Case 1
1. What exactly occurred?
Twitter is one of popular social media that targeted to be hacked.
The social network said in that approximately 250,000 user accounts were potentially compromised, with attackers gaining access to information including user names and email addresses. The company first detected signs of an attack earlier in the week, which led to an investigation and the discovery of a larger breach. The company detected unusual access patterns that led to identify unauthorized access attempts to Twitter user data. They discovered one live attack and were able to shut it down in process moments later. However, their investigation has thus far indicated that the attackers may have had access to limited user information. Twitter has reset the passwords and revoked session tokens, which allow user to stay logged into the service without reentering a password, for all of these accounts. Affected users will not be able to log in and will receive an e-mail instructing them to reset their password.
2. How was the company affected?
Twitter reports that 250,000 user accounts may have compromised. The company is able to detect the hacker immediately and send e-mail to the affected users instructing them to reset their passwords. They also recommend all users to create strong passwords and disable Java in their browsers.
3. What (if any) measures has the company taken since the breach to prevent future similar incidents?
The company offers tips for all of its users going forward, including using strong passwords that mix numbers and symbols with upper- and lowercase letters, not using the same password for multiple accounts, update and upgrade antivirus software and disabling Java. The company also provides tips to keep the account secure and also steps to take if your account has been compromised.
4. In your opinion, did the company have sufficient security safeguards in place prior to the breach?
In my opinion, Twitter has sufficient security safeguards in place prior to the breach. Twitter is able to detect the attacker before they get through all 200 million monthly active users. 250,000 accounts of affected users is a small amount comparing to the number of Twitter active users. After they notice the attack, the company have been reset the password of affected users and send them e-mail to change their password. I believed that after the breach Twitter would be more aware of the security protection.
Case 2
1. What exactly occurred?
Google detected a coordinated attempt by Chinese entities to compromise the accounts of Chinese dissidents. David Drummond, Google’s chief counsel, said, “A primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists.” According to George Kurtz at McAfee, the attacks were part of a large-scale, well-organized operation called Aurora. As a result, Google has stopped censoring its search results in China, and has considered pulling out of the country entir ...
Case 11. What exactly occurred Twitter is one of popular soci.docx
1. Case 1
1. What exactly occurred?
Twitter is one of popular social media that targeted to be
hacked.
The social network said in that approximately 250,000 user
accounts were potentially compromised, with attackers gaining
access to information including user names and email addresses.
The company first detected signs of an attack earlier in the
week, which led to an investigation and the discovery of a
larger breach. The company detected unusual access patterns
that led to identify unauthorized access attempts to Twitter user
data. They discovered one live attack and were able to shut it
down in process moments later. However, their investigation
has thus far indicated that the attackers may have had access to
limited user information. Twitter has reset the passwords and
revoked session tokens, which allow user to stay logged into the
service without reentering a password, for all of these accounts.
Affected users will not be able to log in and will receive an e-
mail instructing them to reset their password.
2. How was the company affected?
Twitter reports that 250,000 user accounts may have
compromised. The company is able to detect the hacker
immediately and send e-mail to the affected users instructing
them to reset their passwords. They also recommend all users to
create strong passwords and disable Java in their browsers.
3. What (if any) measures has the company taken since the
breach to prevent future similar incidents?
The company offers tips for all of its users going forward,
including using strong passwords that mix numbers and symbols
with upper- and lowercase letters, not using the same password
for multiple accounts, update and upgrade antivirus software
and disabling Java. The company also provides tips to keep the
account secure and also steps to take if your account has been
compromised.
2. 4. In your opinion, did the company have sufficient security
safeguards in place prior to the breach?
In my opinion, Twitter has sufficient security safeguards in
place prior to the breach. Twitter is able to detect the attacker
before they get through all 200 million monthly active users.
250,000 accounts of affected users is a small amount comparing
to the number of Twitter active users. After they notice the
attack, the company have been reset the password of affected
users and send them e-mail to change their password. I believed
that after the breach Twitter would be more aware of the
security protection.
Case 2
1. What exactly occurred?
Google detected a coordinated attempt by Chinese entities to
compromise the accounts of Chinese dissidents. David
Drummond, Google’s chief counsel, said, “A primary goal of
the attackers was accessing the Gmail accounts of Chinese
human rights activists.” According to George Kurtz at McAfee,
the attacks were part of a large-scale, well-organized operation
called Aurora. As a result, Google has stopped censoring its
search results in China, and has considered pulling out of the
country entirely.
2. How was the company affected?
The attacks were not just about dissidents. The attacks appeared
to be part of a coordinated campaign that targeted the
intellectual property of a wide swath of the US industrial base,
including Dow Chemical, Symantec, Yahoo!, Northrop
Grumman, and Juniper Networks.
The attack will spur more collaboration between the US private
and public sectors. Dispassionate observers will recall reports
in the news from last year about large-scale industrial attacks
against the US government and critical infrastructure. If these
more recent attacks against private companies are also felt to be
coming from similar sources (the PRC government, PLA red
teams etc.), it won't take a genius to start connecting the dots. A
3. formal public/private attack data sharing program, with
generous safe-harbor exemptions, would be a good start. Re-
invigorating the ISACs would be another.
3. What (if any) measures has the company taken since the
breach to prevent future similar incidents?
CISOs should dust off their social engineering playbooks and do
some internal phishing testing on their employees to make sure
their staffs get the message.
4. In your opinion, did the company have sufficient security
safeguards in place prior to the breach?
I think it is not enough for security. As an international
company, they should let each country’s customer information
keep independent. I believe if the American hackers attack
Chinese customer Gmail, same problem will be happen, too. The
best thing enterprises can do now is examine their security
program to make sure that it includes healthy balanced diet of
controls that protect both toxic data and secrets. I describe what
enterprises should consider in my recent report.
Case 3
In January 2012, Zappos.com was the victim of a cyber attack
by a criminal who gained access to parts of its internal network
and systems through one of its servers in Kentucky. More than
24 million of its customer accounts had been compromised.
Hackers were able to access Zappos customer's names, e-mail
addresses, addresses, phone numbers, the last four digits of
credit card numbers and cryptically scrambled passwords.
Zappos then has expired all customers' passwords, and directed
customers to reset their passwords via a dedicated password-
reset page.
Zappos lost its reputation, brand, and trust with its customers
due to this incident. Since most of people use similar passwords
for most of their online log-ins or even online banking.
4. Therefore, the Zappos breach made huge sense of how
dangerous it could be to its customers.
However, Zappos seems to have sufficient security safeguards
in place prior to the breach as follow.
Advance planning mitigates breach fallout.
Zappos has already taken concrete information security
steps,prior to the breach, to mitigate the potential fallout of any
breach it might suffer. Such steps included hashing all user
passwords and storing credit card data in a separate database.
Create a response plan in advance. Zappos appeared to have a
data breach notification response plan already in place. As part
of that plan, the company emailed all employees with details
about the breach, and included a copy of the breach-notification
email it then sent to customers.
Issue a clear, timely warning. After Zappos suffered a breach,
the company issued a clear, timely notification to its customers,
warning them that they should change their passwords on
Zappos.com, as well as any other site on which they reused the
same password.
Secure stored credit card data. Cryptographically storing credit
card numbers is a Payment Card Industry Data Security
Standard (PCI DSS) requirement. Zappos apparently didfollow
the PCI regulations. Zappos credit card information was
encrypted or not stored in a way that hackers could use.
Case 4
Security breach is a situation where an individual intentionally
exceeds or misuses network, system, or data access in a manner
that negatively affects the security of the organization’s data,
systems, or operations.
5. The article is talking about a security breach has exposed
the information of many iPad owners including dozens of CEO,
military officials, and top politicians. However, it does not stop.
Because of AT&T network, there are 114,000 user accounts
have been exploited. The information of exposing in the breach
included email-address, associated ID and some information
about identify the SIM card.
AT&T closed the security hole. However, the victims have
been unaware. This will influence the relationship between
Apple and AT&T. “Brisk sales for the original wi-fi iPad had
promised to turn the 3G model into a similar profit machine.”
There are some methods of protecting consumers from
security breaches. Changing the passwords frequently is the
simplest way of protecting. Examining security logs whenever
consumers log in. Updating systems will be another method of
protecting consumers. Also, company should implement a
security plan. And I think the most important way is raising the
awareness of customers’ information security.
In my opinion, the company does have security safeguards.
However, there is no comprehensive safe for the consumers. If
company and consumers want to decrease the security breaches,
they should work together. Company should give a whole
security plan and customers should increase their awareness of
protecting their private information.
Example Case
6. 1. The Indiana Family and Social Services Administration
(FSSA) has suffered a large breach of protected health
information (PHI) as the result of actions of a business
associate (BA). The Indiana Family and Social Services
Administration (FSSA) is in the process of notifying some
FSSA clients that some of their personal information may have
been accidently disclosed to other clients. The accidental
disclosures may have occurred when RCR Technology
Corporation made a computer programming error to a document
management system the company supports on behalf of FSSA.
This error caused an undetermined number of documents being
sent to clients to be duplicated and also inserted with documents
sent to other clients. This means some of the clients may have
received documents belonging to other clients along with their
own documents. This was the second reported large PHI
security breach suffered by the FSSA as a covered entity (CE)
at the hands of a BA.
2. The company has been affected mainly by the programming
mistakes and the many other human and technical errors and
that leaded to security breaches. In compliance with federal and
state privacy law, FSSA has sent written notices to the 187,533
potentially impacted FSSA clients informing them that some of
their personal information may have been disclosed.
The client of FASA may have received a surprise in the mail
sometimes between May and early june of 2013. The FSSA mail
had been opened to see detailed information about another
FSSA client that could had included their name, address, case
number, date of birth, gender, race, telephone number, email
address, types of benefits received, monthly benefit amount and
employer information. Some financial information such as
monthly income and expenses, bank balances, other assets and
certain medical information such as provider names were there
in the email. It also contained whether the client receives
disability benefits ,medical status or condition and certain
information about the client's household members like name,
gender and date of birth.
7. It was not possible to determine specifically which clients had
personal information disclosed. Therefore, all of the clients
potentially impacted are being notified.In an announcement
made on July1 of 2013, the FSSA was telling its clients to
return the accidentally mailed documents to the local FSSA
office or to shred them. The FSSA provided detailed
information as to how the breach occurred and what steps can
be taken by individuals whose information might have been
breached to protect their credit.
3.The company should take necessary steps to improve their
computer programming and testing processes to prevent similar
errors from occurring in the future.There are some more
security tips which will help to protect the company data from
security breaches.
a)Train comany employees: Companies should train all of their
employees to use strong password to avoid dangerous links and
emails.
b)Know company data: Employees should know where
confidential data is stored and be sure to have it in a secure
location.
c)Keep track of company devices: Companies should keep track
of all the devices that employees use as a means to prevent
potential data breaches.
d)Protect company’s network:Companies need to utilize
firewalls and virtual private networks to secure sensitive
information.
e)Secure physical devices:All electronics and physical devices
should be secured and locked so that access is limited.
f)Keep facilities safe:Offices and stores should be locked to
keep them protected.
g)Protect company’s website:Companies can reassure customers
by using trustmarks on their website and utilizing strong anti-
virus software.
h)Have clear cybersecurity policies:Companies should write a
clear, well-planned policy that encompasses device use and how
to dispose of secure information.
8. i)Dispose of products the right way: When devices are no longer
being used, companies need to wipe all information from them
and physically shred all paper documents.
j)Screen employees:Companies can limit their risk by screening
employees prior to hiring them.
4. In my opinion I don’t think the company have sufficient
safeguard in prior to breach because this was the second time
the company reported large PHI security breach suffered as a
covered entity (CE) at the hands of a business associate (BA).
Once on November 9, 2010 the Department of Health and
Human Services (HHS) list of large PHI security breaches
reflects that the FSSA as the CE reported its BA. The
Southwestern Indiana Regional Council on Aging had
experienced the theft of a laptop computer containing
unprotected PHI of 757 individuals.
Example Comment
This is a great example of an accidental breach. Things like
this are more common that most people probably think. I'm
sure the clients of FSSA were NOT happy to find out strangers
might have such sensitive information about them.
I remember once I got something from my Doctor's office that
had information about another patient inserted into it. The
information included his name, address, birthdate, patient id,
and description of (somewhat embarrassing) services. I wrote a
strong letter to the billing department and cc'ed it to both my
doctor and the clinic director pointing out their HIPAA
violation. I bet they never told the other patient about it,
though. I didn't because I thought he would be horrified to
know that I knew about his rather embarrassing issue.