Part A
Information Security is one of the key factors that are important to be considered by every organisation so that a secure network is accomplished. Information security makes sure that confidential, integrity and availability is maintained without any security breach.
Computer security breaches are increasing day by day, among that pump up was one of the security breaches that occurred on 31st may, 2018. Thus, it is important to maintain the security of the information so that confidentiality, integrity and availability are maintained. In this section, one relevant incident that occurred in year 2018 is discussed.
The problem behind this attack was many unknown assets on the network. It was a massive problem as unknown assets are not authorised which creates the chances of security breach. Thus, all the assets need to identified and only valid users should be allowed to take part on the operations over the network. The other issue behind this attack was poor assignment of privileges (Knackmuß, Möller, Pommerien & Creutzburg, 2015). As there were no privileges, thus all the users access the information that violated the security of the system. The vulnerabilities over the system was also unpatched that exploited many security concerns. These unpatched vulnerabilities future penetrate in the system and breaches the overall security (Ifinedo, 2014). Poor IT security management is the reason due to which cyber-attacks are increasing.
It occurred in May 2018 due to the poor protection of the backend server. The data was stored over the server without any protection. Thus, the information of this backend server was exposed over the internet without any passwords to protect the information. The server was under the supervision of a fitness app names as “PumpUp”. This application allowed all the servers to access the host which covers sensitive information related to patient like their health information, photos, private message or personal communication regarding the disease (Knackmuß, Möller, Pommerien & Creutzburg, 2015). The server also included some social media tokens, apart from that all the confidential information like card details, verification codes and many other things were stored over the network in an unencrypted form. It was found that every time information was exposed in the application by the user it was transferred over the network. the reason behind this attack is poor security conditions over the network.
It is important to secure such system so that confidentiality and integrity of data packets are not violated. This could be done by making sure that all the information that is transmitted over a network is in encrypted form. This assures that even if data is hacked by some third party user it was not in a readable form. Apart from that, the security of a network can be maintained by using firewalls, anti-viruses and intrusion detection system. The network can be made secure by defining an access control list so that only authorised user is allowed to access the information (Zeadally, Isaac & Baig, 2016). In case of PumpUp, a new secure server was created that assure that all the message transmission over the network will take place in an encrypted way. This can be done by using a messaging broker that make sure that information is transmitted privately that too to only valid user. Apart from that the new server, works on a real time concept that allow valid user to access the information rather than accessing from a centralised data store. It can also be prevented by making sure that the communication takes place between authenticated users only. It is also necessary to keep software updated. The network and application should make use of latest technology so that the network can be protected from all the bugs.
Problem
WannaCry cyber-attacks- It was an attack that took place in 2017 and it targeted all the computers that were running on Microsoft operating system (Ehrenfeld, 2017). This attack encrypted the data and the demanded for ransom payments in the form of bit coin. This attack tried to install backdoors in the system.
The problem with this attack is that it gets transferred from one PC to another. All the sensitive information gets leaked on the network through emails or by downloading the information from illegal sources (Ehrenfeld, 2017). The problem with this attack is it exploited the access control measures as it allows unauthorised users to access the information without any permission.
The scope of the attack was to capture the data from all the health service from various countries. This attack aimed in attacking many computers so that they can steal the information of patients regarding their health status in less than 6 hours. This attack spreads from one computer to other. This affected the security of businesses as sensitive information got leaked (Morehouse, Lovecký, Read & Woodman, 2017). The scope of this attack was to block the access of record from valid user and demand for money to relieve it.
Some operational details of the attack is spreading the bugs and vulnerabilities by phishing of emails and encrypting the victim files by making changes so that money could be asked for decrypting the original file. To safeguard the system from this attack it is recommended that infected system should be isolated from the system so that bugs do no penetrate in the system. Apart from that, fake decryption files can be used so that it becomes easy to claim the original file.
Prevention from this attack can be done by ensuring that vulnerability management system is patched in the system. All the backups of data are maintained so that in case of failure it can be easily restored (Schulze & Reinhold, 2018). The organisation should also prepare a disaster recovery plan so that security awareness is created.
Petya cyber-attacks- It is a malware that was developed in 2016 and it aims in targeting all the Microsoft based system. It prevents the windows to boot the system and infects the booting system by encrypting all the hard drive files (Petrenko, Petrenko, Makoveichuk & Chetyrbok, 2018). Apart from that, it requests to bit coins to gain the access of file.
The problem with this attack is that it infects the system overwriting the booting program and then triggers it so that it can restart. It encrypts all the master file of the system and then requires payment in bit coin to relive it. They work on encrypting the major data files and granting permission to all the unauthorised administrative to access the information.
The scope of the attack is to utilize a payload so that it infects the master boot record of the computer which allows invalid user to gain access. The scope of this attack is quiet wide as it has affected many large firms in Europe and US (BRANQUINHO, 2018). In some way, there exists a similarity between wannacry and petya as they spread the bug internally within the network which somewhere decreases the overall performance and efficiency of the network.
Operational details of the attack are that during attack it impacted all the advertising company and many other large firms (Safa, Von Solms & Furnell, 2016). These attacks generally aim in disturbing the actual working process of the computer.
To prevent this attack, it is suggested that encryption process should be stopped if the system shuts down. Apart from that, it is suggested that important files should be read only access so that only valid user access the information and can make changes (Perlroth, Scott & Frenkel, 2017).
Difference between Petya and WannaCry cyber-attack:
|
Petya |
WannaCry |
|
It encrypts only limited file extension. |
It encrypts almost every common used file extension. |
|
The spread speed is slower as compare to wannacry |
Faster Spread Speed |
|
They make use of small email provider called Posteo for validation. |
They do not have specific method for validation |
|
It makes use of reliable methods through which payments are made easily. |
They do not have reliable for making payments |
Conclusion
In this report, computer security breaches that occurred in 2018 are discussed. Pumpup, was one of the breach which is evaluated in terms of its problem, scope and prevention method. In the second part, the difference between WannaCry cyber-attack and Petya was discussed.
References
BRANQUINHO, M. A. (2018). RANSOMWARE IN INDUSTRIAL CONTROL SYSTEMS. WHAT COMES AFTER WANNACRY AND PETYA GLOBAL ATTACKS?. WIT Transactions on The Built Environment, 174, 329-334.
Ehrenfeld, J. M. (2017). Wannacry, cybersecurity and health information technology: A time to act. Journal of medical systems, 41(7), 104.
Ifinedo, P. (2014). Information systems security policy compliance: An empirical study of the effects of socialisation, influence, and cognition. Information & Management, 51(1), 69-79.
Knackmuß, J., Möller, T., Pommerien, W., & Creutzburg, R. (2015, March). Security risk of medical devices in IT networks-the case of an infusion pump unit. In Proceedings of the International Society for Optical Engineering (SPIE).
Knackmuß, J., Möller, T., Pommerien, W., & Creutzburg, R. (2015, March). Security risk of medical devices in IT networks: the case of an infusion and infusion syringe pump. In Mobile Devices and Multimedia: Enabling Technologies, Algorithms, and Applications 2015 (Vol. 9411, p. 94110I). International Society for Optics and Photonics.
Morehouse, M. A., Lovecký, T., Read, H., & Woodman, M. (2017). Quantify? or, Wanna Cry? Integrating Methods Training in the IR Classroom. International Studies Perspectives, 18(2), 225-245.
Perlroth, N., Scott, M., & Frenkel, S. (2017). Cyberattack Hits Ukraine Then Spreads Internationally. The New York Times, 34-90.
Petrenko, A. S., Petrenko, S. A., Makoveichuk, K. A., & Chetyrbok, P. V. (2018, January). Protection model of PCS of subway from attacks type «wanna cry»,«petya» and «bad rabbit» IoT. In Young Researchers in Electrical and Electronic Engineering (EIConRus), 2018 IEEE Conference of Russian(pp. 945-949). IEEE.
Safa, N. S., Von Solms, R., & Furnell, S. (2016). Information security policy compliance model in organizations. Computers & Security, 56, 70-82.
Schulze, M., & Reinhold, T. (2018, June). Wannacry About the Tragedy of the Commons? Game-Theory and the Failure of Global Vulnerability Disclosure. In ECCWS 2018 17th European Conference on Cyber Warfare and Security (p. 454). Academic Conferences and publishing limited.
Zeadally, S., Isaac, J. T., & Baig, Z. (2016). Security attacks and solutions in electronic health (e-health) systems. Journal of medical systems, 40(12), 263.
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
