NIT5140 Information Security: Critical Analysis of Equifax Data Breach

Verified

Added on 2024/06/03

AI Summary

This report provides a critical analysis of cloud networking security, focusing on the Equifax data breach as a case study. It examines the causes of the breach, including insufficient investment in security infrastructure, weak firewall mechanisms, and vulnerabilities in cloud computing layers. The report highlights the increasing number of avenues for cybercriminals due to the proliferation of connected devices and the interconnectedness of systems. It also addresses the lack of clear guidelines for service providers regarding platform and infrastructure layer security. The report concludes by emphasizing the importance of robust security measures, such as encryption, updated antivirus systems, and strong firewalls, to protect sensitive data in cloud environments and suggests implementing proxy re-encryptions to enhance data safety. Desklib offers similar solved assignments for students.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

NIT5140 Information Security

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Contents
Task 2: Critical Thinking...........................................................................................................3
Abstract of the report.............................................................................................................3
Literature survey....................................................................................................................4
Business Case article..............................................................................................................4
Analysis of the Case...............................................................................................................4
Conclusion..................................................................................................................................6
References..................................................................................................................................7

Task 2: Critical Thinking
Abstract of the report
Cloud networking is described as a form of networking that is being used to access the
networking resources from a third party who is providing services by the help of Internet-
based access technologies or wide area networking (WAN). This report provides an analysis
of security breach that is being occurred on a company and presents a solution to the
management of the company that can be implemented by the company to prevent further
attacks on their cloud networking mechanism. This report critically evaluates the summary of
the article along with the strength and weakness of the article.

Literature survey
Cloud has become popular in the year 2013 at a San Fransisco, conference. Clod computing
has more popular in the organization in recent years and has transformed the various business
and government of different nations. A research article on cloud computing security has been
conducted has been providing the overview of the cloud computing security mechanism. This
article has present analysis on the security impacts of the cloud security for operators and
customers (Ghanbari, 2017).
Another research article on Cloud Computing Security Issues and Data Encryption Schemes
states that any type of breach that is happing on the cloud environment of a company will
present a potential threat for all type of the consumers. Data breach will provide attackers a
soft target for the outside attackers (Chaudhary and Mishra, 2017). Another research article
on Cloud Computing –Security Issues, Solution and Technologies that has present the study
and overview of cloud computing, with several security issues, security threats that are
currently is facing by the security solutions and cloud technologies (Sharma and Trivedi,
2014).

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Business Case article
This part will analyze the business case of the Equifax, which is one of the largest credit
reporting agency having headquarters in Atlanta, Georgia, United States. Equifax is
aggregating and collecting on over 88 million businesses and 800 million consumers al global
scale. On 29th July, 2017 Equifax declared that data breach has happened on their cloud
computing network that has exposed the Personal information ( Birth dates, Social security
numbers and also the licenses numbers of their 147.9 million customers as well the most
sensitive credit card information (Ragan, 2018).
Hackers have conducted a breach of the US Website application vulnerability to gain access
to the specific files. As per the reports, credit data of more than 209,000 consumers have been
exposed. As per the studies it has been found that unauthorized access to the sensitive
personal information of certain specific Canadian and UK residents has happened though the
company is claiming that information of other company residents are still safe and not
breached.

Analysis of the Case
After analysis of the case it has been found that data breach has occurred in Equifax because
of the firm's low spending on the security infrastructure of the firm. As cloud networking
became popular the cybercriminals are also increasing and discovering new ways to breach
the system. After analysing the case of Equifax it has been observers that the company not
have taken appropriate security measures such as encryption, up gradation of antivirus
mechanism and strong firewalls etc that are required to prevent the breach from sensitive data
as well as systems (Ryoo, et. al., 2014). Equifax has not made the sufficient investment on
the security mechanism.
Equifax should use the investment on the security smartly by implementing the best tools for
vulnerability assessment so that there security mechanism can be optimized and create an
environment for the users to feel safe in Equifax. Continuous efforts have been done by
Equifax in developing the sound cloud-based services that have providing strict barriers for
the cybercriminals for assessing the cloud base network of any company. After analysing the
case study another reason that came forward and one of the significant reason of data breach
that there increase in number of avenues every year due to up gradation in technology.
Every individual has the various number of consumer devices such smartphones, tablets, etc.
Consumers all over the world are every time connected to the internet through their personal
systems and personal systems are more vulnerable to security threats because generally
consumers are not using proper security measures in their systems (Sablik, 2017). Even many
consumers of Equifax are assessing their user portal through their own devices due to ease of
use. As per one estimate there will be more than 8 billion connected devices by the end of
2017 and is expected to grow to more than 20 million (Sablik, 2017).
Major cause of Equifax security breach is due to weak firewall mechanisms. As per the study
it has been found that Equifax has all the systems are interconnected with each other and
there may higher possibility that cybercriminals are getting assess to the system by the help
of entry into the one system. Data security breach happened because of some of lacking in the
current cloud computing mechanism (Sharma and Trivedi, 2014). Cloud computing network
has three layers such as software layer, infrastructure layer and platform layer. Software layer
has providing the user interface to the user.

Platform layer is providing the environment for running the software and the infrastructure
layer consists of all the hardware resources for the system. It is mandatory for the service
provider to use platform and infrastructure layer and service provider should have full
accessibility to the data and know how to secure the data. In the case of Equifax that have
lacked the guidelines on the mandatory use of platform and infrastructure layer and service
providers are not aware of this which created a security breach on the system (Ren, et. al.,
2012).

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Conclusion
Cloud computing is a time, cost and performance effective technology. Cloud computing will
definitely grow in the near future. A most important aspect of cloud computing is the quality
of the service. Several proxy re-encryptions have to be implemented to keep the data of the
user safe from unsafe servers. This report analyses the reason behind breach on cloud
computing network of Equifax and identified loopholes due to which the breach has
happened and suggested solution of the issues.

References
 Chaudhary, J. and Mishra, A., “Literature Review: Cloud Computing-Security Issues and
Data Encryption Schemes”, 2017.
 Deshpande, V.M., Nair, D.M.K. and Shah, D, “Major Web Application Threats for Data
Privacy & Security–Detection, Analysis and Mitigation Strategies,” International Journal
of Scientific Research in Science and Technology PRINT ISSN, 2017, pp. 2395-6011.
 Ghanbari, Z., “A Literature Review on Cloud Computing Security Issues. International
Journal of Information,” Security and Systems Management, 2017, pp. 637-640.
 Ragan. S, “Equifax says website vulnerability exposed 143 million US consumers.”
[Online] IDG Communications, Inc. 2018. Available
at: https://www.csoonline.com/article/3223229/security/equifax-says-website-
vulnerability-exposed-143-million-us-consumers.html [Accessed on : 01 June 2018]
 Ren, K., Wang, C. and Wang, Q,. “Security challenges for the public cloud. IEEE
Internet Computing,” 2018, pp. 69-73.
 Ryoo, J., Rizvi, S., Aiken, W. and Kissell, J, “Cloud security auditing: challenges and
emerging approaches.” IEEE Security & Privacy, 2014, pp. 68-74
 Sablik, T. “Cyber-attacks and the Digital Dilemma. Econ Focus,” 2017, pp. 8-11.
 Sharma, R. and Trivedi, R.K., “Literature review: cloud computing–security issues,
solution and technologies. “ International Journal of Engineering Research, 2014, pp.
221-225.