Security Principles: Analyzing Security Threats and Mitigations

Verified

Added on 2022/09/26

AI Summary

This report analyzes security principles through the lens of real-world incidents and case studies. It begins by examining three trends from the CommBank Signals report, discussing their potential impact on a university and outlining mitigation strategies. The report then delves into the Australian National University (ANU) data breach, analyzing the phishing emails used in the campaign using the Mouton et al. (2016) ontological model. Finally, it investigates the 2017 Equifax data breach, identifying four key exploited factors and proposing mitigation strategies. The report covers topics such as malware, data breaches, phishing attacks, and cybersecurity measures, providing insights into various security threats and mitigation strategies.

Running head: SECURITY PRINCIPLES
Security Principles
Name of the Student
Name of the University
Author’s Note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1SECURITY PRINCIPLES
Question 1
Collaboration with industry leads to malware takedown
The 3ve software infected more than 700,000 computer system with advertising malware,
forcing affected machines to visit counterfeit sites where fake advertisement money was created
by the 3ve developers. In a related case of malware proliferation, Google found November that
13 applications contained malware in the Android App Store. The applications have been
deleted, but have already been downloaded 560,000 times in total. This can cause the data breach
to the infected system and can remove or access all the sensitive and confidential data of the
users.
For preventing the attack, the organizations must ensure that the organizations have a
stable antivirus installed and that this is maintained up to date. The organizations must educate
workers against clicking on links, installing applications or visiting unfamiliar websites that
could contain malware
Data breaches continue to snowball
There could be inability to identify and investigate data violations also have wide-ranging
implications. The breach of Marriott in December, which could affect guests up to 500m14 who
made the reservation at the Starwood hotel, ranks among the largest data breaches reported,
aggravated by the degree of time that attackers could have access to the devices or system. For
preventing such attack, the organization should educate the senior executives and the board
about increasing regulatory and public attention on data security and the possible consequences
of a violation for your company. The organization must give training to the staffs about the best
practices and policies of password and the phishing attack.

2SECURITY PRINCIPLES
China accused of global hacking campaign
In 2018, the US Department of Justice charged two of the Chinese nationals with
potentially belonging to the hacking organization known as the Advanced Persistent Threat
10. In an operation that spanned the world and lasted many years, the organization is believed to
have threatened private businesses and government departments for access to the intellectual
property and this could cause the loss of the intellectual property of the organization. For
preventing such attack, organization should ensure that the data is transmitted over encrypted
networks in the event that it falls into the wrong hands. They should keep up-to-date with
the hardware threat reports and be prepared to upgrade computers if necessary.
Question2
The three phishing emails, which were used during the campaign using the ontological
model, are:
9 November 2018
The campaign for the hacker began with the spearphishing email sent to the senior staff
member's mailbox. The hacker also obtained access to the schedule of senior staff member’s
details which was used in the hacker's effort to launch further spearphishing attacks.
25-26 of November
The hacker used spearphishing emails to begin the second attempt
for obtaining credentials. This email entitled "invitation" has been sent to one external email
address. Some of these emails tend to be experiments to determine if the mail filters will block
spearphishing emails from the perpetrator. This spearphishing attempt resulted in

3SECURITY PRINCIPLES
the compromise of just one user's credentials, but the use of that credential was constrained,
meaning it did not have the accesses the attacker was searching for.
29 November 2018
The attacker proceeds to search for credentials and attempts to increase the efficacy of
their spearphishing activities by linking to the spam filer of the University and trying to suppress
their ability for detecting the fraudulent emails.
Question 3
Equifax discovered that many significant factors allowed the ability of the attackers to
enter their network effectively and collect information from the PII databases.
Identification: According to the Equifax officials, while fixes for the vulnerability were
being deployed around the organization, the Apache Struts vulnerability was not adequately
listed as being present on the online dispute platform. After receiving a threat alert from the
US Computer Emergency Readiness Department in March 2017, officials at the Equifax reported
that the warning was shared by their network administrators.
Detection: The outdated digital certificate led to the potential of criminals to connect
with infected computers and capture data without the detection, as stated by Equifax officials. In
fact, although Equifax had developed a tool to analyze the network traffic for signs of suspicious
behavior, the expired certificate prohibited that tool from conducting its intended function of
suspicious traffic identification.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4SECURITY PRINCIPLES
Segmentation: Because individual accounts were not segregated or segmented from one
another, according to Equifax authorities, the perpetrators were able to access other accounts
outside those connected to the web dispute portals.
Data Governance: Setting restrictions on access to personal information, including
credentials like usernames and passwords, requires data protection. The attackers obtained access
to the directory that held unencrypted keys for accessing other files like usernames and
passwords, according to the Equifax officials. This allowed the intruders for running the queries
on those extra databases.

5SECURITY PRINCIPLES
Bibliography
https://www.commbank.com.au/content/dam/commbank/assets/business/can/business-insights/
signals/signals-jan-2019.pdf
http://imagedepot.anu.edu.au/scapa/Website/SCAPA190209_Public_report_web_2.pdf
https://www.warren.senate.gov/imo/media/doc/2018.09.06%20GAO%20Equifax%20report.pdf