Professional Documents
Culture Documents
Page 1 of 2
Introduction To Cybersecurity
Objectives
To understand the importance of Cybersecurity, the types of threats and how to put
in safeguards to avoid cybersecurity threats
In May 2017, it was revealed that Equifax has joined other high-profile companies including
Marriott, Home Depot Inc., Target Corporation, Blue Cross and Yahoo! as a victim of
cyberattacks. Equifax is one of the largest credit-rating companies in the United States and
operates or has investments in 24 countries and employs over 11,000 employees worldwide.
Hackers gained access to the Equifax network in mid-May 2017 and attacked the company
for 76 days. In July 29, 2017, Equifax staff discovered the intrusion during routine checks of
the operating status and configuration of IT systems. This was 76 days after the initial attack.
Hackers accessed Social Security numbers, dates of birth, home addresses, and some
driver’s license numbers and credit card numbers, which impacted over 148 million people.
The security system at the company did not keep up with the aggressive company growth
and the company failed to modernize its security system. According to the report the
company did not take action to address vulnerabilities that it was aware of prior to the attack.
According to Apache, software patches were made available in March two months before
hackers began accessing Equifax data. In addition to the previously mentioned vulnerability,
the hackers found a file containing unencrypted usernames and passwords. Hackers also
found an expired security certificate on a device for monitoring network traffic. This indicated
that Equifax did not detect that data was being stolen.
(Extracted from the case scenario in Textbook MIS 10e by Hossein Bidgoli, Cengage 2020)
Page 2 of 2
Questions:
(a) Which vulnerability enabled hackers to breach the security system at Equifax?
2. Submission
Submission of work:
a. Save and upload all the completed activities as advised by your tutors.