Breach Case Summary

CIS 500 Week 6 Case Study 1 - Cyber Security in Business Organizations - Strayer University 2015 Version NEW

The world of cyber security continues to introduce new threats each year against network infrastructures and computer devices. In the recent years, the impact from cyber-attacks has wreaked havoc on many company brands and organizational reputations. As this issue grows so does the technology to prevent and protect against these malicious attacks. It is absolutely crucial for organizations and businesses to shift focus from defense for different types of attacks to improving safeguards to mitigate the loss of sensitive data when an attack occurs. In addition to the traditional security technology used to detect an attack, companies will have to include

We have all herd of security breaches on corporate servers that has exposed personal and important information that should be secure. Hackers and criminals have been doing this since the invention of the internet and has only increased along with our use and dependency on networks. It is becoming more apparent that company’s need to protect their windows and Unix/Linux servers from known or unknown shortcomings and vulnerabilities from hackers who want to steal information for malicious purposes. Hackers will use codes or malware to corrupt network or operating system of the target company, with the intent to steal information such as proprietary information, personal information including social security numbers, contact information, or any

A data breach incident which happened in 2014 could cost Sony Corp. $8 million in settlements, Bloomberg reported. The data breach happened when North Korean hackers were angered by "The Interview", a film that was centered around a fictional plot to eliminate Kim Jong-Un. Sony is reportedly going to pay $4.5 million to former and existing employees, while the lawyers who handled the case are expected to get $3.5 million.

Despite the presence of network security devices such as firewalls and other security appliances, today's corporate networks are still vulnerable to both internal and external attacks by hackers intent on creating havoc. By proactively

While working as the Chief Information Security Officer (CISO) at the Army Materiel Command, the command was under constant attack by hackers. The Army’s current network defense system was woefully inadequate for protecting the commands 140 locations worldwide. After sustaining a couple of very high profile attacks using these tools, it became evident that something else was needed. One of the command’s subordinate commands was the Army Research Labs and is on one the foremost research labs in the world. One of the labs mission was Cyber Defense and came under my preview as it program manager. The lab had developed several cyber security tools and had been testing them very successfully on a several platforms. The power of this tool

Reconnaissance by attackers may have included a Google search that would have supplied a great deal of information about how Target interacts with vendors. Results would have revealed a vendor portal and a list of HVAC and refrigeration companies (Krebs, 2014g). The results would have also revealed how Target uses Microsoft virtualization software, centralized name resolution and Microsoft System Center Configuration Manager (SCCM), to deploy security patches and system

Security Officers must obtain a consensus for which mitigating controls are key, which can be a trying negotiation between the CISO, Chief Technology Officer, Cyber Threat Intelligence (CTI), Infrastructure Engineering, Audit and Assurance teams, and the Investment and Audit committees. How do you harness your entire organization to focus on a common agreed-upon list of key security controls?

There are three main areas identified as threat vectors for cyber security in relation to CIP: IT networks, insider threats, and equipment and software. Normally, ICS operate on an internal network, called OT (Operational Technology). Occasionally, this isolated network requires a connection to the organization’s corporate network (IT) for routine operation and management. As displayed in the Ukraine blackout, cyber threats infiltrate an organization’s IT systems in order to access ICS networks on the OT network. The methods used to achieve access are often not complex procedures and “can be achieved using a wide array of methods, such as spear phishing, malicious URLs, drive-by attacks” (p. 1). Upon infiltration of an IT network, the threat searches for a lapse in the cyber security program in order to access the OT networks that regulate CI.

Blue Moon Financial (BMF) is a large financial services firm. Recently, its information security team has been working in an elevated status to protect BMF from a recent increase in network intrusions suffered by other financial services firms. Unfortunately, even though senior management recognizes the threats posed by cyber incidents, they have not provided the senior security analyst with a high enough budget to retain experienced information security technicians; as a result, the current security team is inexperienced. Additionally, an incident response plan has not been implemented, but is currently being developed.

Cyber-attacks are common in the defense industry, but in January 2010, a sophisticated, advanced persistent threat hacked into the commercial sector forever changing the face of cyber security. Dubbed “Operation Aurora” by McAfee, the attack targeted specific high profile corporations to obtain valuable intellectual property. Google, Yahoo, Juniper Networks and Adobe Systems were also among the victims of this highly coordinated cyber heist. By manipulating computer codes the attackers were able to exploit the Microsoft Internet Explorer vulnerabilities to gain access and obtain valuable sensitive information from over thirty high profile companies. Operation Aurora proves that the world is entering into a high-risk era where

The frequency and severity of cyber-attacks on maritime targets increases every year. Often the damage is not discovered until years later. The cyber-attack on the port of Antwerp began in 2011 and continued until it was discovered in 2013. The Danish Maritime Authority was attacked in 2012 by a virus contained in a PDF (portable document format by Adobe). The virus spread throughout the Maritime Authority’s network and into Danish government institutions before it was discovered in 2014. Reasons for the ever-increasing security exposure include the growing use and interdependence of computer systems, the relative ease and extreme value of executing attacks, and the exceptional difficulty in identifying the culprits and bringing them to justice. Regrettably, some port authorities contribute to their vulnerability by addressing cyber-security as a technology threat best left to IT professionals. On the contrary, successful and serious cyber-attacks are inevitable and the planned response must be subject to the same governance and scrutiny that any existential threat would receive. One reason that port authorities hesitate to engage cyber-threats at the Board level is a lack of appreciation for just how impossible cyber-security is. A more complete understanding of the factors that complicate cyber-security can assist Directors in stepping up to set priorities and oversee contingency and remediation plans.

Since our first goal is to stop attacks before they stop business, harm innocent people by stealing their information, or causing losses in any other different way Cyber Software, Inc. for many decades has been trusted by the world’s leading companies — this company has provided its service to small business like many of the local retail business, as well as large clients like the Baltimore City Government, also to too many well known companies including 26% of the Fortune 200 companies — Our dedication is to protect their highest-value information assets, infrastructure and applications.

Ever since the creation of the internet more than two decades ago, cyber-attacks have increased in sophistication and frequency. The conventional paradigm of cyber-attacks was to target a number of system vulnerabilities, write exploits, and then mass distribute them to a large number of internet hosts. For this reason, most security systems focused on defending against Malware, making sure that all systems are timely patched with the most up to date version of operating systems etc. However, these conventional defenses are often insufficient to defend against more powerful attacks staged by insiders. Insider

Abstract: Organizations are taking computer security more seriously every day, investing huge amounts of money in creating stronger defenses including firewalls, anti-virus software, biometrics and identity access badges. These measures have made the business world more effective at blocking threats from the outside, and made it increasingly difficult for hackers or viruses to penetrate systems. But there are still threats that put organizations at risk , this threats are not necessary from external attackers, in this paper we will analyze what are the internal threats in organizations, why are we vulnerable and the best methods to protect our organizations from inside