ACU ISYS326: Analysis of a Semantic Data Breach Report
VerifiedAdded on 2022/12/19
|9
|2369
|32
Report
AI Summary
This report provides an in-depth analysis of a semantic data breach, using Symantec as a real-world case study. The report details the background of the organization, the nature of the breach (including unauthorized access to customer credentials), and the severity of the damage. It explores the causes of the breach, such as lack of management support, insufficient resources, and poor communication. Furthermore, the report emphasizes the importance of prioritizing critical security controls, including penetration tests and addressing known issues. The conclusion highlights the necessity of penetration testing for identifying and mitigating vulnerabilities to safeguard against future attacks. This report is a valuable resource for understanding data breaches and improving information security practices.
Running head: SEMANTIC DATA BREACH
SEMANTIC DATA BREACH
Name of the student:
Name of the university:
Author Note:
SEMANTIC DATA BREACH
Name of the student:
Name of the university:
Author Note:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1SEMANTIC DATA BREACH
Abstract
This report aims to highlight the potential factors directly held accountable for the security
breach and then depicts the possible mitigating methodologies for overcoming the loopholes and
attainment of the business targets of the organization.
Abstract
This report aims to highlight the potential factors directly held accountable for the security
breach and then depicts the possible mitigating methodologies for overcoming the loopholes and
attainment of the business targets of the organization.
2SEMANTIC DATA BREACH
Table of Contents
Introduction...........................................................................................................................................2
Discussion.............................................................................................................................................2
1. Real-world Case study...............................................................................................................2
1.1 Company Background Info................................................................................................3
1.2 The breach.........................................................................................................................3
1.3 Severity of the damage.......................................................................................................3
2. Breakdown of Breach Causes....................................................................................................4
2.1 Lack of support from Management....................................................................................4
2.2 Insufficient resources.........................................................................................................5
2.3 Lack of communication.....................................................................................................5
3. Prioritizing the Critical Security Controls..................................................................................5
3.1 Knock out the easy ones....................................................................................................5
3.2 Penetration Tests................................................................................................................6
Conclusion.............................................................................................................................................6
Bibliography..........................................................................................................................................7
Table of Contents
Introduction...........................................................................................................................................2
Discussion.............................................................................................................................................2
1. Real-world Case study...............................................................................................................2
1.1 Company Background Info................................................................................................3
1.2 The breach.........................................................................................................................3
1.3 Severity of the damage.......................................................................................................3
2. Breakdown of Breach Causes....................................................................................................4
2.1 Lack of support from Management....................................................................................4
2.2 Insufficient resources.........................................................................................................5
2.3 Lack of communication.....................................................................................................5
3. Prioritizing the Critical Security Controls..................................................................................5
3.1 Knock out the easy ones....................................................................................................5
3.2 Penetration Tests................................................................................................................6
Conclusion.............................................................................................................................................6
Bibliography..........................................................................................................................................7
3SEMANTIC DATA BREACH
Introduction
This report includes the real world case study of the SYMANTEC organization, the overview
of the background of the organization. This report focuses on the security breach associated with the
organization and the possible constraints that had accelerated the compromise of the official website
of the organization.
Discussion
1. Real-world Case study
The concerned case study deals with the security breach that took place at SEMANTIC in the
month of February. The security breach has equipped the hackers with the potentials to gain
unauthorised access over the restricted customer credentials that essentially incorporated the
passwords deployed to render security to the account and account numbers of the customers.
However, the impact of this security breach was not that devastating owing to the fact that the mishap
took place within the territorial limits of a self-enclosed lab that was not interconnected to the
corporate network of the Symantec.
1.1 Company Background Info
Symantec dates back its origin to the foundation in the year of 1982. This organization has
witnessed substantial evolutions in terms of technological advancement and has eventually turned out
to be leading pioneer in regards to delivering cyber security. Symantec renders its wide spectrum of
services to more than 35 countries and has accommodated more than 11,000 employees. Irrespective
of the competency in terms of Cyber Intelligence, there are certain vulnerabilities embedded within
the infrastructure of the organization that exposed it to cyber-attacks.
1.2 The breach
The security breach that took place in the SYMANTEC, eventually exposed the confidential
credentials of the customers to the cyber predators that eventually equipped them with the potentials
to gain unauthorised access over the user id, their account number and the passwords set up by them
for the purpose of rendering security to the user information.
1.3 Severity of the damage
When it comes to the impact of the security breach that took place at the SYMANTEC, the impact
was not that detrimental owing to the non-connectivity between the corporate network of the
SYMANTEC and the network of the lab that was the victim of the cyber-attack. Owing to this fact,
there was no compromise of the critical information of the customers. Hence, the corporate network
was to some extent safeguarded.
Introduction
This report includes the real world case study of the SYMANTEC organization, the overview
of the background of the organization. This report focuses on the security breach associated with the
organization and the possible constraints that had accelerated the compromise of the official website
of the organization.
Discussion
1. Real-world Case study
The concerned case study deals with the security breach that took place at SEMANTIC in the
month of February. The security breach has equipped the hackers with the potentials to gain
unauthorised access over the restricted customer credentials that essentially incorporated the
passwords deployed to render security to the account and account numbers of the customers.
However, the impact of this security breach was not that devastating owing to the fact that the mishap
took place within the territorial limits of a self-enclosed lab that was not interconnected to the
corporate network of the Symantec.
1.1 Company Background Info
Symantec dates back its origin to the foundation in the year of 1982. This organization has
witnessed substantial evolutions in terms of technological advancement and has eventually turned out
to be leading pioneer in regards to delivering cyber security. Symantec renders its wide spectrum of
services to more than 35 countries and has accommodated more than 11,000 employees. Irrespective
of the competency in terms of Cyber Intelligence, there are certain vulnerabilities embedded within
the infrastructure of the organization that exposed it to cyber-attacks.
1.2 The breach
The security breach that took place in the SYMANTEC, eventually exposed the confidential
credentials of the customers to the cyber predators that eventually equipped them with the potentials
to gain unauthorised access over the user id, their account number and the passwords set up by them
for the purpose of rendering security to the user information.
1.3 Severity of the damage
When it comes to the impact of the security breach that took place at the SYMANTEC, the impact
was not that detrimental owing to the non-connectivity between the corporate network of the
SYMANTEC and the network of the lab that was the victim of the cyber-attack. Owing to this fact,
there was no compromise of the critical information of the customers. Hence, the corporate network
was to some extent safeguarded.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4SEMANTIC DATA BREACH
1.3.1 Unavailability of the Customer sites and showing them as Offline
From the view point of Portland design, the immediate impact of the security breach was the
unavailability of the customer profiles who were registered members of the site. Eventually, many
customer profiles were displayed to be in the offline mode irrespective of the fact that they were
online at that point of time. The unavailability of the customer profile immediately led to the
provision for the offline display of the customer profiles. This event can be made feasible through the
manipulation of the information stored in the database of the SYMANTEC.
1.3.2 Deletion of the customer sites and record of no recent backups
As per the Portland design, the most striking negative impact of the security breach that took
place at the SYMANTEC, was the deletion of the customer profiles from the network of the
organization thereby resulting in the separation of the customer profiles from the organizational
website. The vulnerability of the organizational website was that there was no provision for proper
backups of the customer information. This was the toughest challenge encountered in due course of
the security breach.
1.3.3 Potential stealing of Customer Data
Abiding by the design put forward by Portland, the positive aspect of this security breach was that
the customer sensitive information like the bank account number, the customer contact information,
and the residential addresses were not compromised. This owes to the fact of non-connectivity
between the corporate network of the organization and the network of the self-enclosed lab that was
subjected to the cyber-attack. However, the customer profiles were deleted, making them unavailable
and displaying them as offline as these aspects were controlled by the network of the laboratory that
was being compromised.
1.3.4 Possible infection caused by the malwares
The possible infections that may have been injected into the system owing to the security breach
of the website of the organization are:
Suspicious behaviour can be exhibited by the modem and the hard drive.
Automatic operation of the websites i.e. Uncontrolled opening and closing of the
websites.
Decrement in the storage space for the website.
Unwanted display of the pop up messages that imposes unwanted hindrances to the
successful performance of the system.
1.3.5 Portland design Financial Impact and Customer Trust
Portland design witnessed a substantial loss in the revenue and the trust of the customers owing to
the security breach that took place in the SYMANTEC. The fundamental reason for the discontent
among the clients was the act of going offline for prolonged period of time that had eventually
hampered the procurement of the production-based activities. The act of deletion of the profiles from
1.3.1 Unavailability of the Customer sites and showing them as Offline
From the view point of Portland design, the immediate impact of the security breach was the
unavailability of the customer profiles who were registered members of the site. Eventually, many
customer profiles were displayed to be in the offline mode irrespective of the fact that they were
online at that point of time. The unavailability of the customer profile immediately led to the
provision for the offline display of the customer profiles. This event can be made feasible through the
manipulation of the information stored in the database of the SYMANTEC.
1.3.2 Deletion of the customer sites and record of no recent backups
As per the Portland design, the most striking negative impact of the security breach that took
place at the SYMANTEC, was the deletion of the customer profiles from the network of the
organization thereby resulting in the separation of the customer profiles from the organizational
website. The vulnerability of the organizational website was that there was no provision for proper
backups of the customer information. This was the toughest challenge encountered in due course of
the security breach.
1.3.3 Potential stealing of Customer Data
Abiding by the design put forward by Portland, the positive aspect of this security breach was that
the customer sensitive information like the bank account number, the customer contact information,
and the residential addresses were not compromised. This owes to the fact of non-connectivity
between the corporate network of the organization and the network of the self-enclosed lab that was
subjected to the cyber-attack. However, the customer profiles were deleted, making them unavailable
and displaying them as offline as these aspects were controlled by the network of the laboratory that
was being compromised.
1.3.4 Possible infection caused by the malwares
The possible infections that may have been injected into the system owing to the security breach
of the website of the organization are:
Suspicious behaviour can be exhibited by the modem and the hard drive.
Automatic operation of the websites i.e. Uncontrolled opening and closing of the
websites.
Decrement in the storage space for the website.
Unwanted display of the pop up messages that imposes unwanted hindrances to the
successful performance of the system.
1.3.5 Portland design Financial Impact and Customer Trust
Portland design witnessed a substantial loss in the revenue and the trust of the customers owing to
the security breach that took place in the SYMANTEC. The fundamental reason for the discontent
among the clients was the act of going offline for prolonged period of time that had eventually
hampered the procurement of the production-based activities. The act of deletion of the profiles from
5SEMANTIC DATA BREACH
the official website of the SYMANTEC also instigated the event of discontent among the users who
are the registered members of the website.
2. Breakdown of Breach Causes
Portland design analysis had eventually highlighted the crucial aspects of the concerned security
breach that occurred at SYMANTEC. This had eventually equipped the cyber predators with the
potentials to propagate through the diversified servers. The incompetency of the Portland design to
address the security vulnerabilities prior to the exposure of the system to breach, led to the evocation
of the crisis in the concerned event. Embedding CSC in the structural framework of the organization
eventually enhances the defence prospectus of the system.
2.1 Lack of support from Management
The management of the concerned organization had several vulnerabilities embedded within its
structural framework that had provided the potential ground for the system to get compromised and
exposed to cyber-attacks. Effective and proficient management system assists the system to combat
the risks and threat imposed by the cyber-attacks. The management of the system effectively monitors
and manages all the security prospectus of the organization and renders protection against external
attacks.
2.1.1 Inability to provide resources
The weak management system immediately inferred the provision for the lack of management
support. The inefficiency of the management system is directly responsible for the incapability to
provide support to the system in regards to security levels that is harnessed through the incorporation
of the strong encrypting algorithms that defends the system against the cyber-attacks.
2.1.2 Failure to render support
Incapability of the system to render potential support to the security, owes its origin to the weak
management system of the organization. Weak management system eventually facilitates the potential
ground to be exposed to compromise by the cyber predators. This highlights the inefficiency of the
system to render high security towards the breaching activities. Thus, the system is incapable to
provide support to the organizational system.
2.2 Insufficient resources
Insufficient resources refer to the lack of proper provisions for the system to render self-protection
against the breaching instances. Resources refer to the high level security protocols that eventually
incorporates the presence of strong encrypting codes, which cannot be decoded easily and hence
reduces the vulnerability of the system to get compromised.
the official website of the SYMANTEC also instigated the event of discontent among the users who
are the registered members of the website.
2. Breakdown of Breach Causes
Portland design analysis had eventually highlighted the crucial aspects of the concerned security
breach that occurred at SYMANTEC. This had eventually equipped the cyber predators with the
potentials to propagate through the diversified servers. The incompetency of the Portland design to
address the security vulnerabilities prior to the exposure of the system to breach, led to the evocation
of the crisis in the concerned event. Embedding CSC in the structural framework of the organization
eventually enhances the defence prospectus of the system.
2.1 Lack of support from Management
The management of the concerned organization had several vulnerabilities embedded within its
structural framework that had provided the potential ground for the system to get compromised and
exposed to cyber-attacks. Effective and proficient management system assists the system to combat
the risks and threat imposed by the cyber-attacks. The management of the system effectively monitors
and manages all the security prospectus of the organization and renders protection against external
attacks.
2.1.1 Inability to provide resources
The weak management system immediately inferred the provision for the lack of management
support. The inefficiency of the management system is directly responsible for the incapability to
provide support to the system in regards to security levels that is harnessed through the incorporation
of the strong encrypting algorithms that defends the system against the cyber-attacks.
2.1.2 Failure to render support
Incapability of the system to render potential support to the security, owes its origin to the weak
management system of the organization. Weak management system eventually facilitates the potential
ground to be exposed to compromise by the cyber predators. This highlights the inefficiency of the
system to render high security towards the breaching activities. Thus, the system is incapable to
provide support to the organizational system.
2.2 Insufficient resources
Insufficient resources refer to the lack of proper provisions for the system to render self-protection
against the breaching instances. Resources refer to the high level security protocols that eventually
incorporates the presence of strong encrypting codes, which cannot be decoded easily and hence
reduces the vulnerability of the system to get compromised.
6SEMANTIC DATA BREACH
2.3 Lack of communication
Weak communication system is also held directly responsible for the exposure of the system to
the breaching practices. The gap in communication eventually weakens the organizational structure
and the operational management of the system. This adversely effects the security aspects of the
SYMANTEC. This leads to the development of the loopholes and demerits within the infrastructure
of the organization and this eventually results in the breaching of the confidential information of the
system towards the attacks of the cyber predators.
3. Prioritizing the Critical Security Controls
The initiation of the planning stages required for the purpose of implementation of the Critical
Security Controls, needs to address the diversified methodologies fetching the purpose of controlling
the same. Based on the previous illustrations, it has been clarified that the prevailing Critical Security
Controls is not that equipped to render absolute security to the networks. The dependent variables in
this regard are the support of the management system and the availability of the resources that portray
a crucial role in this regard.
3.1 Knock out the easy ones
Limited time span and scarce resources being the fundamental constraints in the way of successful
implementation of the CSC, it is a prerequisite to attain the graphical representation between the time
consumed and the tradeoff. This method is found to be beneficial in the event of ensuring about the
usefulness of a place fetching the purpose of implementation of the CSC. It is even difficult to
anticipate the arenas where the CSC will find the best fit fetching the desired requirements.
3.1.1 Tackling Known Issues
The potentially strong security model is required to be possessed by the SYMANTEC, that
eventually will equip it with the potentials to successfully implement the CSC through the proper
addressing of the identified issues. This includes the identification of the malware that will impose
threats in regards to the security of the organization.
3.2 Penetration Tests
The provision of penetrating test is required to be incorporated within the structural framework of
the organization that will empower the organization to identify the in-built vulnerabilities. Thereby
the identification of the relevant malware becomes an easy task and hence can easily be mitigated.
3.2.1 Gaining Management Support and Resources through the execution of the
Penetration Testing
The execution of the procedure of penetration testing will facilitate the provision of rendering
support to the organization on the behalf of the operational management and will also accommodate
the wide scale availability of the prerequisite resources.
Conclusion
2.3 Lack of communication
Weak communication system is also held directly responsible for the exposure of the system to
the breaching practices. The gap in communication eventually weakens the organizational structure
and the operational management of the system. This adversely effects the security aspects of the
SYMANTEC. This leads to the development of the loopholes and demerits within the infrastructure
of the organization and this eventually results in the breaching of the confidential information of the
system towards the attacks of the cyber predators.
3. Prioritizing the Critical Security Controls
The initiation of the planning stages required for the purpose of implementation of the Critical
Security Controls, needs to address the diversified methodologies fetching the purpose of controlling
the same. Based on the previous illustrations, it has been clarified that the prevailing Critical Security
Controls is not that equipped to render absolute security to the networks. The dependent variables in
this regard are the support of the management system and the availability of the resources that portray
a crucial role in this regard.
3.1 Knock out the easy ones
Limited time span and scarce resources being the fundamental constraints in the way of successful
implementation of the CSC, it is a prerequisite to attain the graphical representation between the time
consumed and the tradeoff. This method is found to be beneficial in the event of ensuring about the
usefulness of a place fetching the purpose of implementation of the CSC. It is even difficult to
anticipate the arenas where the CSC will find the best fit fetching the desired requirements.
3.1.1 Tackling Known Issues
The potentially strong security model is required to be possessed by the SYMANTEC, that
eventually will equip it with the potentials to successfully implement the CSC through the proper
addressing of the identified issues. This includes the identification of the malware that will impose
threats in regards to the security of the organization.
3.2 Penetration Tests
The provision of penetrating test is required to be incorporated within the structural framework of
the organization that will empower the organization to identify the in-built vulnerabilities. Thereby
the identification of the relevant malware becomes an easy task and hence can easily be mitigated.
3.2.1 Gaining Management Support and Resources through the execution of the
Penetration Testing
The execution of the procedure of penetration testing will facilitate the provision of rendering
support to the organization on the behalf of the operational management and will also accommodate
the wide scale availability of the prerequisite resources.
Conclusion
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7SEMANTIC DATA BREACH
This report concludes the utter necessity of the penetration testing required for the
identification of the built in vulnerabilities of the SYMANTEC that would assist the organization in
due course of combatting the malware imposing potential threats to the successful execution of the
business procedures of the organization.
This report concludes the utter necessity of the penetration testing required for the
identification of the built in vulnerabilities of the SYMANTEC that would assist the organization in
due course of combatting the malware imposing potential threats to the successful execution of the
business procedures of the organization.
8SEMANTIC DATA BREACH
Bibliography
Anwar, S., Mohamad Zain, J., Zolkipli, M.F., Inayat, Z., Khan, S., Anthony, B. and Chang, V., 2017.
From intrusion detection to an intrusion response system: fundamentals, requirements, and future
directions. Algorithms, 10(2), p.39..
Avasarala, B.R., Day, J.C. and Steiner, D., Northrop Grumman Systems Corp, 2016. System and
method for automated machine-learning, zero-day malware detection. U.S. Patent 9,292,688.
Baker, E., 2018. Evaluating the Necessity of Third-Party Antivirus Software.
Blackthorne, J., Bulazel, A., Fasano, A., Biernat, P. and Yener, B., 2016. AVLeak: fingerprinting
antivirus emulators through black-box testing. In 10th {USENIX} Workshop on Offensive Technologies
({WOOT} 16).
Cheng, C., Symantec Corp, 2017. Systems and methods for protecting computing systems from
peripheral devices. U.S. Patent 9,734,341.
Fang, K. and Yang, L., Symantec Corp, 2017. Systems and methods for automatic endpoint protection
and policy management. U.S. Patent 9,661,023.
Keene, D.P. and Donley, D.E., Sophos Ltd, 2016. Protecting sensitive information from a secure data
store. U.S. Patent 9,426,179.
Quarta, D., Salvioni, F., Continella, A. and Zanero, S., 2018, June. Toward Systematically Exploring
Antivirus Engines. In International Conference on Detection of Intrusions and Malware, and
Vulnerability Assessment (pp. 393-403). Springer, Cham.
Roundy, K.A., Tamersoy, A., Spertus, M., Hart, M., Kats, D., Dell'Amico, M. and Scott, R., 2017,
December. Smoke detector: cross-product intrusion detection with weak indicators. In Proceedings of
the 33rd Annual Computer Security Applications Conference (pp. 200-211). ACM.
Stolfo, S.J., Eskin, E., Bhattacharyya, M. and Herskop, S., Columbia University of New York, 2018.
System and methods for detecting malicious email transmission. U.S. Patent Application 15/646,733.
Vaidya, S.M., Feroz, A., Sengupta, A. and Wiese, J.C., Nicira Inc, 2018. Framework for coordination
between endpoint security and network security services. U.S. Patent Application 10/075,470.
Wease, K.T., Cisco Technology Inc, 2016. Target-based SMB and DCE/RPC processing for an
intrusion detection system or intrusion prevention system. U.S. Patent 9,450,975.
Bibliography
Anwar, S., Mohamad Zain, J., Zolkipli, M.F., Inayat, Z., Khan, S., Anthony, B. and Chang, V., 2017.
From intrusion detection to an intrusion response system: fundamentals, requirements, and future
directions. Algorithms, 10(2), p.39..
Avasarala, B.R., Day, J.C. and Steiner, D., Northrop Grumman Systems Corp, 2016. System and
method for automated machine-learning, zero-day malware detection. U.S. Patent 9,292,688.
Baker, E., 2018. Evaluating the Necessity of Third-Party Antivirus Software.
Blackthorne, J., Bulazel, A., Fasano, A., Biernat, P. and Yener, B., 2016. AVLeak: fingerprinting
antivirus emulators through black-box testing. In 10th {USENIX} Workshop on Offensive Technologies
({WOOT} 16).
Cheng, C., Symantec Corp, 2017. Systems and methods for protecting computing systems from
peripheral devices. U.S. Patent 9,734,341.
Fang, K. and Yang, L., Symantec Corp, 2017. Systems and methods for automatic endpoint protection
and policy management. U.S. Patent 9,661,023.
Keene, D.P. and Donley, D.E., Sophos Ltd, 2016. Protecting sensitive information from a secure data
store. U.S. Patent 9,426,179.
Quarta, D., Salvioni, F., Continella, A. and Zanero, S., 2018, June. Toward Systematically Exploring
Antivirus Engines. In International Conference on Detection of Intrusions and Malware, and
Vulnerability Assessment (pp. 393-403). Springer, Cham.
Roundy, K.A., Tamersoy, A., Spertus, M., Hart, M., Kats, D., Dell'Amico, M. and Scott, R., 2017,
December. Smoke detector: cross-product intrusion detection with weak indicators. In Proceedings of
the 33rd Annual Computer Security Applications Conference (pp. 200-211). ACM.
Stolfo, S.J., Eskin, E., Bhattacharyya, M. and Herskop, S., Columbia University of New York, 2018.
System and methods for detecting malicious email transmission. U.S. Patent Application 15/646,733.
Vaidya, S.M., Feroz, A., Sengupta, A. and Wiese, J.C., Nicira Inc, 2018. Framework for coordination
between endpoint security and network security services. U.S. Patent Application 10/075,470.
Wease, K.T., Cisco Technology Inc, 2016. Target-based SMB and DCE/RPC processing for an
intrusion detection system or intrusion prevention system. U.S. Patent 9,450,975.
1 out of 9
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.