Tuesday, May 5, 2020
Information Security for Web Based and Computing- myassignmenthelp
Question: Discuss about theInformation Securityfor Web Based and Cloud Computing. Answer: Introduction There are numerous web-based and cloud computing applications and services that are being used by the organizations. The automation of the business activities and operations have provided the organizations with the ability to carry out the tasks quickly and accurately. The volumes and variety of the data has also increased as a result. One organization handles various projects at the same time and there is a lot of information that an organization manages and processes. This has led to certain drawbacks and occurrences to look upon. There are many security risks, events and threats that take place in association with the user and business information that may have some extremely dangerous and harmful impacts. Information Security and protection are the disciplines that have grown immensely in the recent years. There are varied information and data sets that are present, such as, sensitive, critical, public, personal etc. The report covers the analysis of a recent information security breach along with the ransomware attack that was given shape by the attackers in May, 2017. Security Breach at OSHA OSHA stands for Occupational Safety and Health Administration which is a public sector agency based out of the United States and operates in the department of labor. There are certain categories and types of information that are extremely sensitive in nature and the health information belongs to the same. The majority of the data sets at OSHA are therefore sensitive. There are technological changes that are taking place with each passing day and OSHA is an agency that decided to incorporate the same in its data operations and management. The health information was converted to its electronic form for storage and transmission. The process welcomed certain flaws in security which gave shape to the information breach in August, 2017. The electronic reporting mechanism that was carried out at OSHA was shut down as an outcome. OSHA had launched an injury tracking application (ITA) on 1st August 2017. The motive of the application was the record maintenance of the injuries that were reported in an automated manner. The attackers took advantage of the security flaws in ITA and there were some initial pages that were targeted and affected. It then spread to the entire application and system which exposed the sensitive health information to the malevolent parties (Gonzalez, 2017). It was not only the patients that were impacted by the security breach as the privacy and confidentiality of their information was compromised. The incident took its toll on the members of the staff at OSHA as well. The demographic and employability details of the staff members were also exposed. The occurrence proved to be disastrous for OSHA as the customers could no longer trust the agency and its services which led to disengagement of the customers and the poor impact on the reputation in the market (Tornone, 2017). There is a threat agent or the mode of attack that is always involved in any of the security breaches and events. The case was no different with the security breach at OSHA as the ITA had a weak and an unsecure access point. ITA is an application that was not deployed at OSHA earlier. None of the similar applications were being used by the agency either. Due to the lack of experience and a complete idea of the possible security flaws, the implementation team and the application developers did not check on the security of the access points. This loophole and vulnerability in the application security was later used by the malicious parties to give shape to the security breach at OSHA (Golla, 2017). Network based security attacks are being executed at a rapid scale in the present day applications. It is because of the reason that networks are the prime links that are used in the modern day applications and there are varied access points that are also present. OSHA could have used the latest network security measures to prevent the security occurrence that took place. Researchers and technocrats are extensively working in the area of network security and have come up with the automated network security solutions for the activities such as network monitoring, network based intrusion detection and prevention, maintenance of logs on the network activity, network audits and reviews. These tools would have generated the adequate alerts at the time of the initial attempts that were made by the attackers at OSHA (Bertino, 2015). The security of the applications, systems and the entire organization cannot be generalized. There is no common or standard security protocol that can be applied to protect and safeguard all the elements at once. It is required to develop and implement the security policies and protocols as per the nature of the element and the set of requirements. For instance, in the case of OSHA, access control is one of the most significant security steps that should have been upgraded as per the requirements. There is physical access control that was required at all the entry and exit gates along with the technical and logical access control mechanisms for the protection of systems and applications. Identity management using two-fold authentication scheme would have also proved to be extremely useful in case of OSHA (Wangen, 2017). Malware are the malicious codes and programs that are designed with the aim to cause deliberate damage to the victim by triggering the code at the desired point of time. OSHA should have made use of firewalls and proxy servers as the basic measures to security along with the implementation of anti-viruses and other anti-malware packages. These packages would have generated the logs and alerts in case of the presence of any malware in the entire chain of systems and applications. Administrative checks and controls also have a huge significance in the maintenance and execution of security. There are Chief Information Officers (CIO), Security Managers, Security Auditors and several other resources that are recruited in the security department. OSHA must also have a vigilant security department. However, these security teams are required to develop administrative properties and measures to make sure there is complete adherence and compliance to the security policies. There should be active use of the automated tools and protocols as well for the purpose. May 2017 WannaCry Ransomware Attack It is now seen that the users have become used to the security occurrences and cases that have a low to medium impact. This is due to the reason that the frequency of such attacks has increased at an immense rate. However, some of these cases become notable due to their degree of damage and the number of victims that are impacted. One of the recent cases that took the world by storm was WannaCry ransomware attack in the month of May, 2017. There are various forms of malware that have been launched by the hackers and attackers and one such malware is the ransomware. It is a malicious code that encrypts the user information and also blocks the access to the files and the system. In order to re-gain the access, the users are asked to pay a price which is the ransom. WannaCry was a ransomware attack that was execute at a large scale and impacted the systems and applications worldwide. There were over 150 countries that had to bear the toll of the attack. A cryptoworm was launched by the team of attackers that targeted the machines that were based on the operating system as Microsoft Windows. The cryptoworm encrypted all of the information that was present in these systems and a message was flashed on the screens to pay the ransom in the form of Bitcoin cryptocurrency (Wong Solon, 2017). b National Health Staff (NHS) located in United Kingdom is the organization that was among the first reported of the WannaCry attack. The first report was lodged on May 12, 2017. NHS witnessed the shutting down of all of its systems one by one with a message being displayed on each system as a ransom of USD 300 (230) was to be provided by the system owners. Many of the other countries from Europe also reported of the similar experience after the passage of time. Russia also provided an account of the similar happening and it is being said that Russia was hugely impacted by the attack (Hern Gibbs, 2017). There were many other countries in Europe and Asia that had to experience the massive attack on the information and system security. Some of these countries include China, Turkey, India, Japan, Malaysia, Germany, Italy, France etc. The attackers executed the attack after a great research and analysis of the security vulnerabilities in Microsoft Windows. There was one of such security flaws termed as EternalBlue that was highlighted in the Windows systems. It was declared that the vulnerability was overcome with the release and installation of the necessary security patches. A group of hackers called Shadow Brokers made EternalBlue public in April, 2017. It is the same flaw that was used in the execution and spread of the WannaCry ransomware. WannaCry is an example of the security attack that took place because of weaknesses in the security architecture and the negligence of the service providers and service users. The security vulnerability in the Windows systems was identified and analyzed well before the WannaCry attack. Adequate and necessary steps were not taken by the service providers and the service users to ensure that the system was completely secure and the security vulnerability was not present any longer (Palmer, 2017). User awareness is one of the requirements to make sure that the security information and the measures to improve the security status are taken by every user. The same should have been done by Microsoft as well with the use of so many mediums to connect with the users such as social media accounts, discussion forums, emails and so on (Erlich Zviran, 2010). Malware are the malicious codes and programs that are designed with the aim to cause deliberate damage to the victim by triggering the code at the desired point of time. Microsoft along with all the business units and organizations should have made use of firewalls and proxy servers as the basic measures to security along with the implementation of anti-viruses and other anti-malware packages. These packages would have generated the logs and alerts in case of the presence of any malware in the entire chain of systems and applications (Al-Hamdani, 2009). Technology has provided the users with so many applications and automated tools for the maintenance of security and the installation of the measures for enhancement of the security infrastructure. Such tools and applications shall be analyzed according to the specific needs and requirements of the system. There shall be measures that must be taken for understanding the different features and functionalities that are offered by different vendors and the most applicable out of all shall be implemented. It is necessary to regularly update the systems and applications to the latest versions that are offered by the vendors so that the security occurrences that are specific to particular versions are avoided by default. Conclusion Information is one of the most important and primary asset of the organizations and the users. It is necessary to develop the measures that can lead to the avoidance of the security breaches and the technology shall be put to use for the same. References Al-Hamdani, W. (2009). Three Models to Measure Information Security Compliance. International Journal Of Information Security And Privacy, 3(4), 43-67. https://dx.doi.org/10.4018/jisp.2009100104 Bbc. (2017). Massive ransomware infection hits computers in 99 countries - BBC News. BBC News. Retrieved 31 August 2017, from https://www.bbc.com/news/technology-39901382 Bertino, E. (2015). Security and privacy of electronic health information systems. International Journal Of Information Security, 14(6), 485-486. https://dx.doi.org/10.1007/s10207-015-0303-z Erlich, Z., Zviran, M. (2010). Goals and Practices in Maintaining Information Systems Security. International Journal Of Information Security And Privacy, 4(3), 40-50. https://dx.doi.org/10.4018/jisp.2010070103 Gollan, J. (2017). Labor Department blames data breach for injury reporting sites shutdown. Reveal. Retrieved 31 August 2017, from https://www.revealnews.org/blog/labor-department-blames-data-breach-for-shutdown-of-employee-injury-reporting-site/ Gonzalez, G. (2017). Security breach shuts down OSHA electronic reporting application - Business Insurance. Business Insurance. Retrieved 31 August 2017, from https://www.businessinsurance.com/article/20170816/NEWS08/912315224/Security-breach-shuts-down-OSHA-electronic-reporting-application Hern, A., Gibbs, S. (2017). What is WannaCry ransomware and why is it attacking global computers?. the Guardian. Retrieved 31 August 2017, from https://www.theguardian.com/technology/2017/may/12/nhs-ransomware-cyber-attack-what-is-wanacrypt0r-20 Palmer, D. (2017). Your failure to apply critical cybersecurity updates is putting your company at risk from the next WannaCry or Petya | ZDNet. ZDNet. Retrieved 31 August 2017, from https://www.zdnet.com/article/your-failure-to-apply-critical-cyber-security-updates-puts-your-company-at-risk-from-the-next/ Tornone, K. (2017). OSHA halts new online reporting following security breach. HR Dive. Retrieved 31 August 2017, from https://www.hrdive.com/news/osha-halts-new-online-reporting-following-security-breach/449551/ Wangen, G. (2017). A framework for estimating information security risk assessment method completeness. International Journal Of Information Security. https://dx.doi.org/10.1007/s10207-017-0382-0 Wong, J., Solon, O. (2017). Massive ransomware cyber-attack hits nearly 100 countries around the world. the Guardian. Retrieved 31 August 2017, from https://www.theguardian.com/technology/2017/may/12/global-cyber-attack-ransomware-nsa-uk-nhs
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.