NIT5140 - Equifax Data Breach: IOT Security Framework Solution

Verified

Added on 2024/06/03

AI Summary

This case study examines the 2017 Equifax data breach, where the personal and credit card details of 143 million users were compromised due to vulnerabilities in the company's website security. The report identifies the lack of security in the website's source code as a primary cause, enabling hackers to gain unauthorized access. As a solution, the report proposes implementing an Internet of Things (IOT) framework for remote tracking of suspicious activities, real-time detection of security breaches, and identification of attackers. The IOT framework enhances security, protects sensitive data, and prevents future attacks by providing advanced network, remote access, and website security measures. The report concludes that while Equifax has addressed the immediate breach, adopting an IOT framework is crucial for ongoing security assessment and prevention of future incidents. Desklib offers similar solved assignments and past papers for students.

NIT5140 Information Security
Internet of things
1

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Table of Contents
Introduction.................................................................................................................................................3
Case study...................................................................................................................................................4
Case study analysis......................................................................................................................................4
Solution.......................................................................................................................................................5
Conclusion...................................................................................................................................................6
Reference.....................................................................................................................................................7
2

Introduction
Internet of things can be termed as a network that consists of multiple physical devices that are
embedded with software and connectivity for data and information exchange. All these things
can be recognized by some computer systems with internet infrastructure. Internet of thing (IOT)
has the ability to sense the objects within an existing infrastructure of networks. In this report,
the IOT framework will be used regarding the data breach case of Equifax where a large number
of user information was leaked as the security system of the company was completely
compromised. In this case of security breach, credit card details of 143 million users were leaked
along with the balance details and passwords. In this data breach, UK and Canada were affected
most. Due to this activity, account information of multiple users was gone public. After that,
many account holders have reported regarding this malicious activity (Yin, et. al., 2015).
3

Case study
According to the case study of Equifax, there was some suspicious activity done in the network
system of Equifax due to which all the credit card details and other personal information of the
users got hacked. This security breach was performed by a group of potential intruders who have
entered the security system of Equifax. This is the third largest attack in history that has affected
143 millions of people. This case happened on 29 July 2017 in the midday. This caused higher
risk to the financial history of the account holders and also affected their reliability towards the
security system of Equifax. As per the reports, the data breach was not even identified for some
days and it was identified after several days of that security breach. Along with that, the public
records are also leaked online that contains information regarding the purchase of the customers.
After the happening of the incidence, Equifax sent mail to the customers whose account
information was affected so they can reset their passwords and other information for security
purpose (Gupta & Gupta, 2016).
Equifax is one of the largest credits reporting company that contains millions of account credit
card information along with the social security numbers and the license numbers of the drivers.
As Equifax was one of the largest credit card agencies so it was a perfect target for the hackers
for getting a large number of credit card details. The security consultants of the company have
addressed that the hackers exploited a weak point in the software of the website of Equifax and
executed intrusions in this. After performing this attack, they will be able to retrieve the credit
card details including birth date, names and the address (Whittaker, 2018).
Case study analysis
According to the investigation and analysis of the report, it is introduced that the main reason
behind this security attack was the lack of security in the source code of the website. Hackers
directly got access to the source code information of the website and made modifications to it for
getting unauthenticated access to the information and data of the users. A five-month
investigation was done for identifying the influencing group that has performed this activity.
Along with that, some vulnerable servers were also the reason behind the security breach
because these servers helped the hackers in retrieving the information that was stolen from
4

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Equifax. Some individuals reported that this news was just a rumour but the chairman of the
company has accepted and information the public himself by sending mail to the customers who
got impacted by the security breach. Some of the customers also took legal action regarding this
issue that affected the market value of the company. In this analysis, there are some information
identified that derives that some of the user account information was gone public (Suraki &
Jahanshahi, 2013).
Solution:
The best solution regarding this activity is the IOT framework as it keeps remote tracking of the
suspicious activities that are being done within a network infrastructure. Internet of things does
not only keep tracking of the security breach but also give quick notification to the server admin
so an effective management can be done regarding this issue. One additional advantage of the
IOT framework is that it addresses the IP address and physical address of the device from which
the security breach is being happened. It helps to recognize the attackers so legal actions can be
taken against them. This solution provides additional security to the company and protects the
credit card related information and data. Along with that, the hacker cannot bypass the security
of the website source code after implementing the IOT framework in the security system of the
company. The IOT framework provides reliability and advanced security along with real-time
detection of the security attacks that takes place within a specified network infrastructure. IOT is
the best solution for the assessment of security in Equifax (Formisano, et. al., 2015).
5

Conclusion:
This report concludes the security assessment of the Equifax Company that faces the issue of a
security breach. The entire case study of the data breach is evaluated in this report and the reason
behind this case was completely identified. For providing a solution regarding this, Internet of
things (IOT framework) is used that provide remote tracking of the security attacks and provide
real-time detection to the server admin. As the Equifax keeps the credit card related information,
so the source code of the website is also modified to prevent the hackers from entering into the
website source code. For future reference, there can be an encryption approach used for making
the information more safe and secure. IOT is well known for its quick performance and
effectiveness and it gives multiple security services such as network security, remote access
security and website security etc. Equifax currently has solved the security breach issues but they
must make use of the IOT framework for the better security assessment for preventing security
attacks in future.
6

Reference:
 Formisano, C., Pavia, D., Gurgen, L., Yonezawa, T., Galache, J. A., Doguchi, K., &
Matranga, I. (2015, August). The advantages of IoT and cloud applied to smart cities.
In Future Internet of Things and Cloud (FiCloud), 2015 3rd International Conference
on (pp. 325-332). IEEE.
 Gupta, R., & Gupta, R. (2016, March). ABC of Internet of Things: Advancements,
benefits, challenges, enablers and facilities of IoT. In Colossal Data Analysis and
Networking (CDAN), Symposium on (pp. 1-5). IEEE.
 Suraki, M. Y., & Jahanshahi, M. (2013, October). Internet of things and its benefits to
improve service delivery in public health approach. In Application of Information and
Communication Technologies (AICT), 2013 7th International Conference on (pp. 1-4).
IEEE.
 Whittaker, Z., (2018). Equifax says more private data was stolen in 2017 breach than first
revealed. [Online] zdnet. Available at https://www.zdnet.com/article/hackers-stole-more-
equifax-data-than-first-thought/ [Accessed on 31/5/2018]
 Yin, J. H. J., Fen, G. M., Mughal, F., & Iranmanesh, V. (2015, December). Internet of
Things: securing data using image steganography. In Artificial Intelligence, Modelling
and Simulation (AIMS), 2015 3rd International Conference on (pp. 310-314). IEEE.
7