandatory for the notification of data breach process (2017 Data Breach Investigations
Report, 2018).
Technical nature- The technical nature of the attack is that through personal information
data such as date-of-birth, social security number and more can be a breach and stole.
1
2Name of the Student
Analysis- In the year 2017, the Equifax credit reporting agency faced a cyber-attack in which
half of the U.S populations’ date of birth, social security number and other data are stolen
(Berghel, 2017). It is a stark reminder from the hackers as it seems that they are thinking
something big. There are a lot of sensitive information that the company hold. As per the
security expert Marc Goodman who is the also an author of Future Crimes have a view that
the data brokers hold information about the habits of people’s through personal Web
browsing as this is the most popular targeted site.
Rev 3: December 27, 2017
Phishing Attack:
Significance- In this attack, the attacker usually sends an email to the user who seems to be
from someone that the user know about (David Marshall, 2018). It seems that the email is
legitimate that has some urgency. There is an attachment in the email that either open or has a
link to click.
Impact- If the user opens the malicious attachment then the malware gets installed on the
user’s computer system. Once the user clicks on that link, a legitimate website open on the
screen requesting a login and get access to all important files which is a trap.
Frequent occurrence- In 2017, Google Docs phishing attacks had frequently hack or spoof
to steal the corporate data and credentials.
Technical nature- The technical nature of the attack is that through malicious email the
attack gets install to user’s computer and hacker easily get the access to confidential
information.
Analysis- In 2018, the schemes of phishing is much sophisticated. Incredible techniques are
used that are well disguised by a cybercriminal.
Rev 4: April 11, 2018
Malware attack:
Significance- The significance of this attack is that there is a pop up of an antivirus alert on
the user screen which is a malware (Sehgal, 2018). If the user clicks on the malicious
attachment of the email, then there is a close chance that malware attacks have entered the
system.
Impact- Through malware, attackers gain hold over the users’ computers. Malware takes
control of the machine and monitor the actions and keystrokes and send all confidential data
from the user computer or network to the attacker’s computer (Giles, 2018).
Frequent occurrence- Frequently occurring malware are Trojan horses, spyware, worms,
viruses, adware that are seen on the user’s computer.
Technical nature- the attacker get complete control and access to the user’s computer
Analysis-
In the Cisco 2018 Annual Cybersecurity Report, it has been discussed that after seen the
behaviour of the attacker for past 18 months they had analysed that the defender can stop the
attack if they can know about the attack when it is coming and protect their devices.
2
Analysis- In the year 2017, the Equifax credit reporting agency faced a cyber-attack in which
half of the U.S populations’ date of birth, social security number and other data are stolen
(Berghel, 2017). It is a stark reminder from the hackers as it seems that they are thinking
something big. There are a lot of sensitive information that the company hold. As per the
security expert Marc Goodman who is the also an author of Future Crimes have a view that
the data brokers hold information about the habits of people’s through personal Web
browsing as this is the most popular targeted site.
Rev 3: December 27, 2017
Phishing Attack:
Significance- In this attack, the attacker usually sends an email to the user who seems to be
from someone that the user know about (David Marshall, 2018). It seems that the email is
legitimate that has some urgency. There is an attachment in the email that either open or has a
link to click.
Impact- If the user opens the malicious attachment then the malware gets installed on the
user’s computer system. Once the user clicks on that link, a legitimate website open on the
screen requesting a login and get access to all important files which is a trap.
Frequent occurrence- In 2017, Google Docs phishing attacks had frequently hack or spoof
to steal the corporate data and credentials.
Technical nature- The technical nature of the attack is that through malicious email the
attack gets install to user’s computer and hacker easily get the access to confidential
information.
Analysis- In 2018, the schemes of phishing is much sophisticated. Incredible techniques are
used that are well disguised by a cybercriminal.
Rev 4: April 11, 2018
Malware attack:
Significance- The significance of this attack is that there is a pop up of an antivirus alert on
the user screen which is a malware (Sehgal, 2018). If the user clicks on the malicious
attachment of the email, then there is a close chance that malware attacks have entered the
system.
Impact- Through malware, attackers gain hold over the users’ computers. Malware takes
control of the machine and monitor the actions and keystrokes and send all confidential data
from the user computer or network to the attacker’s computer (Giles, 2018).
Frequent occurrence- Frequently occurring malware are Trojan horses, spyware, worms,
viruses, adware that are seen on the user’s computer.
Technical nature- the attacker get complete control and access to the user’s computer
Analysis-
In the Cisco 2018 Annual Cybersecurity Report, it has been discussed that after seen the
behaviour of the attacker for past 18 months they had analysed that the defender can stop the
attack if they can know about the attack when it is coming and protect their devices.
2
3Name of the Student
3
3
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4Name of the Student
Rev 5: July 20, 2016
Ransomware in Cloud:
Significance- This malicious software attack data and lock down till the ransom is paid.
Ransomware is a malware in which the defences are breached and through it the files of the
computer locks down with the use of strong encryption (Polatidis et al., 2017).
Impact- The computer that is infected have the impact of it on productivity due to the risk of
losing the valuable data. The ransomware has infected mainly the unsafe link or programs.
Frequent occurrence- In the last 12 months, there has been a plague seen in the ransomware
attacks that were targeting Britain’s National Health Service located in San Francisco’s in the
light-rail network and to some of the big companies like FedEx.
Technical nature- The technical nature of the attack is that data or files of the computer get
locks.
Analysis-
The RightScale’s 2016 State of Cloud report have seen that 82 % enterprises use
multi-cloud strategy. According to the Intuit projections 78% small businesses will have
cloud by 2020. The data can be saved to virtual environments; companies are now more
flexible to save money on IT infrastructure. In future, Cloud is going to improve its
productivity, scale the strategies of IT, collaborate and within the infrastructure, there is an
increase in effectiveness of the cost. By 2019, the market of cloud security will be $8.71
billion which means companies can invest more on tools to make their environment.
Rev 6: June 27, 2017
NotPetya attack:
Significance- The significance of NotPetya attack is that it infected machines going through
a network (Marsh, 2018). The attack was significant as it was unknown and destructive which
affected organisations very badly in Ukraine.
Impact- The impact of NotPetya attack was huge as it affected organisations in Ukraine
regarding government, energy and financial institutions (Marsh, 2018). The global companies
were also impacted badly including FedEx, Merck and Maersk. The revenue loss was big for
the companies as it costs up to $300 million loss.
Frequency occurrence- The frequency occurrence of this attack is high as the code used in
this attack is reusable with some improvements. The attack can take various forms with
advancements in the attack.
Technical nature- The technical nature of the attack was that computers were infected
mostly in Ukraine and Russia. The malicious codes were injected into the computers that
caused the attack to occur. The NotPetya victims were not able to recover their data as
attackers themselves were not able to provide decryption keys.
Analysis
The attack similar to this attack is Petya attack that occurred before this attack and
NonPetya attack used come codes from Petya attack (Solon & Hern, 2017).
The prediction of Petya attack for 2018 is that it can be mitigated if the systems are
updated, and data are backed up.
4
Rev 5: July 20, 2016
Ransomware in Cloud:
Significance- This malicious software attack data and lock down till the ransom is paid.
Ransomware is a malware in which the defences are breached and through it the files of the
computer locks down with the use of strong encryption (Polatidis et al., 2017).
Impact- The computer that is infected have the impact of it on productivity due to the risk of
losing the valuable data. The ransomware has infected mainly the unsafe link or programs.
Frequent occurrence- In the last 12 months, there has been a plague seen in the ransomware
attacks that were targeting Britain’s National Health Service located in San Francisco’s in the
light-rail network and to some of the big companies like FedEx.
Technical nature- The technical nature of the attack is that data or files of the computer get
locks.
Analysis-
The RightScale’s 2016 State of Cloud report have seen that 82 % enterprises use
multi-cloud strategy. According to the Intuit projections 78% small businesses will have
cloud by 2020. The data can be saved to virtual environments; companies are now more
flexible to save money on IT infrastructure. In future, Cloud is going to improve its
productivity, scale the strategies of IT, collaborate and within the infrastructure, there is an
increase in effectiveness of the cost. By 2019, the market of cloud security will be $8.71
billion which means companies can invest more on tools to make their environment.
Rev 6: June 27, 2017
NotPetya attack:
Significance- The significance of NotPetya attack is that it infected machines going through
a network (Marsh, 2018). The attack was significant as it was unknown and destructive which
affected organisations very badly in Ukraine.
Impact- The impact of NotPetya attack was huge as it affected organisations in Ukraine
regarding government, energy and financial institutions (Marsh, 2018). The global companies
were also impacted badly including FedEx, Merck and Maersk. The revenue loss was big for
the companies as it costs up to $300 million loss.
Frequency occurrence- The frequency occurrence of this attack is high as the code used in
this attack is reusable with some improvements. The attack can take various forms with
advancements in the attack.
Technical nature- The technical nature of the attack was that computers were infected
mostly in Ukraine and Russia. The malicious codes were injected into the computers that
caused the attack to occur. The NotPetya victims were not able to recover their data as
attackers themselves were not able to provide decryption keys.
Analysis
The attack similar to this attack is Petya attack that occurred before this attack and
NonPetya attack used come codes from Petya attack (Solon & Hern, 2017).
The prediction of Petya attack for 2018 is that it can be mitigated if the systems are
updated, and data are backed up.
4
5Name of the Student
References
Berghel, H. (2017). Equifax and the Latest Round of Identity Theft
Roulette. Computer, 50(12), 72-76.
David Marshall, V. (2018). Bitglass 2018 Predictions: The Future of Passwords and Phishing:
@VMblog. Retrieved from http://vmblog.com/archive/2017/12/27/bitglass-2018-
predictions-the-future-of-passwords-and-phishing.aspx
Giles, M. (2018). The nasty surprises hackers have in store for us in 2018. Retrieved from
https://www.technologyreview.com/s/609641/six-cyber-threats-to-really-worry-about-
in-2018/
Holland, P. (2017). Cloudbleed bug: Everything you need to know. Retrieved from
https://www.cnet.com/how-to/cloudbleed-bug-everything-you-need-to-know/
Marsh, S. (2018). US joins the UK in blaming Russia for NotPetya cyber-attack. Retrieved
from https://www.theguardian.com/technology/2018/feb/15/uk-blames-russia-
notpetya-cyber-attack-ukraine
Nieva, R. (2014). Heartbleed bug: What you need to know (FAQ). Retrieved from
https://www.cnet.com/news/heartbleed-bug-what-you-need-to-know-faq/
Polatidis, N., Pimenidis, E., Pavlidis, M., & Mouratidis, H. (2017, August). Recommender
systems meeting security: From product recommendation to cyber-attack prediction.
In International Conference on Engineering Applications of Neural Networks (pp.
508-519). Springer, Cham.
Sehgal, K. (2018). This is how attackers are planning future malware attacks - IncubateIND
Media. Retrieved from https://media.incubateind.com/how-attackers-are-planning-
future-attacks/
Solon, O., & Hern, A. (2017). 'Petya' ransomware attack: what is it and how can it be
stopped?. Retrieved from
https://www.theguardian.com/technology/2017/jun/27/petya-ransomware-cyber-
attack-who-what-why-how
verizon. (2018). 2017 Data Breach Investigations Report [Ebook] (10th ed.). Retrieved from
http://www.ictsecuritymagazine.com/wp-content/uploads/2017-Data-Breach-
Investigations-Report.pdf
5
References
Berghel, H. (2017). Equifax and the Latest Round of Identity Theft
Roulette. Computer, 50(12), 72-76.
David Marshall, V. (2018). Bitglass 2018 Predictions: The Future of Passwords and Phishing:
@VMblog. Retrieved from http://vmblog.com/archive/2017/12/27/bitglass-2018-
predictions-the-future-of-passwords-and-phishing.aspx
Giles, M. (2018). The nasty surprises hackers have in store for us in 2018. Retrieved from
https://www.technologyreview.com/s/609641/six-cyber-threats-to-really-worry-about-
in-2018/
Holland, P. (2017). Cloudbleed bug: Everything you need to know. Retrieved from
https://www.cnet.com/how-to/cloudbleed-bug-everything-you-need-to-know/
Marsh, S. (2018). US joins the UK in blaming Russia for NotPetya cyber-attack. Retrieved
from https://www.theguardian.com/technology/2018/feb/15/uk-blames-russia-
notpetya-cyber-attack-ukraine
Nieva, R. (2014). Heartbleed bug: What you need to know (FAQ). Retrieved from
https://www.cnet.com/news/heartbleed-bug-what-you-need-to-know-faq/
Polatidis, N., Pimenidis, E., Pavlidis, M., & Mouratidis, H. (2017, August). Recommender
systems meeting security: From product recommendation to cyber-attack prediction.
In International Conference on Engineering Applications of Neural Networks (pp.
508-519). Springer, Cham.
Sehgal, K. (2018). This is how attackers are planning future malware attacks - IncubateIND
Media. Retrieved from https://media.incubateind.com/how-attackers-are-planning-
future-attacks/
Solon, O., & Hern, A. (2017). 'Petya' ransomware attack: what is it and how can it be
stopped?. Retrieved from
https://www.theguardian.com/technology/2017/jun/27/petya-ransomware-cyber-
attack-who-what-why-how
verizon. (2018). 2017 Data Breach Investigations Report [Ebook] (10th ed.). Retrieved from
http://www.ictsecuritymagazine.com/wp-content/uploads/2017-Data-Breach-
Investigations-Report.pdf
5
1 out of 6
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.