Analysis of Information Security Breaches: OSHA and WannaCry Attacks
VerifiedAdded on 2020/03/07
|10
|2510
|53
Report
AI Summary
This report delves into the critical realm of information security, examining two significant incidents: the OSHA data breach and the WannaCry ransomware attack. The OSHA breach, which occurred in August 2017, involved a security vulnerability in the agency's electronic reporting application, exposing sensitive health information. The report analyzes the causes, impacts, and potential solutions, including the implementation of automated network security tools, intrusion detection systems, and role-based access control. The report also examines the WannaCry ransomware attack of May 2017, a global event that affected numerous countries and systems. It discusses the attack's mechanism, impact, and the security vulnerabilities exploited, such as the EternalBlue vulnerability. The report emphasizes the importance of user awareness, security patches, and anti-malware tools to prevent and mitigate such attacks. It concludes by highlighting the need for organizations and users to adopt robust security policies and protocols to protect against evolving security threats, and highlights the importance of continuous learning from past security incidents.
Information Security
Security Breaches
8/21/2017
Security Breaches
8/21/2017
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Information Security
Table of Contents
Introduction.................................................................................................................................................3
Computer Security Breach – OSHA............................................................................................................3
Ransomware Attack – May 2017.................................................................................................................5
Conclusion...................................................................................................................................................7
References...................................................................................................................................................8
2
Table of Contents
Introduction.................................................................................................................................................3
Computer Security Breach – OSHA............................................................................................................3
Ransomware Attack – May 2017.................................................................................................................5
Conclusion...................................................................................................................................................7
References...................................................................................................................................................8
2
Information Security
Introduction
Information Security is one of the most critical aspects for the organizations in the current times.
The information that is associated with the users and the business organizations may fall into
different information categories such as sensitive, private, public and so on. All the information
categories must be protected and it shall be ensured that there are no security risks and attacks
that may take place on the information sets. In spite of several efforts and mechanisms, there
have been cases of information security breaches and attacks that have been recorded.
The report covers the details of a recent incident of a security breach and also analyzes the May,
2017 ransomware attack.
Computer Security Breach – OSHA
Occupational Safety and Health Administration (OSHA) is a Government agency of United
States in the department of labor. There is a lot of sensitive and critical health information of the
patients that is associated with OSHA.
With the transformations in the field of technology, OSHA decided to migrate all of its
information in the electronic form. A massive security breach took place in OSHA in August,
2017, which led to the shutting down of the electronic reporting application. OSHA had
implemented a system which comprised of a web-based form in order to allow the employees to
submit the injury and illness information because of a security breach.
OSHA had launched an application on August 1, 2017, to keep a track of the injuries that were
reported. However, it was reported that some of the pages were not available to be accessed. As a
result, an emailed statement was sent to the agency by United States Computer Emergency
Readiness Team in the Department of Homeland Security. The security of the data that was
present in the injury tracking application was adversely impacted due to the security breach that
took place (Gonzalez, 2017).
There were a number of entities that were affected because of the security breach at OSHA. The
first and the foremost were the employees and the patients that were associated with the agency.
There private and sensitive information was exposed in front of the attackers and malevolent
3
Introduction
Information Security is one of the most critical aspects for the organizations in the current times.
The information that is associated with the users and the business organizations may fall into
different information categories such as sensitive, private, public and so on. All the information
categories must be protected and it shall be ensured that there are no security risks and attacks
that may take place on the information sets. In spite of several efforts and mechanisms, there
have been cases of information security breaches and attacks that have been recorded.
The report covers the details of a recent incident of a security breach and also analyzes the May,
2017 ransomware attack.
Computer Security Breach – OSHA
Occupational Safety and Health Administration (OSHA) is a Government agency of United
States in the department of labor. There is a lot of sensitive and critical health information of the
patients that is associated with OSHA.
With the transformations in the field of technology, OSHA decided to migrate all of its
information in the electronic form. A massive security breach took place in OSHA in August,
2017, which led to the shutting down of the electronic reporting application. OSHA had
implemented a system which comprised of a web-based form in order to allow the employees to
submit the injury and illness information because of a security breach.
OSHA had launched an application on August 1, 2017, to keep a track of the injuries that were
reported. However, it was reported that some of the pages were not available to be accessed. As a
result, an emailed statement was sent to the agency by United States Computer Emergency
Readiness Team in the Department of Homeland Security. The security of the data that was
present in the injury tracking application was adversely impacted due to the security breach that
took place (Gonzalez, 2017).
There were a number of entities that were affected because of the security breach at OSHA. The
first and the foremost were the employees and the patients that were associated with the agency.
There private and sensitive information was exposed in front of the attackers and malevolent
3
Information Security
entities. OSHA, as an agency was also affected by the security breach. It is because of the reason
that such occurrences lead to deterioration of the customer trust and also has a bad impact on the
brand reputation and brand value in the market (Tornone, 2017). The customers do not feel
secure to form a connection with any of the organizations that have experienced some form of a
security attack or a security breach.
The attack that took place in OSHA was in the form of a security breach that took place because
of a weak access point. The injury tracking application that was launched by OSHA had
numerous access points to allow the end-users to access the same with ease and convenience.
However, since such an application was being implemented for the first time in the agency, there
were certain security loopholes that were observed. These security loopholes allowed the
attackers to take advantage of the security vulnerabilities and led to the occurrence of the
security breach in the agency (Golla, 2017).
There are many solutions that could have been used in the injury tracking application at OSHA.
Security attacks are a common occurrence in the present times. However, there are
countermeasures to the same that have been created to make sure that such occurrences do not
take place on a repeated basis. There are many automated network security tools and applications
that have been created and are available easily in the market. These tools and applications should
have been used and implemented in the tracking application to keep a view of all the activities
being executed in the networks associated with the application (Bertino, 2015). There are many
advanced network based intrusion detection systems that have been developed which should
have been used to make sure that the security breach was avoided. The attackers might have
monitored the activity on the network through network eavesdropping and man in the middle
attacks. These attacks would have been avoided with the use of the network based security tools.
Access control is one of the prime reasons that are involved in the security breach that took place
at OSHA. There are various advancements that have been done in the area of access control to
make sure that only the authorized users get the access to the application. In case of OSHA, the
developers and the implementation team should have used role-based access control. It would
have prevented the security breach from taking place in the internal as well as the external
networks. There are also enhancements that have been done in the field of authentication and
4
entities. OSHA, as an agency was also affected by the security breach. It is because of the reason
that such occurrences lead to deterioration of the customer trust and also has a bad impact on the
brand reputation and brand value in the market (Tornone, 2017). The customers do not feel
secure to form a connection with any of the organizations that have experienced some form of a
security attack or a security breach.
The attack that took place in OSHA was in the form of a security breach that took place because
of a weak access point. The injury tracking application that was launched by OSHA had
numerous access points to allow the end-users to access the same with ease and convenience.
However, since such an application was being implemented for the first time in the agency, there
were certain security loopholes that were observed. These security loopholes allowed the
attackers to take advantage of the security vulnerabilities and led to the occurrence of the
security breach in the agency (Golla, 2017).
There are many solutions that could have been used in the injury tracking application at OSHA.
Security attacks are a common occurrence in the present times. However, there are
countermeasures to the same that have been created to make sure that such occurrences do not
take place on a repeated basis. There are many automated network security tools and applications
that have been created and are available easily in the market. These tools and applications should
have been used and implemented in the tracking application to keep a view of all the activities
being executed in the networks associated with the application (Bertino, 2015). There are many
advanced network based intrusion detection systems that have been developed which should
have been used to make sure that the security breach was avoided. The attackers might have
monitored the activity on the network through network eavesdropping and man in the middle
attacks. These attacks would have been avoided with the use of the network based security tools.
Access control is one of the prime reasons that are involved in the security breach that took place
at OSHA. There are various advancements that have been done in the area of access control to
make sure that only the authorized users get the access to the application. In case of OSHA, the
developers and the implementation team should have used role-based access control. It would
have prevented the security breach from taking place in the internal as well as the external
networks. There are also enhancements that have been done in the field of authentication and
4
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Information Security
authorization. Two-fold authentication system along with the use of biometrics should have been
done to grant the access to the authenticated users only (Wangen, 2017).
There are many anti-malware and anti-denial tools that have also been developed by the
technocrats. There are a number of malicious codes that are launched on the web to look for
potential security vulnerabilities which often results in a security attack. However, anti-malware
tools keep a track of such attempts and report them immediately to allow the security team to
take a required action. Injury tracking application and the other web-based applications at OSHA
should have been protected with the same.
It is also necessary to ensure that in-depth planning and analysis is involved in all of the
activities. OSHA is a Government agency and it is certain that the launch of the application must
have been done after completion of all of the project activities. However, steps such as planning,
reviews and inspections are often missed out by the business units which lead to the occurrence
of a security event. All of the project phases and stages must have been covered at OSHA in
order to avoid and prevent the security breach that took place.
Ransomware Attack – May 2017
There have been many security breaches and attacks that have taken place in the past. However,
there are certain security attacks that lead to a lot of devastation and damage to the parties
affected.
One such attack that took place in May, 2017, was the ransomware attack which was termed as
WannaCry. Ransomware attacks are defined as the attacks in which the attackers block the
access to a particular system or an application and a ransom is demanded from the user to allow
the access again.
WannaCry was a worldwide ransomware attack that impacted over one hundred fifty countries
and made use of ransomware cryptoworm to block the access of the users on the Microsoft
Windows platform. The attackers executed the task of the encryption of the data present in the
systems and demanded the payments in the form of Bitcoin cryptocurrency as ransom (Wong &
Solon, 2017).
5
authorization. Two-fold authentication system along with the use of biometrics should have been
done to grant the access to the authenticated users only (Wangen, 2017).
There are many anti-malware and anti-denial tools that have also been developed by the
technocrats. There are a number of malicious codes that are launched on the web to look for
potential security vulnerabilities which often results in a security attack. However, anti-malware
tools keep a track of such attempts and report them immediately to allow the security team to
take a required action. Injury tracking application and the other web-based applications at OSHA
should have been protected with the same.
It is also necessary to ensure that in-depth planning and analysis is involved in all of the
activities. OSHA is a Government agency and it is certain that the launch of the application must
have been done after completion of all of the project activities. However, steps such as planning,
reviews and inspections are often missed out by the business units which lead to the occurrence
of a security event. All of the project phases and stages must have been covered at OSHA in
order to avoid and prevent the security breach that took place.
Ransomware Attack – May 2017
There have been many security breaches and attacks that have taken place in the past. However,
there are certain security attacks that lead to a lot of devastation and damage to the parties
affected.
One such attack that took place in May, 2017, was the ransomware attack which was termed as
WannaCry. Ransomware attacks are defined as the attacks in which the attackers block the
access to a particular system or an application and a ransom is demanded from the user to allow
the access again.
WannaCry was a worldwide ransomware attack that impacted over one hundred fifty countries
and made use of ransomware cryptoworm to block the access of the users on the Microsoft
Windows platform. The attackers executed the task of the encryption of the data present in the
systems and demanded the payments in the form of Bitcoin cryptocurrency as ransom (Wong &
Solon, 2017).
5
Information Security
The security attack began on Friday, May 12, 2017 when National Health Staff (NHS) in UK
reported of the shutting down of the systems on a gradual basis. The unlocking of the files was
possible only after the payment of $300 (£230) as ransom. Soon after, a number of other
European countries also reported of the same incident. In Russia, there were a number of
business units and organizations that were impacted. There are certain reports that have been
published which state that Russia was the worst hit. There were domestic bank, health ministries
and organization, the railway department along with the mobile phone companies that were
impacted in the ransomware attack that took place (Hern & Gibbs, 2017).
Similar cases were also witnessed in other countries such as Spain, Germany, Italy, Egypt,
Taiwan, France, Sweden, Portugal, Singapore, India and many others.
There are many malicious codes and software that have been created to cause damage to the data
and information that is present in the computer systems and on the web. One such code is a
worm that is a malware and it spreads on its own in the computer systems. The other malicious
codes require human intervention for triggering; however, worms are the only malevolent codes
that have the ability to be launched without any human involvement (Bbc, 2017).
WannaCry is a ransomware that was launched as a worm to look for the security vulnerabilities
that were present in the Microsoft Windows based computer systems and had the ability to
launch and multiply itself. There was a security vulnerability that was identified in association
with the Microsoft systems and it was termed as EternalBlue. The cyber-security experts stated
that the malware was for real and the required security patches were released to avoid any of the
security breaches and attacks. The group of attackers called The Shadow Brokers made used of
the same and made it publically available in April, 2017. It was being assumed as a protest to
current US president, Donald Trump. However, the similar vulnerability was used to give rise to
WannaCry.
WannaCry gained entry to the NHS systems and other system due to the security vulnerabilities
that were present. These vulnerabilities were identified a long back and some of these were not
fixed. It should have been made sure that the security fixes were implemented in all the systems
which would have prevented the attackers from making use of the security vulnerability for the
execution of the ransomware (Palmer, 2017).
6
The security attack began on Friday, May 12, 2017 when National Health Staff (NHS) in UK
reported of the shutting down of the systems on a gradual basis. The unlocking of the files was
possible only after the payment of $300 (£230) as ransom. Soon after, a number of other
European countries also reported of the same incident. In Russia, there were a number of
business units and organizations that were impacted. There are certain reports that have been
published which state that Russia was the worst hit. There were domestic bank, health ministries
and organization, the railway department along with the mobile phone companies that were
impacted in the ransomware attack that took place (Hern & Gibbs, 2017).
Similar cases were also witnessed in other countries such as Spain, Germany, Italy, Egypt,
Taiwan, France, Sweden, Portugal, Singapore, India and many others.
There are many malicious codes and software that have been created to cause damage to the data
and information that is present in the computer systems and on the web. One such code is a
worm that is a malware and it spreads on its own in the computer systems. The other malicious
codes require human intervention for triggering; however, worms are the only malevolent codes
that have the ability to be launched without any human involvement (Bbc, 2017).
WannaCry is a ransomware that was launched as a worm to look for the security vulnerabilities
that were present in the Microsoft Windows based computer systems and had the ability to
launch and multiply itself. There was a security vulnerability that was identified in association
with the Microsoft systems and it was termed as EternalBlue. The cyber-security experts stated
that the malware was for real and the required security patches were released to avoid any of the
security breaches and attacks. The group of attackers called The Shadow Brokers made used of
the same and made it publically available in April, 2017. It was being assumed as a protest to
current US president, Donald Trump. However, the similar vulnerability was used to give rise to
WannaCry.
WannaCry gained entry to the NHS systems and other system due to the security vulnerabilities
that were present. These vulnerabilities were identified a long back and some of these were not
fixed. It should have been made sure that the security fixes were implemented in all the systems
which would have prevented the attackers from making use of the security vulnerability for the
execution of the ransomware (Palmer, 2017).
6
Information Security
Microsoft should have released emails and authentic public releases to inform the users
regarding the security vulnerability and the potential security attacks that may have taken place.
The users would have ensured that they took proper measures such as backing up of the
information along with the encryption of the data and information so that the attacks could have
been avoided and the damage control was done with ease (Erlich & Zviran, 2010).
Malware can spread rapidly from one system to the other. Once there are a lot many systems and
applications that are impacted by a malware of any category, then it becomes extremely
challenging to prevent the damage. Also, the spreading of these codes continues till a long period
of time which may impact numerous systems and services. The same event occurred in case of
WannaCry as the malware spread across hundreds of countries. There are many anti-malware
and anti-denial tools that have also been developed by the technocrats. There are a number of
malicious codes that are launched on the web to look for potential security vulnerabilities which
often results in a security attack. However, anti-malware tools keep a track of such attempts and
report them immediately to allow the security team to take a required action (Al-Hamdani,
2009).
It is necessary to promote user awareness in association with the security risks and attacks. Many
of the users are not aware of the basic security practices that they must follow to avoid the web-
based attacks. The attackers take advantage of such users and cause occurrence of security
breach. The similar case took place with the release of WannaCry as it could easily spread to the
systems and applications. The users should, therefore, have been aware of the advancements that
have been done for the prevention, detection and control of the security attacks.
Conclusion
Security breaches and attacks are common in the present times. It is necessary for the
organizations and the end-users to make sure that they follow the correct security policies and
protocols to avoid the security attacks and breaches. It must also be ensured that the security
attacks that have already taken place must be made known to the users in terms of the
information regarding the type of the attacks, causes, prevention measures and likewise.
7
Microsoft should have released emails and authentic public releases to inform the users
regarding the security vulnerability and the potential security attacks that may have taken place.
The users would have ensured that they took proper measures such as backing up of the
information along with the encryption of the data and information so that the attacks could have
been avoided and the damage control was done with ease (Erlich & Zviran, 2010).
Malware can spread rapidly from one system to the other. Once there are a lot many systems and
applications that are impacted by a malware of any category, then it becomes extremely
challenging to prevent the damage. Also, the spreading of these codes continues till a long period
of time which may impact numerous systems and services. The same event occurred in case of
WannaCry as the malware spread across hundreds of countries. There are many anti-malware
and anti-denial tools that have also been developed by the technocrats. There are a number of
malicious codes that are launched on the web to look for potential security vulnerabilities which
often results in a security attack. However, anti-malware tools keep a track of such attempts and
report them immediately to allow the security team to take a required action (Al-Hamdani,
2009).
It is necessary to promote user awareness in association with the security risks and attacks. Many
of the users are not aware of the basic security practices that they must follow to avoid the web-
based attacks. The attackers take advantage of such users and cause occurrence of security
breach. The similar case took place with the release of WannaCry as it could easily spread to the
systems and applications. The users should, therefore, have been aware of the advancements that
have been done for the prevention, detection and control of the security attacks.
Conclusion
Security breaches and attacks are common in the present times. It is necessary for the
organizations and the end-users to make sure that they follow the correct security policies and
protocols to avoid the security attacks and breaches. It must also be ensured that the security
attacks that have already taken place must be made known to the users in terms of the
information regarding the type of the attacks, causes, prevention measures and likewise.
7
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Information Security
8
8
Information Security
References
Al-Hamdani, W. (2009). Three Models to Measure Information Security Compliance.
International Journal Of Information Security And Privacy, 3(4), 43-67.
http://dx.doi.org/10.4018/jisp.2009100104
Bbc. (2017). Massive ransomware infection hits computers in 99 countries - BBC News. BBC
News. Retrieved 22 August 2017, from http://www.bbc.com/news/technology-39901382
Bertino, E. (2015). Security and privacy of electronic health information systems. International
Journal Of Information Security, 14(6), 485-486. http://dx.doi.org/10.1007/s10207-015-
0303-z
Erlich, Z., & Zviran, M. (2010). Goals and Practices in Maintaining Information Systems
Security. International Journal Of Information Security And Privacy, 4(3), 40-50.
http://dx.doi.org/10.4018/jisp.2010070103
Gollan, J. (2017). Labor Department blames data breach for injury reporting site’s
shutdown. Reveal. Retrieved 22 August 2017, from https://www.revealnews.org/blog/labor-
department-blames-data-breach-for-shutdown-of-employee-injury-reporting-site/
Gonzalez, G. (2017). Security breach shuts down OSHA electronic reporting application -
Business Insurance. Business Insurance. Retrieved 22 August 2017, from
http://www.businessinsurance.com/article/20170816/NEWS08/912315224/Security-breach-
shuts-down-OSHA-electronic-reporting-application
Hern, A., & Gibbs, S. (2017). What is WannaCry ransomware and why is it attacking global
computers?. the Guardian. Retrieved 22 August 2017, from
https://www.theguardian.com/technology/2017/may/12/nhs-ransomware-cyber-attack-
what-is-wanacrypt0r-20
Palmer, D. (2017). Your failure to apply critical cybersecurity updates is putting your company
at risk from the next WannaCry or Petya | ZDNet. ZDNet. Retrieved 22 August 2017, from
http://www.zdnet.com/article/your-failure-to-apply-critical-cyber-security-updates-puts-
your-company-at-risk-from-the-next/
9
References
Al-Hamdani, W. (2009). Three Models to Measure Information Security Compliance.
International Journal Of Information Security And Privacy, 3(4), 43-67.
http://dx.doi.org/10.4018/jisp.2009100104
Bbc. (2017). Massive ransomware infection hits computers in 99 countries - BBC News. BBC
News. Retrieved 22 August 2017, from http://www.bbc.com/news/technology-39901382
Bertino, E. (2015). Security and privacy of electronic health information systems. International
Journal Of Information Security, 14(6), 485-486. http://dx.doi.org/10.1007/s10207-015-
0303-z
Erlich, Z., & Zviran, M. (2010). Goals and Practices in Maintaining Information Systems
Security. International Journal Of Information Security And Privacy, 4(3), 40-50.
http://dx.doi.org/10.4018/jisp.2010070103
Gollan, J. (2017). Labor Department blames data breach for injury reporting site’s
shutdown. Reveal. Retrieved 22 August 2017, from https://www.revealnews.org/blog/labor-
department-blames-data-breach-for-shutdown-of-employee-injury-reporting-site/
Gonzalez, G. (2017). Security breach shuts down OSHA electronic reporting application -
Business Insurance. Business Insurance. Retrieved 22 August 2017, from
http://www.businessinsurance.com/article/20170816/NEWS08/912315224/Security-breach-
shuts-down-OSHA-electronic-reporting-application
Hern, A., & Gibbs, S. (2017). What is WannaCry ransomware and why is it attacking global
computers?. the Guardian. Retrieved 22 August 2017, from
https://www.theguardian.com/technology/2017/may/12/nhs-ransomware-cyber-attack-
what-is-wanacrypt0r-20
Palmer, D. (2017). Your failure to apply critical cybersecurity updates is putting your company
at risk from the next WannaCry or Petya | ZDNet. ZDNet. Retrieved 22 August 2017, from
http://www.zdnet.com/article/your-failure-to-apply-critical-cyber-security-updates-puts-
your-company-at-risk-from-the-next/
9
Information Security
Tornone, K. (2017). OSHA halts new online reporting following security breach. HR Dive.
Retrieved 22 August 2017, from http://www.hrdive.com/news/osha-halts-new-online-
reporting-following-security-breach/449551/
Wangen, G. (2017). A framework for estimating information security risk assessment method
completeness. International Journal Of Information Security.
http://dx.doi.org/10.1007/s10207-017-0382-0
Wong, J., & Solon, O. (2017). Massive ransomware cyber-attack hits nearly 100 countries
around the world. the Guardian. Retrieved 22 August 2017, from
https://www.theguardian.com/technology/2017/may/12/global-cyber-attack-ransomware-
nsa-uk-nhs
10
Tornone, K. (2017). OSHA halts new online reporting following security breach. HR Dive.
Retrieved 22 August 2017, from http://www.hrdive.com/news/osha-halts-new-online-
reporting-following-security-breach/449551/
Wangen, G. (2017). A framework for estimating information security risk assessment method
completeness. International Journal Of Information Security.
http://dx.doi.org/10.1007/s10207-017-0382-0
Wong, J., & Solon, O. (2017). Massive ransomware cyber-attack hits nearly 100 countries
around the world. the Guardian. Retrieved 22 August 2017, from
https://www.theguardian.com/technology/2017/may/12/global-cyber-attack-ransomware-
nsa-uk-nhs
10
1 out of 10
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.