Computer Security Editing and Proof Reading Services

Task

(A) Hack of Newkirk Products

During August of 2016, Oracle organization became the victim of data breaches. Organization which owns Micros point-of-sale system has stored 330K cash registers including information from all around the world. Organization has cleared that malware program code is placed on their Micros computers to steal the user names and passwords from cash registers. Malicious code was placed to hack the payment system associated with Micros system. However, information of payment card is encrypted strongly and not seems to be decrypted easily but the questions are alive on security compromises in Oracle Cooperation. Recently organization has owned another organization named Micros and all of the assets like point-of-sale system which are used to handle payment details and transactions from customers across 145 countries.

Source of problem

Oracle Cooperation has admitted that risk is only associated with Micros point of sale systems and the attack has no impact on other cloud services and offerings. Experts are saying a bit pointing towards the weaker security implementation with new adopted systems. Perhaps, Oracle has ignored the chances of such attacks on the systems as they are physically secured. But the logical access was possible and that was used by attackers to breach into systems. Oracle’s poor consideration with malware codes and networks insufficient capabilities to test the incoming packages leads the hack. Following is at marked as the bad practices in security of organization those can lead the problems in form of security breaches:

• Irregularities in network monitoring and audit policies
• Ignorance of security risk associated with third party implementations
• Lack of anti-malwares and persistent thread finder programs in network (Armerding, 2012).

How security compromised

Experts investigating the Oracle security has identified that malicious program was injected into network or may be an activity of insiders. Malicious code was observing the systems for transaction detail. Experts and Oracle is pointing towards the Russian Carbanak Gang for the source of hacking activity but it is purely the improper practices in workplace of Oracle those give them a chance to expose the security data. As the Oracle accepts, malicious code was working and monitoring whole systems from a month ago but was not captured. This has raised the question of implementation with third parties for liability and security. Malicious code was capable to steal authentication information for a large number of customers but still there was no activity found against the use of information (Gordon.et.al.2011). Possible path of attack with malware may be:

• Crossing of network firewall: firewall which was absolutely not able to identify the code in packages and bring the systems into risk.
• Lack of audit activities: System was not audited regularly to identify persistent activities and code in systems.
• Poor anti-theft program: Program used to monitor network systems and local storage may not be able to identify the integrated malware codes and processes observing sensitive information within network.

Motto behind the hack

Oracle cooperation was using Micros point-to-sale system for payment processes. Thus, these systems have been target due to type of information they contain. Micros systems hold the information about retailers in various countries working with oracle. Personal and credential information was stored in Micros system but the encrypted form saved for a while to be safe in hacked conditions but plain text may be generated and used as the attack to down the Oracle Cooperation.

Solutions to security attacks

Rapidness in attacks within previous four year has warned Oracle Cooperation to find out the strength of internal security parameters. From the number of solutions, organization needs to identify the best one which suits the working of business operations. Effective solution is that in which Oracle like business organization gets the advantages of cost and effort effectiveness in security of data. Such type of cyber security and computer security threats can be eliminating with following practices as they are considered in case of Oracle by experts:

• Do not let the configurations default and open for devices in network
• Follow the standard practices in implementation of computer devices.
• Encrypt the transactions and locally stored data.
• Secure physical access to resources.
• Apply trust worthy third party applications and services.

In Oracle, internal systems and their working can be safeguarded against the physical access to them with unauthorised users. Also whole system can be kept under the surveillance of security equipments. High quality and recommended anti-malware and anti-virus programs can be used to schedule scanning of system for unwanted and dangerous program codes (Taitsman.et.al.2013). Auto blocking of redundant request to servers is required in filtering to safe the system. Addition to it, strong encryption algorithm can help to become victim of data lose.

(B) Anthem medical data breach 2015

Anthem Inc is one of American health insurance Company which was formerly known as WellPoint Inc before 2014. On February 4, 2015, it has been disclosed by Anthem Inc that organization has been hacked for about 37.5 million records which contains the personal identifiable information. Later, Anthem added that hack to their server is spread over multiple branches and may result into potential loss of 78.8 million records. However, most of reports are blaming China for this information theft but still there is no strong evidence to prove the original source and reason of data lost. Fortunately, there is no activity observed in use of potential information stolen from Anthem. These records contains the personal details like name, address, birth details, medical identification number, social security numbers, mail address etc. including income details.

Reason of hack

Investigation has not find the actual source and reason of heist but it is being said that servers are hacked due to improper implementation of security laws and practices defined by United Kingdom government for cyber security. Another reason was plain text data. Anthem has not bounded by government to encrypt the data and can assist the lawsuit for defence but plain text data was easy for attacker to have access on original values (Gomez.et.al). If encrypted data would be in existence then it will be difficult for attackers to retrieve the original potentially useful information. Third, Anthem has not identified the threads in their network for a large time which shows that organization’s policy to review the network and its components was not so effective and aware for security protections. These three reasons played a vital role behind the hack of information.

Impact of data hack

There is no financial and business loss is made with theft but it is a serious matter of consideration that a large amount of potential data is stolen and may be used to expose the information about persons in cyber markets. If it happens, it will result into loss of huge financial and social loss associated with persons. Also it is known to industry that Anthem had US $100 million insurance policies to assure the security of information in cyber threads. It is being assumed that all of this capital may be used in customer identification process in theft activity. Such cases may lead to return the money back to customers for incomplete of policies and inconvenience in operations. Expose of information in records will lay down the loyalty of organization and customers along with huge financial loss which will take years to recover. In this manner, Anthem as well as potential customers has been targeted for loss. Customers started to move away from Anthem. One third of customers from all industries are going towards the organization which are never hacked in past.

How it happened?

Most of data is in plain and understandable form inside the server. Attacker made target to server to have access to data but it was not so easy. It can be assumed that Anthem has applied enough securities to bypass for data access but not the effective ones to ensure security. As a results, attackers may have passed SQL injections and guessable credentials to create own entity in server. This is possible because persistent behaviour of attack was not known for number of weeks (Davis.et.al.2015). Also the sources of attack activity are not found due to distributed nature of requests made for server which makes it difficult to identify the right ones from the bunch of requests. Poor configuration and tools in server extended the time to survive for attacks. Server was not found robust to filter out unwanted request and packages to it and has spread them across the multiple devices in network. Perhaps, there are some type of loop holes those are kept open for testing and recovery or by mistake leaved open which may be used by attackers to heist the organization.

Anthem’s Response

After the stolen, Anthem informed to targeted persons to monitor activities on their account and suggested them to keep aware with account details and access times. Organization also retained some experts to audit the system in order to prevent extension of security attacks. Organization has invested a lot of capital to ensure security of remaining data. Also most of work is made towards the theft so that customers can be conqueror over the fear they received with this loss. Also suggestions from multiple specialised has been considered to restructure and re-examine the organization. Governmental standards and recommendation in implementation of security has been followed. Data safety regulations and policies are revisited to safeguard the data in workplace (Kedgley, 2015). Addition to all, black markets and cyber crime centres are under the surveillance to monitor the expose and sale of information. Practices and audit reports are defined to ensure the regular testing and scanning of network and log is collected to inform instantly to the administrators for any kind of security breach happening in network. Organization is now more aware in handling of confidential information about business and customers inside the workplace so that insiders can be prevented to leak out the organizational data.