Security Breaches and Ransomware: Voter Data and Wannacry Attacks
VerifiedAdded on 2020/02/24
|10
|2263
|35
Report
AI Summary
This report delves into the critical issues of security breaches and ransomware attacks, examining two significant cases: the exposure of 198 million voter records and the global Wannacry ransomware cyber attack. It explores the causes and consequences of these incidents, including the technical failures and human errors that led to the voter data breach, as well as the operational disruptions caused by Wannacry across various sectors. The report highlights the affected parties, how the attacks were carried out, and proposes recommendations for mitigating future risks, such as implementing secure backups, patching systems, using antivirus software, and educating the workforce. The analysis underscores the need for proactive measures to safeguard data and systems against evolving cyber threats.
RUNNING HEAD: SECURITY BREACHES AND RANSOMWARE
1
SECURITY BREACHES AND RANSOMWARE
Student Name
Institute Name
1
SECURITY BREACHES AND RANSOMWARE
Student Name
Institute Name
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
SECURITY BREACHES AND RANSOMWARE
2
Contents
Introduction......................................................................................................................................3
THE SCARILY COMMON SCREW-UP THAT EXPOSED 198 MILLION VOTER RECORDS
.........................................................................................................................................................3
The issue......................................................................................................................................3
How and why it occurred.............................................................................................................3
Possible solution..........................................................................................................................4
Ransomware cyber attack on the web.............................................................................................5
Problem........................................................................................................................................5
Affected people and how.............................................................................................................6
How was the attack carried out?..................................................................................................6
Recommendation.........................................................................................................................7
Conclusion.......................................................................................................................................8
Reference.........................................................................................................................................9
2
Contents
Introduction......................................................................................................................................3
THE SCARILY COMMON SCREW-UP THAT EXPOSED 198 MILLION VOTER RECORDS
.........................................................................................................................................................3
The issue......................................................................................................................................3
How and why it occurred.............................................................................................................3
Possible solution..........................................................................................................................4
Ransomware cyber attack on the web.............................................................................................5
Problem........................................................................................................................................5
Affected people and how.............................................................................................................6
How was the attack carried out?..................................................................................................6
Recommendation.........................................................................................................................7
Conclusion.......................................................................................................................................8
Reference.........................................................................................................................................9
SECURITY BREACHES AND RANSOMWARE
3
Introduction
The report will discuss in detail two security breach cases and their impact on people. These two
cases are 198 million voter records exposed and Wanncry ransomware cyber attack.
THE SCARILY COMMON SCREW-UP THAT EXPOSED 198 MILLION VOTER
RECORDS
The issue
This case happened on June 19, 2017 when a huge number of voter data was exposed in different
parts of USA like Mexico and state of Georgia. However, what was even more surprising was
that this data was publicly accessible exposing the personal information of over 198 million
voters of USA. The data was actually owned by a conservative data based firm called as Deep
Root Analytics and the company use to save it on a platform called as Amazon S3 (Newman,
2017). As per the expert reports, it was also discovered that data was exposed to any random
person who can found it since it is a part of a clever hacking process with complex internet based
forces. But it was also the part of simple case of missed case of configuration. Even though it
cannot be properly considered as a perfect case of hack but it is a case of one of the biggest risk
in cyber security for organizations.
How and why it occurred
The founders of the Deep Root Analytics found the information that was made accessible to the
public like name, address, affiliation with the party and many more. At the same time, criminals
coming across such a huge trove of information could have find enormous amount of value with
3
Introduction
The report will discuss in detail two security breach cases and their impact on people. These two
cases are 198 million voter records exposed and Wanncry ransomware cyber attack.
THE SCARILY COMMON SCREW-UP THAT EXPOSED 198 MILLION VOTER
RECORDS
The issue
This case happened on June 19, 2017 when a huge number of voter data was exposed in different
parts of USA like Mexico and state of Georgia. However, what was even more surprising was
that this data was publicly accessible exposing the personal information of over 198 million
voters of USA. The data was actually owned by a conservative data based firm called as Deep
Root Analytics and the company use to save it on a platform called as Amazon S3 (Newman,
2017). As per the expert reports, it was also discovered that data was exposed to any random
person who can found it since it is a part of a clever hacking process with complex internet based
forces. But it was also the part of simple case of missed case of configuration. Even though it
cannot be properly considered as a perfect case of hack but it is a case of one of the biggest risk
in cyber security for organizations.
How and why it occurred
The founders of the Deep Root Analytics found the information that was made accessible to the
public like name, address, affiliation with the party and many more. At the same time, criminals
coming across such a huge trove of information could have find enormous amount of value with
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
SECURITY BREACHES AND RANSOMWARE
4
all the information which was already aggregated at one single place specifically when the
associated source is an expert in compiling data consisting some kind of value (Minnite, 2017).
The organization is working to save the situation and securing the exposed data however it is
important to understand here that the situation will gets worse initially before it starts getting
better.
The research also says that it consist scanning the internet for data which was accessible in
public platform and must be secured. It was also discovered that exposed data was lacking any
kind of protection against any unwanted access and it can be viewed by anyone who can access
the internet. It is also important to understand here that the string would not even be that
challenging to face with the help of a random kind of generator and the server also happen to has
a huge amount of data protected on the system however it was later misconfigured and this is
why more and more private information get exposed (Hall et al, 2017). This incident is now
merged with other similar misconfiguration of database cases like dating services or screener
system in Hollywood and Microsoft sites cases which came as threats that many database servers
are facing in recent time.
Possible solution
There are some solutions to the problem as well that can help in reducing the number of servers
that are misconfigured and exposed the data on internet. The first step is to raise maximum
awareness among the people. It is obvious that these incidences have affected millions of people
and it is important to encourage organizations to give more time as well as resource in setting the
servers and properly maintaining it long run.
4
all the information which was already aggregated at one single place specifically when the
associated source is an expert in compiling data consisting some kind of value (Minnite, 2017).
The organization is working to save the situation and securing the exposed data however it is
important to understand here that the situation will gets worse initially before it starts getting
better.
The research also says that it consist scanning the internet for data which was accessible in
public platform and must be secured. It was also discovered that exposed data was lacking any
kind of protection against any unwanted access and it can be viewed by anyone who can access
the internet. It is also important to understand here that the string would not even be that
challenging to face with the help of a random kind of generator and the server also happen to has
a huge amount of data protected on the system however it was later misconfigured and this is
why more and more private information get exposed (Hall et al, 2017). This incident is now
merged with other similar misconfiguration of database cases like dating services or screener
system in Hollywood and Microsoft sites cases which came as threats that many database servers
are facing in recent time.
Possible solution
There are some solutions to the problem as well that can help in reducing the number of servers
that are misconfigured and exposed the data on internet. The first step is to raise maximum
awareness among the people. It is obvious that these incidences have affected millions of people
and it is important to encourage organizations to give more time as well as resource in setting the
servers and properly maintaining it long run.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
SECURITY BREACHES AND RANSOMWARE
5
Another solution is to make default kind of setting in the cloud which will help in making the
database more secured and help in tightening the overall control. There are some securities
companies have started developing products that can easily scan the current system being
established as additional layer of defense and at the same time also warning the staff of IT to
look at the traits or be more aware about the information with there are any threats on security
(Aker et al, 2017).
However, it is also important to note here that moving to cloud infrastructure can be a smart
move but it is at the end of the day is another layer of risk being added to the system and each
time, the user add any kind of component that needs to be verified, a specific percentage of the
population is not going to further evaluate it (Udani & Kimball, 2017). Further in statistics
manner it is being added to the exposure but it doesn’t mean that organization can be completely
secured in the right manner with the data being saved in cloud however, the experts also says that
any kind of attempt to provide a warning about the current danger of exposure in the system on
the public internet will face little interest.
The company has taken full accountability for the loss and the company is making all necessary
investigations to evaluate the information that has been gathered over a period of time and
secured. It is important to understand here that any specific party with any specific company, it
can be treated as an epidemic that is present everywhere (Hershey, 2017).
Ransomware cyber attack on the web
Problem
In May of 2017, a new issue or rather a serious strain of ransonware has been exposed all across
the world and further caused a lot of crisis in organizations like National Health Services,
5
Another solution is to make default kind of setting in the cloud which will help in making the
database more secured and help in tightening the overall control. There are some securities
companies have started developing products that can easily scan the current system being
established as additional layer of defense and at the same time also warning the staff of IT to
look at the traits or be more aware about the information with there are any threats on security
(Aker et al, 2017).
However, it is also important to note here that moving to cloud infrastructure can be a smart
move but it is at the end of the day is another layer of risk being added to the system and each
time, the user add any kind of component that needs to be verified, a specific percentage of the
population is not going to further evaluate it (Udani & Kimball, 2017). Further in statistics
manner it is being added to the exposure but it doesn’t mean that organization can be completely
secured in the right manner with the data being saved in cloud however, the experts also says that
any kind of attempt to provide a warning about the current danger of exposure in the system on
the public internet will face little interest.
The company has taken full accountability for the loss and the company is making all necessary
investigations to evaluate the information that has been gathered over a period of time and
secured. It is important to understand here that any specific party with any specific company, it
can be treated as an epidemic that is present everywhere (Hershey, 2017).
Ransomware cyber attack on the web
Problem
In May of 2017, a new issue or rather a serious strain of ransonware has been exposed all across
the world and further caused a lot of crisis in organizations like National Health Services,
SECURITY BREACHES AND RANSOMWARE
6
hospitals and other facilities in different parts of the world like UK and Spain and many more.
The affected parties were large telecom organization like Telefonica which is a natural gas
organization or the electrical company namely Iberdrola. It is important to understand how
people always speak about the issue called the Big One (Ehrenfeld, 2017). This ransonware was
called as Wannacry and in other word it was called as WanaCryptor. This is actually a new
version of pervious ransomware attack with thousands of attacks in more than seventy four
countries. The reach of the attack in much heavier and the country like Spain, UK, Russia,
Taiwan, France and dozens of more countries were covered under it.
Affected people and how
This attack was taken as massive all across the world and in addition had handicapped so many
infrastructure and government in more than one hundred and fifty countries which also happen to
include large part of Britain hospital structures and railways of Germany. It is actually expected
as one of the largest online based extortion attack ever recorded (Mohurle & Patil, 2017).
How was the attack carried out?
The attack started with a ransomware infecting the chain of computer as well as locking the users
away from the system and then later holding the level of description along with other release of
ransom until the current victim has to pay an amount or ransom. This usually happened in the
case of bitcoin.
The case of NHS further experienced all kind of hobbled databases in computers as well as
phone systems along with system failure and along with a lot of confusion after the computers in
hospitals initiates expressing a message of ransom demanding more than $300 worth of bitcoins.
As an outcome of this infection, many health care organizations, hospitals, offices and places in
6
hospitals and other facilities in different parts of the world like UK and Spain and many more.
The affected parties were large telecom organization like Telefonica which is a natural gas
organization or the electrical company namely Iberdrola. It is important to understand how
people always speak about the issue called the Big One (Ehrenfeld, 2017). This ransonware was
called as Wannacry and in other word it was called as WanaCryptor. This is actually a new
version of pervious ransomware attack with thousands of attacks in more than seventy four
countries. The reach of the attack in much heavier and the country like Spain, UK, Russia,
Taiwan, France and dozens of more countries were covered under it.
Affected people and how
This attack was taken as massive all across the world and in addition had handicapped so many
infrastructure and government in more than one hundred and fifty countries which also happen to
include large part of Britain hospital structures and railways of Germany. It is actually expected
as one of the largest online based extortion attack ever recorded (Mohurle & Patil, 2017).
How was the attack carried out?
The attack started with a ransomware infecting the chain of computer as well as locking the users
away from the system and then later holding the level of description along with other release of
ransom until the current victim has to pay an amount or ransom. This usually happened in the
case of bitcoin.
The case of NHS further experienced all kind of hobbled databases in computers as well as
phone systems along with system failure and along with a lot of confusion after the computers in
hospitals initiates expressing a message of ransom demanding more than $300 worth of bitcoins.
As an outcome of this infection, many health care organizations, hospitals, offices and places in
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
SECURITY BREACHES AND RANSOMWARE
7
Northern England had to cancel many services and had to start working on some backup
processes (Mattei, 2017). The news was spread saying that patients must completely avoid
coming to hospitals if the situation is not very serious. However, the situation doesn’t seem to
have come out as any kind of unauthorized access to the details of patients. The National Health
Services in UK is investigating the matter and also trying to minimize the impact of the attack
and as per the news of UK, there are number of outlets that have reported to instruct the hospital
personnel to do things that can completely shut down the computers and it comes with large IT
network based services. There are many other victims as well like Spain that are also taking
same kind of measure to save the data and the organizations are telling employees to completely
shut down the infected systems while they wait for the right set of directions about the challenge
(Morehouse et al, 2017).
Hospitals are actually the worst victim of this ransomware since they an urgency to store all the
services for the sake of patients. This is why, these institution were more prone to pay to
criminals in order to reinstate the system. They also usually make for an easy target for any kind
of attacks. Healthcare and other similar sectors later tend to make the process slow to deal with
number of vulnerabilities (Martin et al, 2017).
Recommendation
Following are detail discussion of recommendations: -
1. It is important to immediately make some secure backups for the same which means
when the files are properly encrypted the options are restricted. It is important to recover
from the backup the data as soon as possible.
7
Northern England had to cancel many services and had to start working on some backup
processes (Mattei, 2017). The news was spread saying that patients must completely avoid
coming to hospitals if the situation is not very serious. However, the situation doesn’t seem to
have come out as any kind of unauthorized access to the details of patients. The National Health
Services in UK is investigating the matter and also trying to minimize the impact of the attack
and as per the news of UK, there are number of outlets that have reported to instruct the hospital
personnel to do things that can completely shut down the computers and it comes with large IT
network based services. There are many other victims as well like Spain that are also taking
same kind of measure to save the data and the organizations are telling employees to completely
shut down the infected systems while they wait for the right set of directions about the challenge
(Morehouse et al, 2017).
Hospitals are actually the worst victim of this ransomware since they an urgency to store all the
services for the sake of patients. This is why, these institution were more prone to pay to
criminals in order to reinstate the system. They also usually make for an easy target for any kind
of attacks. Healthcare and other similar sectors later tend to make the process slow to deal with
number of vulnerabilities (Martin et al, 2017).
Recommendation
Following are detail discussion of recommendations: -
1. It is important to immediately make some secure backups for the same which means
when the files are properly encrypted the options are restricted. It is important to recover
from the backup the data as soon as possible.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
SECURITY BREACHES AND RANSOMWARE
8
2. Patching the system and properly updating is crucial step. Those people who include
called as highly dangerous hole for security in Microsoft Windows users didn’t apply
Microsoft March with software fix and malware specifically designed to spread rapidly
with proper government and business network (Martin et al, 2017).
3. Usage of antivirus software: with the usage of antivirus software saves most fundamental
and well known virus by properly scanning the system against all known fingerprints.
There were number of criminals as well with low end advantages of less kind of savvy
users with different viruses and malware is continuously transforming and antivirus is
constantly detecting it (Martin et al, 2017).
4. Education of the workforce: it is a basic level of protocol like focusing on the workers
that should not click on any kind of doubtful links or suspicious sites that can save the
bad cases.
Conclusion
The attack by WannaCry didn’t just go after the NHS. The attack affected many organizations
across different sectors and industries. The main aim is on supporting the company to manage
the situation in a more swift and decisive manner (Martin et al, 2017). In certain ways, it makes
things more worse and the system not just about coming out from the hospitals but it was about
coming out from whatever situation it can. The situation is expected to get worse in future.
8
2. Patching the system and properly updating is crucial step. Those people who include
called as highly dangerous hole for security in Microsoft Windows users didn’t apply
Microsoft March with software fix and malware specifically designed to spread rapidly
with proper government and business network (Martin et al, 2017).
3. Usage of antivirus software: with the usage of antivirus software saves most fundamental
and well known virus by properly scanning the system against all known fingerprints.
There were number of criminals as well with low end advantages of less kind of savvy
users with different viruses and malware is continuously transforming and antivirus is
constantly detecting it (Martin et al, 2017).
4. Education of the workforce: it is a basic level of protocol like focusing on the workers
that should not click on any kind of doubtful links or suspicious sites that can save the
bad cases.
Conclusion
The attack by WannaCry didn’t just go after the NHS. The attack affected many organizations
across different sectors and industries. The main aim is on supporting the company to manage
the situation in a more swift and decisive manner (Martin et al, 2017). In certain ways, it makes
things more worse and the system not just about coming out from the hospitals but it was about
coming out from whatever situation it can. The situation is expected to get worse in future.
SECURITY BREACHES AND RANSOMWARE
9
Reference
Aker, J. C., Collier, P., & Vicente, P. C. (2017). Is information power? Using mobile phones and
free newspapers during an election in Mozambique. Review of Economics and Statistics.
Ehrenfeld, J. M. (2017). WannaCry, Cybersecurity and Health Information Technology: A Time
to Act. Journal of Medical Systems, 41(7), 104.
Hall, E. M., Acevedo, J., López, F. G., Cortés, S., Ferreccio, C., Smith, A. H., & Steinmaus, C.
M. (2017). Hypertension among adults exposed to drinking water arsenic in Northern
Chile. Environmental research, 153, 99-105.
Hershey, M. R. (2017). Party politics in America. Taylor & Francis.
Martin, G., Martin, P., Hankin, C., Darzi, A., & Kinross, J. (2017). Cybersecurity and healthcare:
how safe are we?. Bmj, 358, j3179.
Mattei, T. A. (2017). Privacy, Confidentiality, and Security of Health Care Information: Lessons
from the Recent WannaCry Cyberattack. World Neurosurgery, 104, 972-974.
Minnite, L. C. (2017). The Myth of Voter Fraud. Cornell University Press.
Mohurle, S., & Patil, M. (2017). A brief study of Wannacry Threat: Ransomware Attack
2017. International Journal, 8(5).
Morehouse, M. A., Lovecký, T., Read, H., & Woodman, M. (2017). Quantify? or, Wanna Cry?
Integrating Methods Training in the IR Classroom. International Studies
Perspectives, 18(2), 225-245.
9
Reference
Aker, J. C., Collier, P., & Vicente, P. C. (2017). Is information power? Using mobile phones and
free newspapers during an election in Mozambique. Review of Economics and Statistics.
Ehrenfeld, J. M. (2017). WannaCry, Cybersecurity and Health Information Technology: A Time
to Act. Journal of Medical Systems, 41(7), 104.
Hall, E. M., Acevedo, J., López, F. G., Cortés, S., Ferreccio, C., Smith, A. H., & Steinmaus, C.
M. (2017). Hypertension among adults exposed to drinking water arsenic in Northern
Chile. Environmental research, 153, 99-105.
Hershey, M. R. (2017). Party politics in America. Taylor & Francis.
Martin, G., Martin, P., Hankin, C., Darzi, A., & Kinross, J. (2017). Cybersecurity and healthcare:
how safe are we?. Bmj, 358, j3179.
Mattei, T. A. (2017). Privacy, Confidentiality, and Security of Health Care Information: Lessons
from the Recent WannaCry Cyberattack. World Neurosurgery, 104, 972-974.
Minnite, L. C. (2017). The Myth of Voter Fraud. Cornell University Press.
Mohurle, S., & Patil, M. (2017). A brief study of Wannacry Threat: Ransomware Attack
2017. International Journal, 8(5).
Morehouse, M. A., Lovecký, T., Read, H., & Woodman, M. (2017). Quantify? or, Wanna Cry?
Integrating Methods Training in the IR Classroom. International Studies
Perspectives, 18(2), 225-245.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
SECURITY BREACHES AND RANSOMWARE
10
Newman, L, H (2017). THE SCARILY COMMON SCREW-UP THAT EXPOSED 198
MILLION VOTER RECORDS https://www.wired.com/story/voter-records-exposed-
database/
Udani, A., & Kimball, D. C. (2017). Immigrant Resentment and Voter Fraud Beliefs in the US
Electorate. American Politics Research, 1532673X17722988.
10
Newman, L, H (2017). THE SCARILY COMMON SCREW-UP THAT EXPOSED 198
MILLION VOTER RECORDS https://www.wired.com/story/voter-records-exposed-
database/
Udani, A., & Kimball, D. C. (2017). Immigrant Resentment and Voter Fraud Beliefs in the US
Electorate. American Politics Research, 1532673X17722988.
1 out of 10
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.