Report: Analysis of Cyber Crime Event - Oklahoma Data Breach

Verified

Added on 2023/01/17

AI Summary

This report analyzes the Massive Oklahoma Government Data Leakage, a significant cyber crime event that occurred in January 2019. The breach exposed millions of files related to sensitive FBI investigations spanning seven years. The Oklahoma Securities Commission discovered the data leakage, which was caused by an unsecured rsync server lacking password protection. The exposed data included sensitive information such as emails, timelines of agents, and bank transaction histories. The report highlights the vulnerabilities in the Oklahoma government's security infrastructure, including weak passwords and the storage of encrypted and decrypted versions of documents in the same file. The breach was discovered by the cybersecurity firm UpGuard, which took measures to limit the data exposure. The report concludes that the root cause was the exposed rsync server and emphasizes the importance of robust data protection measures, including regular vulnerability scans and backups to prevent future attacks. The report underscores the need for government agencies and corporations to stay vigilant against cyber threats.

Running head: CURRENT EVENT IN CYBER CRIME
Current Event in Cyber Crime
Name of the student:
Name of the university:
Author note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1
CURRENT EVENT IN CYBER CRIME
Table of Contents
Introduction:....................................................................................................................................2
Discussion:.......................................................................................................................................2
Conclusion:......................................................................................................................................4
References:......................................................................................................................................5

2
CURRENT EVENT IN CYBER CRIME
Introduction:
As cyber-attacks are emerging in a prominent pace while influencing major businesses
overnight, cyber warfare is playing a vital role in daily life which cannot be underestimated.
Cyber threats are becoming the major threats to mankind which are bigger than any other threats
(Kappeler & Potter, 2017). According to surveys conducted, cyber-crime events are becoming
the second most reported type of economic crime. This report discusses about the major cyber-
crime event that took place in January 2019 known as the Massive Oklahoma Government Data
Leakage that exposed 7 years of FBI investigations.
Discussion:
The Oklahoma department is responsible for regulating all the financial securities of
business happening within the state. On January 16, 2019, a massive data leakage was
discovered by the Oklahoma Securities Commission which included records of millions of files
related to sensitive FBI investigations carried out over the last seven years (Sullivan & Maniff,
2016). The breach was discovered by Greg Pollok one of the researcher at Cyber security.
According to his researches the breach led to the exposure of millions of files publicly while
exposing them on online server and did not contain any security password in order to access
them. The cybercrime event compromised the entire integrity of the Security Department of
Oklahoma by exposing emails dating back to 17 years including a thousand of Social security
numbers. Being one of the integral parts of the state legacy, it is the due responsibility of the
Oklahoma government to protect the contents of files to ensure their confidentiality (Fox, 2015).
Sharing documents via email is regardless to be considered as a less secured way to transfer

3
CURRENT EVENT IN CYBER CRIME
confidential files as this can lead to the exposal of the files within public platform without any
access priority. The documents that were exposed in this case included spreadsheets with filled
in timelines of agents related to FBI investigations, emails related to the myriad cases and
different histories of bank transaction. However, the agency of Oklahoma did not comment much
on the case and swiftly removed the server from the public internet. The agency did not track the
data that were downloaded. According to research, the breach took place as the agency
mistakenly left open the rsync server which was responsible for backing up large data files
(Brown, 2015). Another vulnerability that was identified within the agency is that the data that
were stored within the server were not protected by any username or password. Here it is
evident that the Government of Oklahoma had a poor security infrastructure which included low
strength of passwords used by the department which were easy to be cracked and led to remote
accessing of systems within the department.. One another vulnerability that was identified with
the case is that the encrypted version of the documents was stored within the same file as that of
the decrypted version (Yar & Steinmetz, 2019). Rsync servers are known to have fundamental
classes of vulnerabilities resulting in unauthorized accessible of shared files and directories. This
cyber event is regarded as the latest among the incidents involving rsync server. This cybercrime
is regarded as the most sensitive of all the events that took place in the year 2019 as millions of
confidential files regarding the investigation of FBI were uncovered resulting in the exposure of
about three tera bytes of information without any password in the public platform. The entire
leak was discovered by the Cyber security firm Up Guard who later took necessary measures in
order to shorten the windows of exposure to reduce the accessing of data of likelihood while
taking responsive measures to prevent this kind of malicious event in future (Jang & Choi,
2018).

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4
CURRENT EVENT IN CYBER CRIME
Conclusion:
Thus from this report it can be concluded that root cause of the data leakage was due to
the rsync server which got exposed on the public internet. It is the due responsibility of business
organizations to protect data that are stored within the server while creating necessary backups to
increase the resiliency of the possible attacks in future. Significant tools and techniques needs to
be adopted by agencies of all kind especially of government departments as major of the
confidential files stored within their database systems consisted of information related to the
state legacy. Government sectors and other corporate giants need to stay alert on the potential
vulnerabilities of their systems that hackers can easily take advantages of while scanning the
leaks within websites regularly.

5
CURRENT EVENT IN CYBER CRIME
References:
Brown, C. S. (2015). Investigating and prosecuting cyber crime: Forensic dependencies and
barriers to justice. International Journal of Cyber Criminology, 9(1), 55.
Fox, B. H. (2015). Federal Bureau of Investigation (FBI). The Encyclopedia of Crime and
Punishment, 1-6.
Jang, Y. S., & Choi, J. Y. (2018). Automatic prevention of buffer overflow vulnerability using
candidate code generation. IEICE TRANSACTIONS on Information and
Systems, 101(12), 3005-3018.
Kappeler, V. E., & Potter, G. W. (2017). The mythology of crime and criminal justice. Waveland
Press.
Sullivan, R. J., & Maniff, J. L. (2016). Data Breach Notification Laws. Economic Review
(01612387), 101(1).
Yar, M., & Steinmetz, K. F. (2019). Cybercrime and society. SAGE Publications Limited.