A Detailed Report on Contemporary Cyber Security Attacks

Verified

Added on 2022/09/18

AI Summary

This report provides an in-depth analysis of three significant cyber attacks: WannaCry, Equifax, and Yahoo. The report details the operational processes of each attack, including how WannaCry targeted Microsoft Windows systems and demanded ransom, how Equifax's data breach exposed millions of personal records, and how the Yahoo attack compromised hundreds of millions of accounts. The report outlines the outcomes of each attack, such as the extensive damage caused by WannaCry, the exposure of sensitive personal data in the Equifax breach, and the selling of personal data in the Yahoo attack. Furthermore, the report offers recommendations for preventing such attacks, including regular software updates, cautious handling of links and emails, and data encryption. The report concludes by emphasizing the importance of proactive security measures to mitigate cyber threats.

Running head: CYBER ATTACK
CYBER ATTACK
Name of the Student
Name of the University
Author note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1
CYBER ATTACK
Table of Contents
Introduction......................................................................................................................................2
Cyber Attack 1.................................................................................................................................2
Cyber Attack 2.................................................................................................................................3
Cyber Attack 3.................................................................................................................................4
Summary..........................................................................................................................................5
References........................................................................................................................................6

2
CYBER ATTACK
Introduction
Cyber-attack is considered to be an attack that is launched from one or more computers
on another computer. This attack can be launched against a single network as well as on a
multiple network. The cyber breaches are diversified in 2 major sections, they are namely the
attacks in which the goals is to disable the target and the other goal is to gain access to the target
(Jhaveri and Patel 2017). The cyber attacks that will be discussed in the report are namely
WannaCry, Equifax and Yahoo attacks.
Cyber Attack 1
The very first cyber attack that have been chosen is WannCry.
WannaCry is considered to be a ransomware attack that spread in a rapid manner in the
month of May in the year 2017. The main target of the malware was to root the computers as
well as the facilities that were run by the UK NHS (Mohurle and Patil 2017).
Operational process
WannaCry targeted the computers that were running on the platform of Microsoft
Windows OS. The data that were present in the computing devices were encrypted and hence
ransom payments were demanded from the victims. WannaCry is considered as a network worm
as data was being transacted during the attack as well. The process starts WannaCry malware
initially checking the kill switch domain name (Chen and Bridges 2017). In case the kill switch
domain name is not found, the data that are present in the computing systems are encrypted.
After this process, exploiting of the SMB vulnerability is done (Mattei 2017). This is done for
spreading out to different computing devices that are present in the same network.

3
CYBER ATTACK
Outcome of the attack
It was observed that over 200,000 computers were affected in the attacking process. The
total number of countries that were affected were 150. Russia, Ukraine, India and Taiwan were
the most affected countries. One third of the entire NHS hospital trusts were affected due to the
WannaCry attack (Kao and Hsiao 2018). The loss is estimated to be £92 million and a total of
cancelled 19,000 appointments. It is estimated that a total of $4 billion was lost in the attack
globally.
Recommendation
The major recommendations that are to be taken in the process includes the likes of
updating of the software as well as the operating system in a regular manner. Preventing the
users from clicking in suspicious links and not opening e mails that are received from
unauthorized senders. Downloading from unauthenticated links are also provided in this case.
Avoiding usage of the unknown USB is also one of the major aspect that is to be considered.
Cyber Attack 2
The cyber attack next chosen is Equifax. In the year 2017, attackers have fetched data
from several organization regarding the fetching of dsata from the credit reporting agency. Tgusb
includes the fact that there have been proper assessment of the data that are stored in the
reporting agency is used in the process (Berghel 2017). It have been seen that hundreds of
millions of personal data of the clients have been stolen from the database of the Equifax.
Assessing of financial health have been one of the major aspect that is considered in the process.
Equifax was heavily criticized for the improper security measures that they had taken.
Operational process

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4
CYBER ATTACK
In the initial stage, the company was initially hacked using the platform of customer
complain web portal, the vulnerability that have been widely known in the process have been
utilized. This utilization includes the fact that there have been the ongoing issue for many days
and this was not being fixed. The attackers had moved the web portal from the other services as
the systems were not segmented from one another in a proper manner (Smith and Mulrain 2017).
Hence the attackers pulled out the data from the servers in a form that was encrypted in nature.
In this case the username and the password is stored in plain text and hence gaining access to
personal data got easier for the imposters.
Outcome
The number of victims have been 143 million in the attack. It have been seen that the
name, address date of birth, social security numbers and license numbers were breached. The
most important data that was breached in the process includes credit card number. The least
Equifax had to pay the compromised victim was $125 (Hedley and Jacobs 2017).
Recommendation
The best way out that could have been used by Equifax for keeping the data protected
incudes encrypting of the data that are stored in the database, In case the data that are stored in
the system were properly encrypted even if the data were stolen, no proper information would
have been received by the imposters. Usage of updated versions of the software and firewall
would also have benefitted.
Cyber Attack 3
The last attack that have been chosen in the case is Yahoo attack

5
CYBER ATTACK
Operational process
Yahoo attack is considered to be one of the largest data breach attack that have taken
place. It have been seen that over 200 million of Yahoo account details were put into dark net
market site. It was seen that a seller of personal data, named peach had collected data from the
data base of the Yahoo search engine and hence wise was having a proper assessment of the
personal information of the clients (Thielman 2016). This includes the fact that there have been
proper assessing of the breaching process being made.
Outcome
Personal data were sold. Over 500 million accounts were affected in the process. This
includes the fact that passwords were compromised. This compromising of the password have
been one of the major aspect that is to be considered (Battat 2017).
Recommendation
The clients who are associated with Yahoo needs to update their password in an urgent
basis. Updating of the security questions are also considered to be an important process.
Summary
From the above discussion, it can be stated that the data that the cyber attacks that have
taken place are majorly due to the improper steps and inactive approach that was taken by the
organization In case the approach was proactive in nature, these issues could have been
eliminated.

6
CYBER ATTACK
References
Mohurle, S. and Patil, M., 2017. A brief study of wannacry threat: Ransomware attack
2017. International Journal of Advanced Research in Computer Science, 8(5).
Mattei, T.A., 2017. Privacy, confidentiality, and security of health care information: Lessons
from the recent Wannacry cyberattack. World neurosurgery, 104, pp.972-974.
Berghel, H., 2017. Equifax and the latest round of identity theft roulette. Computer, 50(12),
pp.72-76.
Smith, M. and Mulrain, G., 2017. Equi-Failure: The National Security Implications of the
Equifax Hack and a Critical Proposal for Reform. J. Nat'l Sec. L. & Pol'y, 9, p.549.
Hedley, D. and Jacobs, M., 2017. The shape of things to come: the Equifax breach, the GDPR
and open-source security. Computer Fraud & Security, 2017(11), pp.5-7.
Thielman, S., 2016. Yahoo hack: 1bn accounts compromised by biggest data breach in
history. The Guardian, 15, p.2016.
Battat, R., 2017. Lessons from the Yahoo Hack. Risk Management, 64(9), pp.14-16.
Jhaveri, R.H. and Patel, N.M., 2017. Attack‐pattern discovery based enhanced trust model for
secure routing in mobile ad‐hoc networks. International Journal of Communication
Systems, 30(7), p.e3148.
Chen, Q. and Bridges, R.A., 2017, December. Automated behavioral analysis of malware: A
case study of wannacry ransomware. In 2017 16th IEEE International Conference on Machine
Learning and Applications (ICMLA) (pp. 454-460). IEEE.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7
CYBER ATTACK
Kao, D.Y. and Hsiao, S.C., 2018, February. The dynamic analysis of WannaCry ransomware.
In 2018 20th International Conference on Advanced Communication Technology (ICACT) (pp.
159-166). IEEE.