This is a generation of information technology and ICT, where people are getting used to the internet of things. Security has become a serious issue in this era of internet. Data breach takes place when the sensitive data and sensitive details of an individual or organization are accessed deliberately to cause some kind of harm. This information later is misused and modified or deleted. There must be implementation and integration of strong security policies to make the websites and online transactions strong.
The first part of the report focuses on the data breach incident of the Verizon Wireless Company. This incident occurred in the month of July, 2017. This report answers few questions regarding the data breach incident like who were the affected people, causes and the solutions that are possible in this issue. The next portion of the report focuses on the ransomware attack called WannaCry that occurred in the month of May, 2017.
The problem that took place was the data breach of a well known telecommunication company. The name of the company is Verizon Wireless. It runs the business in USA (Mathews, 2017). This company is engaged in offering services and devices that are wireless in nature. There has been a major cloud leak leading to the breach of data. The culprit behind this big issue was Verizon partner. It was held responsible for the leakage of the information in cloud. This resulted in the exposure of around millions of accounts of the users. All the data existing in the account was revealed in the month of July, 2017. This led to lot of issues.
The misconfiguration of cloud based file and documents were the main reason behind the occurrence of the security breach that took place. There were around fourteen million users who used to have accounts with this company called Verizon. These users’ accounts were revealed and leaked. NICE Systems was third party cloud vendors of this company. They provided the cloud support to Verizon. The place where the data were stored was called S3 bucket. The Amazon Web Services had provided this S3 bucket of storage (Fox News 2017). The responsibility of managing, administering and monitoring the cloud based data storage was under the responsibility of the NICE System. They used to handle all types of jobs of the Verizon Company.
Amazon’s S3 bucket had stored important details of the users like their addresses, names and details of their accounts. The customer passwords and personal identification numbers were also stored in the cloud. These data were exposed and were under threat. Leakage of their numbers of the phones also led to major issues. This example can be used to point out the challenges in cloud computing where security threat is a major issue (Romanosky, Hoffman & Acquisti, 2014). There are several other problems also in cloud computing like reliability, portability and availability. A lot of costs are consumed behind the bandwidth of the internet. But the cost of the hardware is saved. Around fourteen million residents of America had accounts with this company.
The UpGuard had mentioned that there was huge leakage of user information around thirteenth of June. What led to this disaster was the misconfiguration of cloud infrastructure. The NICE System did not configure the cloud. Verizon has been under huge risk as in the usage of a cloud based system, the control of the data were under the NICE System. The background of this third party cloud vendor is quite weak. Its background says that their support to other firms have been in a not so settled manner. This survey was carried out by the state. The account information could be saved from the place of storage in the cloud (Khalil et al., 2013). This is a big flaw in the system as it can be misused by other parties for causing any type of harm.
The entire environment of the cloud requires the process of configuration to be done in order to work in a proper manner. Wrong configuration might lead to severe problems and challenges that will be faced by the cloud environment. Techniques and tools are to be used in order to enable effective working of the cloud. The IT infrastructural base was weak enough to cause this problem. The non configuration was the main root to all the problems that occurred (Uchiumi, Kikuchi & Matsumoto, 2012). Seventy to ninety nine per cent of the security issues arise due to the infrastructural issues. In this case of Verizon there was no deliberate attack of the outsiders. The total control was in the hands of the NICE System. This led to the main problem. Dysfunctional changes led to the fall in the operational efficiency of the company. The main problems could not be identified in the beginning. The NICE System did not configure the cloud. Verizon has been under huge risk as in the usage of a cloud based system, the control of the data were under the NICE System. The background of this third party cloud vendor is quite weak. Its background says that their support to other firms have been in a not so settled manner. Several measures taken by the third party vendor would not have led to this situation. It is a challenging task for any firm to figure out the problems and weaknesses in the cloud infrastructure. Identifying any error in the initial phase would avoid any type of breach in the system.
The best possible solution to this problem proper configuration and monitoring of the cloud based system. The third party cloud vendor must look into the matter in a serious way and solve the problem at the initial stage (Patel et al., 2013). Regular software updates must be done. This should be followed in a cyclic manner. The working mechanism of the software and hardware along with how they are performing must be tracked regularly. System or server issues should be solved by following important procedures. There should be password security and other types of authentication processes built in the system. There are security policies that need to be followed so that the data in the cloud are safe from any attacks and threats. If there is any problem in the system then that needs to be rectified in the initial stage. It should not be delayed. Symmetric and asymmetric cryptography algorithms can be used where there are keys to protect the data. Choice of the vendor must be carried out in a proper manner so that there is no issue later on. There must be a level of transparency maintained between the client and vendor (Shabtai, Elovici & Rokach, 2012). The background of the vendor must be looked into before taking any decision.
The problem discussed here is related to a ransomware attack that occurred in the month of May, 2017. This was a cyber attack. The entire world is aware of this incident. The name of the attack is WannaCry attack. The cryptoworm was responsible for this type of attack of the ransomware (Mohurle & Patil, 2017). Computers that were using the Microsoft Windows as its operating system were attacked. Encryption of the data had taken place. There were demands of huge amount of payment by the attackers. Bitcoin cryptocurrency were paid to fulfill their demand.
The attack started in the month of May, 2017. That was a Friday. The number of computers that were affected was around 2 lacs and thirty thousand. It had spread across more than one hundred and fifty countries. England’s National Health Service was affected in a severe manner (Collier, 2017). There was small number of services that were still active during that severe situation. Research studies reported that there was discovery of kill switch that had the code of the ransomware leading to slowing down the process of the attack. Other versions of the ransomware were found out by the attacker to carry on with the attack. Microsoft identified the loopholes in their system to solve the issue and prevent any type of further attacks. Latest versions of the Microsoft Windows 7 and 8 are considered to be safe. The computers that have Windows XP and unauthorized versions of the software or operating system are under major risk.
According to the Europol, there were 2 lacs and thirty thousand computers that have been badly affected. This had happened because these computers were using the operating system that was provided by Windows. This attack had spread across one hundred and fifty countries. The names of the countries that had suffered were Russia, Ukraine, Taiwan and India. The hospitals of Scotland and the National Health Service of England had been badly affected (Pascariu, Barbu & Bacivarov, 2017). Seventy thousands computers were harmed in the hospitals. The devices that were used during diagnosis and operation purposes were also harmed. Productions were stopped in many companies like Nissan Manufacturing. This had happened because production could be continued with virus affected systems. Renault was also in trouble. Different locations had stopped its production. The magnitude of the attack was much less than any other type of attack. The economy was also affected due to this WannaCry ransomware attack. There was a loss of four billion dollars. Organizations like Hitachi and Honda were affected badly. There was many various affected organizations also. The attack was spread over a huge range that created trouble in the operations of the business.
The malware attack called the WannaCry ransomware attack occurred on the 12th of May, 2017. It all started around 7 am in the morning in Asian continent. The SMB port was attacked as it was vulnerable (Mattei, 2017). There was no sign of any email phishing. The malware identified any presence of a kill switch that had domain. If this was not present then the ransomware would attack and perform encryption over its data. The weaknesses of the SMB port are identified by the malware. After completion of the process it asked for huge amount of money approximately three hundred dollars Bitcoin within three days or double the amount in one week (O’Gorman & McDonald, 2012). More than one lac dollars had been transferred in a span of one month from more than three hundred accounts. The operating system of Windows XP is still under the risk of getting attacked.
Several preventive measures have been presented by the Microsoft Protection Center. It is responsible for the purpose of solving any malware related problems (O’ Dowd, 2017). A system should install antivirus software and keep an up to date or latest version of the software. Random websites should not be opened. Any random files should not be saved or downloaded. Regular backup must be taken. Every websites presents a pop up advertisement that needs to be disallowed. Detection software must be installed for the purpose of identifying any malware issue or phishing related issue (Martin, Kinross & Hankin, 2017). Operating systems used need to be advanced and well protected. The incorporation of proper security policies will solve the problem of any types of security threats in the system.
Conclusion
This report concludes that security breaches are spreading at a fast pace. The first part of this report has pointed about the data breach that occurred in the Verizon Company due to leakage of cloud data. This took place in July, 2017. It also provided a substantiated report on the reasons behind as well as the affected people. The second part of the report focused about the ransomware attack called WannaCry that occurred in the month of May, 2017. It gave a description about the preventive measures and affected organizations in details.
References
Collier, R. (2017). NHS ransomware attack spreads worldwide.
Fox News. (2017). Verizon data breach: 14 million customers reportedly exposed. Retrieved 27 August 2017, from https://www.foxnews.com/tech/2017/07/12/verizon-data-breach-14-million-customers-reportedly-exposed.html
Khalil, I. M., Khreishah, A., Bouktif, S., & Ahmad, A. (2013, April). Security concerns in cloud computing. In Information Technology: New Generations (ITNG), 2013 Tenth International Conference on (pp. 411-416). IEEE.
Martin, G., Kinross, J., & Hankin, C. (2017). Effective cybersecurity is fundamental to patient safety.
Mathews, L. (2017). Millions Of Verizon Customers Exposed By Third-Party Data Leak. Forbes.com. Retrieved 27 August 2017, from https://www.forbes.com/sites/leemathews/2017/07/13/millions-of-verizon-customers-exposed-by-third-party-leak/#929962836bc9
Mattei, T. A. (2017). Privacy, Confidentiality, and Security of Health Care Information: Lessons from the Recent WannaCry Cyberattack. World Neurosurgery, 104, 972-974.
Mohurle, S., & Patil, M.(2017). A brief study of Wannacry Threat: Ransomware Attack 2017. International Journal, 8(5).
O’Dowd, A. (2017). NHS patient data security is to be tightened after cyberattack.
O’Gorman, G., & McDonald, G. (2012). Ransomware: A growing menace. Symantec Corporation.
PASCARIU, C., BARBU, I. D., & BACIVAROV, I. C.(2017) Investigative Analysis and Technical Overview of Ransomware Based Attacks. Case Study: WannaCry.
Patel, A., Taghavi, M., Bakhtiyari, K., & JúNior, J. C. (2013). An intrusion detection and prevention system in cloud computing: A systematic review. Journal of network and computer applications, 36(1), 25-41.
Romanosky, S., Hoffman, D., & Acquisti, A. (2014). Empirical analysis of data breach litigation. Journal of Empirical Legal Studies, 11(1), 74-104.
Shabtai, A., Elovici, Y., & Rokach, L. (2012). A survey of data leakage detection and prevention solutions. Springer Science & Business Media.
Uchiumi, T., Kikuchi, S., & Matsumoto, Y. (2012, September). Misconfiguration detection for cloud datacenters using decision tree analysis. In Network Operations and Management Symposium (APNOMS), 2012 14th Asia-Pacific (pp. 1-4). IEEE.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download