Information Security for Computer Security Breach -myassignmenthelp

Question: Discuss about theInformation Security for Computer Security Breach. Answer: Computer Security Breach in Brooks Brothers In May 2017, Brooks Brothers informed that a data breach has been happened to the organization and the customers information related to their payment card may have been affected by these breach. This threat was for the customers who had made purchase at Brooks Brothers retailers and Brooks Brothers outlet, located at Puerto Rico and U.S. between the date April 2016 and March 2017 (Brooks Brothers, 2017). Brooks Brothers confessed that no sensitive personal information were in danger except payment cards. They also reported that personal identifying information and Social Security Numbers were safe and not affected in this incident. The company is taking precautions after this breach affected it. These steps could have been taken earlier to stop such intrusion as well-known proverb Precaution is better than cure. What was the Problem? Based on forensic investigation, Brooks Brothers reported that an unauthorized user was somehow able to gain access to the payment processing system and installed malicious software in that system at their outlet and retail locations. Brooks Brothers have also provided a list at their website of the outlet and retails where this unwanted problem occurred. These lists was provided on the website to aware the customers about this threat and apply necessary precautions they can do to keep themselves safe, like password change, new payment card issuing and others (Brooks Brothers, 2017). Brooks Brothers also informed that any of the online customers were not affected nor the payments made at the airport locations were affected. After the investigation, it was noticed that not all the customers were affected. Only affected customers were the one who used payment card at the retailers or outlet between April 2016 and March 2017. These breach affected all the payment card data including nam e, account number, payment card number, carve verification code and card expiration date. These were sensitive information related to the account of customers that are enough to steal money from their account (Trautman, 2016). With the list, Brooks Brothers also provided additional information how a customer can take steps in order to protect themselves from any unwanted accidents and assuring them that the issue has been solved and transaction system is free from any cyber-attack and personal information of a customer are safe with the company (Biener, Eling Wirfs, 2015). Who were affected? Brooks Brothers is a mens clothing retailer, which has around 400 or more stores spread in the whole world among which more than 200 stores were affected by this breach (Brooks Brothers). This breach was on the run for more than a year and the customers who had purchased the goods from certain stores using card as the mode of payment were the victims of this attack. One-year on-going breach made this vast data breach and led to affect a large population of the customers at Puerto and U.S. This led to the theft of payment and account information of the individuals who made the purchase at Puerto and U.S. outlets and retails. This also affected the reputation of Brooks Brothers, as it makes the customers personal information unsafe. Exposing such personal and sensitive information to unauthorized user may lead to certain privacy and security risk to the customers of Brooks Brothers (Sgouras, Birda Labridis, 2014). How the attack was carried out? Forensic investigators involved in this case reported that an outsider-unauthorized individual was somehow able to access the details involving in payment transaction system. People generally use their credit card and debit cards to make the payment for the shopping done at any store, as this is the easiest way to make payment (Shackelford, 2012). Hackers may have gain access through injecting malicious malware, which is still in shadows that how it get started. According to Specialists and experienced IT the company had not carried out professional penetration tests on regular basis, thus they were not able to detect this breach for that much long time (more than a year). Brooks Brothers had extreme casual attitude towards the data cyber-security of the customers who were purchasing goods from the stores. What could have been done to prevent the Attack If the security of the personal information were the first priority of Brooks Brothers then this mass data breach would have never happened. Brooks Brothers should have taken serious precautions earlier, before implementing payment mode by cards. The system had not any alarming system, which could have notified about this breach earlier. Casualties would be very low, if there was proper alarming or notification system programmed earlier (Anderson et al., 2013). There should be proper audit on regular basis to take care of any intrusion that might have affected the system and the information saved in those systems. This long duration confirms that there was not any reviewing or auditing process in the whole payment system,which is why it took one year to discover the intrusion. There should be a strong vendor default password because it gives the easiest entry for the hackers to enter the system. Limiting the number of people accessing the POS system may have also stopped such unwante d event. Data should not be stored about the payment related information of the customers and if it is necessary, then proper tokenization and encryption technologies should be used in order to make the data and information safe by protecting the data end to end (Sinhger Friedman, 2014). These measures could have stopped this incident from harming such sensitive information of an individual. WannaCry Ransomware Cyber Attack This was one of the biggest cyber-attacks, which affected more than 230,000 computers at the global level between the duration 12th may to 15th may. This cyber attack was named WannaCry Ransomware attack because hacklers used a malicious malware that connects to the computer through network encrypting all the files saved in the storage system, and asks money in the form of Bit Coin Currency for the decryption (Kuner et al., 2017). This cyber attack was started at London when a European opened a zip file that injected that malicious virus into the system and uses network as a path to spread into other systems. What was the problem? The hackers had used an unknown malicious malware that used internet as a path to spread and cause damages to the files of the organization saved in the storage system of the computers. In technical terms, the virus used to encrypt all the files so that a user cannot open any file without decryption, which can only be offered by the hackers who had invented this virus. IT researches found the way to slow down the attack but regular updates were being uploaded to the systems, which wastes all the attempts made by the researchers. This virus was attacking all the operating systems including, window XP, Server 2003, Windows 7, and Windows 8. However, it was reported that Windows XP and Server 2003 were in the list of least affected systems but Windows 7 and Windows 8 were in the list of most affected systems (Renaud, 2017). As most of the organization nowadays are using Windows 7 and Windows 8 as their operating systems. It was also noted that this virus also affected software that were installed from black market mostly. This made China in the top list of affected countries as 70 % of the Chinese use un-authenticated software from black market. Who were affected and how? This cyber-attack damages several organizations in the worldwide, very few of them were able to protect their systems and decrypt those files but most of them became prey of this cyber-attack and had to pay ransom for the decryption. Hospitals, multinational companies, governments and federal all were suffered from this attack. Automobile companies like Renault and Nissan had also to suffer this misery. Many police headquarter systems file was encrypted like Chinese police and Indian Police had to shut down there stations in order to stop spreading this virus (Mohurle Patil, 2017). Electronic companies and Courier Companies like Hitachi and Fed Ex reported the intrusion and exposed about the loss the organization and the customers had to suffer due to this cyber-attack. UK and U.S. hospitals had to cancel the appointments and delay the surgery, which causes serious damage to the patients, and the management of the hospitals as there was not any file accessing related to the patients and doctors. Courier companies reported delay in the deliveries due to the ransomware cyber-attack (Ehrenfeld, 2017). Nissan was less affected than Renault was, as when the virus started they set there all the systems to go offline, which resulted in saving rest of the systems. Russia and India were also in the list of affected victims by this cyber-attack. How was the attack carried out? According to the IT researchers and the developers, attack was initiated at London on 12th may 2017 using a host computer in which the virus was injected after a European opened a zip file. There were several commands in that zip files, which was automatically operating the system and giving command to it. After several hours, it was found by the researchers that the virus is giving command to the system to connect to the network to an unknown server, which in real does not exist (Martin, Kinros Hankin, 2017). This was done for distracting the researchers in manner to gather more time to spread over the network and access to files saved in the storage of those systems. The encryption was too good that no one would be able to decrypt those files. This all happened because of the software installed from the black market and stolen from the U.S. Agency. That software was EternalBlue, which was the only software that could have give access to the hackers to the files saved in the system . This decryption could only be done by software named DoublePulsar, which was available to the hackers only, and they used to install this software on the affected systems if they pay the asked ransom money. What could have been done to prevent the attack? There are a lot of measures and precautions that could have been done to prevent this attack Firstly, the software made by the U.S. Agency should be kept highly secure and should not expose to the internet or black market and if this software was exposed U.S. should inform to the world, which could have helped in taking preventive measures earlier. The files that were being saved in the system should be tokenized and encrypted by using proper techniques (Collier, 2017). Using original and updated versions of the operating system could have also stopped this attack from being such a big mess. Security patches that were provided by the Microsoft should have been made available for the users. Installed better and original anti-virus could have also stopped this attack from being spread in such a large area (Swenson, 2017). References Anderson, R., Barton, C., Bhme, R., Clayton, R., Van Eeten, M. J., Levi, M., ... Savage, S. (2013). Measuring the cost of cybercrime. InThe economics of information security and privacy(pp. 265-300). Springer Berlin Heidelberg. Biener, C., Eling, M., Wirfs, J. H. (2015). Insurability of cyber risk: An empirical analysis.The Geneva Papers on Risk and Insurance Issues and Practice,40(1), 131-158. Brooks Brothers (2017). Retrieved 23 August 2017, from https://oag.ca.gov/system/files/Sample%20Notice_9.pdf Collier, R. (2017). NHS ransomware attack spreads worldwide. Ehrenfeld, J. M. (2017). WannaCry, Cybersecurity and Health Information Technology: A Time to Act.Journal of Medical Systems,41(7), 104. Kuner, C., Svantesson, D. J. B., H Cate, F., Lynskey, O., Millard, C. (2017).The rise of cybersecurity and its impact on data protection.International Data Privacy Law, 7(2), 73-75. Martin, G., Kinross, J., Hankin, C. (2017). Effective cybersecurity is fundamental to patient safety. Mohurle, S., Patil, M. (2017). A brief study of Wannacry Threat: Ransomware Attack 2017.International Journal,8(5). Renaud, K. (2017). It makes you Wanna Cry. Sgouras, K. I., Birda, A. D., Labridis, D. P. (2014, February). Cyber attack impact on critical Smart Grid infrastructures. InInnovative Smart Grid Technologies Conference (ISGT), 2014 IEEE PES(pp. 1-5). IEEE. Shackelford, S. J. (2012). Should your firm invest in cyber risk insurance?.Business Horizons,55(4), 349-356. Singer, P. W., Friedman, A. (2014).Cybersecurity: What Everyone Needs to Know. Oxford University Press. Swenson, G. (2017). Bolstering Government Cybersecurity Lessons Learned from WannaCry. Trautman, L. J. (2016). E-Commerce, Cyber, and Electronic Payment System Risks: Lessons from PayPal.