Cyber Attacks Computer Security Breaches †Myassignmenthelp.Com

Question: Discuss About The Cyber Attacks Computer Security Breaches? Answer: Introduction It is not that uncommon to hear that voters data bases has been exposed or breached somewhere around the world. However, a massive breach which affected the lives of a whopping 198 million US voters is something unheard off. This was one of the largest data exposure in the history of USA, where the Cyber Risk Team who enquired into it found out that personal details of over 198 million of American voters were up on the web. It was later known that a firm who were working for Donald Trump had accidently triggered the massive leak. The event On June 19, 2017 UpGuards cyber risk analyst Chris Vickery found an open cloud repository as he was looking for some misconfigured data sources for his company. The repository which was an Amazon Web Service S3 bucket did not have any firewall and was easily accessible to common mass of people (Varia Mathew, 2014). Anyone using the internet could have had access to the files which helped Donald Trump become the president by simply going to the Amazon sub domain: dra-dw. Dra-dw usually is known as Deep root Analytics Data Warehouse and is quite common in businesses nowadays. It is actually a huge collection of data which are used for very complex calculations. The leak could have led to a widespread breach in security if Vickery had not noticed it and notified the concerned authorities (Pfleeger Caputo, 2012). Deep Root Analytics revealed that they were in charge of the bucket which was later secured against public access. There was 1.1 terabytes of data in the dra-dw which is an amount which is close to 500 hours of video. It could be downloaded and the amount of data accessible was huge. In addition to this there was 24 terbabytes of data which was stored but these were prevented from public access. Ultimately the data stored in the misconfigured database was equal to 10 billion pages of text (Brodie, Mylopoulos Schmidt, 2012). The people whose details were compromised The ones that were accessible however, had detailed profiles of 198 million registered voters which meant that almost everybody who were eligible to vote in 2016 election were there (Fowler, 2015). It exposed people right from locations in Mexico and Phillippines to that in Georgia. The information on the voters to dated back to more than 10 years. However, this information that was leaked was not stolen by hackers. It was moved to a server which did not have the necessary security (Solms Niekerk, 2013). According to Vickery there was not even a password to protect it. Any man, woman, child with the link could click on it and have every information on all voters in America. Vickery says the data came from different sources and were merged together by the analytics company. Some of these information were publicly available like in voter rolls. Others came from social networks and consulting groups like Kantar Research and PACs. When Deep Root was asked by Forbes as to how the leak happened they said that they were conducting an internal review and have brought in cyber security firm Stroz Friedberg to make an in-depth investigation (Wang Lu 2013). This is a type of leak which can happen anytime despite measures being taken. These information can be damaging at times for people. Even though it is not a work done by the hackers, and are misconfigurations relating to servers, these lead to such cybersecurity risks (Zhang et al., 2014). The files started with the voters first and last names, therefore there was no way to mask the identities of the voters. The files also revealed a lot of more data like the voters address, mailing address, phone number, registered party, demography, date of birth, voter registration status and also if they are on the Do Not Call list. Also given were the religion and ethnicity of the voter. Remedies to such leaks To avoid such a leak again analysts point to a few remedies which can help in lessening the number of misconfigured servers which exposes private data on the web. Next people need to be made aware about these leaks. Organizations will have to be motivated to build resources such as setting up servers and maintaining them properly. Another step can be to make default settings for databases in the cloud tighter so that security cannot be compromised (Refsdal, Solhaug Stlen, 2015). Some security companies have already started creating software which can scan systems setup and warn tech people if something lies unprotected or gets exposed. This is something that UpGuard did in the case to avoid the leak from wreaking havoc. This case joins other database misconfiguration incidents like the Hollywood screener system, Microsoft sites and dating services. The exposure has raised quite a few questions on security and privacy of Americans. This also happened at a time when there had been a lot of cyber assaults in the country against state voter databases. What is quite troubling is that such a huge national database of voters was created and placed online without even the simplest protections against public access. It also questions the roles and responsibilities of private organizations who are in charge to maintain these confidential data. One only shudders to think what could have happened had the data got into the hands of criminals. Identity theft, fraud, corporate marketing spam, advanced political targeting could all have been possible with 198 million of American voters. Any of these information which were leaked can be easily prevented if the organizations holding such data can obey a few simple rules before uploading them on the databases. First six months of 2017 faced an unexpected number of cyber-protection challenges. Among many was the scary launch of the WannaCry ransomware, critically targeting the Microsoft Windows operating systems (Shoukry et al., 2017). This report in particular highlights the impact of the ransomware and possible defenses against the attack, presented by analysts and researchers. Vulnerability in the traits of Microsoft operating system proved to be beneficial for the hackers.The ransomware in discussion operated in a mode to encrypt the main file system of a system and potentially claimed ransom in bit-coins, a currency in Crypto-currency, a digital infrastructure for payments. Precisely on 12 May 2017, the world witnessed the release and impact of this attack, with continuation until 15th of the month (Martin, Kinross Hankin, 2017). Reports of infected computers, the approx total being 230,000 emerged out to media. The ransomware benefited from the existing limitation of Microsoft earlie r discovered by National Security Agency (NSA), which took advantage of the same for their self-offensive commandments. The hackers in a way leaked this flaw, to spread the malware widely for monetary gain by blocking access to a file system. As a first step towards blocking, this malware successfully disguises as software, projecting the threat to the user of encrypted files and of the blocked access with a payment demand and deletion warning. Alongside with directions of the mode of payment and designated addresses for the same was provided to the user. Analysts held a case study to coat this ransomware as a worm, as this was projecting a similar transfer mechanism infecting systems around gradually. The codes of operation involved the detection of vulnerability present in MS systems, which is Eternal Blue to develop access to systems. Hackers, for next attempt, invented a variant of WannaCry, Mirai. Europol conducted a study to discover about 200,000 computers being infected over 150 countries approximately (ODowd, 2017). Kaspersky lab presented inventory results about the majorly affected regions including Russia, Ukraine, India and Taiwan. National Health Services (NHS) located in England and Scotland was adversely affected. Numerous public utilities approximately amounting to 70,000 ranging from computers, MRI-Scanners, blood storage refrigerators to other theatrical equipments (Collier, 2017). Emergencies got terminated, ambulance services were halted, relative to NHS, even in Wales and Ireland retuned from work. Grand organizations as Nissan Motor Manufacturing UK in Tyne Wear, England called the production off for the day; similarly, Renault Company also stopped the production to avoid any system-risks (Mattei, 2017). Absence of Microsoft updated versions in organization left them pore to the attack in a more adverse way, since no security patches were released for the XP versions ever since April 2014. Cyence configured a financial loss estimated to be about 44 billion while others derived a loss summing up to $130,634.77 surrounding 327 payments in relevance to the ransomware release. WannaCry initiated the attack in Asia as reported. SMB provided the ransomware the access to the main system, which was automated to spread through various networks. The malware proceeds following certain steps, to gain access to the systems around. Firstly, the malware performs a scan on the systems to detect kill-Switch domain. In its absence it becomes easier for the malware to encrypt the files. The ransom enclosed a sum of $300 when paid within 3 days while it escalated up to $600 in limit of 7 days through bit-coins. Web- addresses assigned for the collection of the payments had labels wallets to register the money (Gandhi, 2017). Three distinct segments are present in relevance to the execution of the malware. The initial display is the Payload (mssecsvc.exe): this program performs the encryption of the files and results in malicious activities. Next is the ransom program (taskche.exe): as recorded the program itself withholds an encrypted key, the decrypt part is secured with the attacker, which is enabled to decrypt both the sub-private as well as public key and saves the same. AES key potentially encrypts the file contents as M2, which is destined to be saved as M1. This collaborated version contains a header WANNACRY. Finally, the ransom program- (@WannaDecrypt@.exe): provides information about the demands to be fulfilled in bit-coins (Mohurle, Patil, 2017). The remedy Marcus Hutchins, a tech-security expert, situated in England built successfully a vaccine against this termed as kill-Switch, a formerly registered domain technique reducing the wild spread of the malware. This domain effectively terminates the software. To prevent its transfer in quarantined devices this particular domain was present in the malware-codes. This was not able to cure infected alignments but surely limited the spread in North America and Asia. Several experts from universities of London and Boston claimed resolutions to the impact of the attack (Knobel, 2017). Based on the use of AES key to decrypt RSA sub-private key, researchers discovered tools namely, WannaKey and WannaKiwi providing help to retrieve keys of concern, former for Windows XP and later for Windows 7 and 2008 R2 systems. Conclusion Analysis of the reports, help us conclude that the intensity of the attack and the leaked vulnerabilities of the systems resulted in the enactment of updates for Windows versions. As a self-security, avoidance of suspicious sites with malicious behaviors is necessary. Finally, payment regarding a ransomware should not be supported as it encourages hackers. Prevention before cure should be the mantra. Updated versions should be in notice of the users to protect their valuable file system. Solutions by the analysts, towards this malware were commendable. Risk-management should be promoted. References: Brodie, M. L., Mylopoulos, J., Schmidt, J. W. (Eds.). (2012). On conceptual modelling: Perspectives from artificial intelligence, databases, and programming languages. Springer Science Business Media. Collier, R. (2017). NHS ransomware attack spreads worldwide. Fowler, A. (2015). Regular voters, marginal voters and the electoral effects of turnout. Political Science Research and Methods, 3(2), 205-219. Gandhi, K. A. (2017). Survey on Ransomware: A New Era of Cyber Attack.International Journal of Computer Applications,168(3). Knobel, A. (2017). Technology and online beneficial ownership registries: easier to create companies and better at preventing financial crimes. Martin, G., Kinross, J., Hankin, C. (2017). Effective cybersecurity is fundamental to patient safety. Mattei, T. A. (2017). Privacy, Confidentiality, and Security of Health Care Information: Lessons from the Recent WannaCry Cyberattack.World Neurosurgery,104, 972-974. Mohurle, S., Patil, M. (2017). A brief study of Wannacry Threat: Ransomware Attack 2017.International Journal,8(5). ODowd, A. (2017). NHS patient data security is to be tightened after cyberattack. Pfleeger, S. L., Caputo, D. D. (2012). Leveraging behavioral science to mitigate cyber security risk. Computers security, 31(4), 597-611. Refsdal, A., Solhaug, B., Stlen, K. (2015). Cyber-risk management. InCyber-Risk Management(pp. 33-47). Springer International Publishing. Shoukry, Y., Nuzzo, P., Puggelli, A., Sangiovanni-Vincentelli, A. L., Seshia, S. A., Tabuada, P. (2017). Secure state estimation for cyber physical systems under sensor attacks: a satisfiability modulo theory approach.IEEE Transactions on Automatic Control. Varia, J., Mathew, S. (2014). Overview of amazon web services. Amazon Web Services. Von Solms, R., Van Niekerk, J. (2013). From information security to cyber security. computers security, 38, 97-102. Wang, W., Lu, Z. (2013). Cyber security in the Smart Grid: Survey and challenges. Computer Networks, 57(5), 1344-1371. Zhang, J., Renganarayana, L., Zhang, X., Ge, N., Bala, V., Xu, T., Zhou, Y. (2014). EnCore: Exploiting system environment and correlation information for misconfiguration detection. ACM SIGPLAN Notices, 49(4), 687-700.