Scribd Logo
Upload

Welcome to Scribd!

  • Assignment 01 - Amaan Ahmad - SP22 BCT 004 - CUI

    Uploaded by

    tota10694
    12 views5 pages
    Information Security Assignment-01 (COMSATS UNIVERSITY ISLAMABAD, ISLAMABAD CAMPUS)

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Information Security Assignment-01 (COMSATS UNIVERSITY ISLAMABAD, ISLAMABAD CAMPUS)

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    12 views5 pages

    Assignment 01 - Amaan Ahmad - SP22 BCT 004 - CUI

    Uploaded by

    tota10694
    Information Security Assignment-01 (COMSATS UNIVERSITY ISLAMABAD, ISLAMABAD CAMPUS)

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    CYBER SECURITY 3RD SEMESTER

    MARCH 21, 2023

    ASSIGNMENT-01
    INFORMATION SECURITY

    AMAAN AHMAD
    SP22/BCT/004

    SUBMITTED TO DR. MUNAM ALI SHAH


    AMAAN AHMAD SP22/BCT/004 CYBER SECURITY
    3RD SEMESTER

    1. Yahoo Data Breach (2017)

    Date: October 2017


    Impact: 3 billion accounts
    URL: https://www.nytimes.com/2017/10/03/technology/yahoo-hack-3-billion-
    users.html

    Security Breach: In this


    incident, a breach of
    confidentiality occurred as the
    above-mentioned article
    explains:
    “The intruders also obtained the
    security questions and backup
    email addresses used to reset lost
    passwords” and “Digital thieves
    made off with names, birth
    dates, phone numbers and
    passwords of users that were
    encrypted with security that was
    easy to crack”.
    The New York Times labels the breach as “It was the biggest known breach of a
    company’s computer network. And now, it is even bigger”.

    How did it occur? According to the FBI (Federal Bureau of Investigations), the
    breach began with a spear-phishing email sent to an unnamed Yahoo employee. They
    further added that it is unclear how many employees received such emails however
    only one click was required for the attackers to gain access to the system.

    The attacker’s motive: According to the FBI (Federal Bureau of Investigations), the
    attack was launched by the Kremlin Intelligence Services of the Russian government
    and the Russian Cybercrime Underworld to gain access to the data and information of
    important White House, government, military, banks, and casinos personnel and
    institutions. The copies of the whole database were sold for USD 300,000 to hackers,
    spammers, and cybercriminals.

    Countermeasures: The breach happened in 2013 and 2014 however the news came
    out in 2017. After this Yahoo’s business took a huge hit and it was sold to Verizon
    Communications. Verizon merged Yahoo with AOL. Both Yahoo and AOL were then
    merged into a new telecommunications company called Oath. The FBI reported that
    Yahoo employees were not properly trained or briefed about the looming cyber
    security threats, and if the company had invested in employee training and awareness
    programs then the breach could have been prevented. A huge chunk of data could
    have been secured by communicating with their user base regularly and asking them
    for simple password resets after some time.

    SUBMITTED TO DR. MUNAM ALI SHAH COMSATS UNIVERSITY ISLAMABAD


    AMAAN AHMAD SP22/BCT/004 CYBER SECURITY
    3RD SEMESTER

    2. Marriott Hotels Data Breach (2014-2018)


    Date: The cyber-attack started in 2014, affecting the Starwood Hotels group, which
    was acquired by Marriott two years later in 2016. But until 2018, the attack/breach
    remained unnoticed, and the attacker continued to have access to all data of the
    affected systems of the hotels.
    Impact: 339 million guests
    URL: https://www.bbc.com/news/technology-54748843
    Security Breach: In this
    incident, a breach of
    confidentiality occurred as
    the Information
    Commissioner’s Office
    (ICO) said in a statement
    that names, contact
    information, email
    addresses, passport
    numbers, travel details,
    financial details, VIP status,
    and professional status of
    the guest of Marriott Hotels
    Group were leaked in the
    breach. On that basis, the
    ICO said that Marriott
    Bonvoy, the owner of the
    Marriott Hotels chain had
    failed to protect the personal data of the guests as required by the General Data
    Protection Regulation (GDPR) and hence was fined GBP 18.4M by the UK's data
    privacy watchdog.
    How did it occur? Marriott investigators discovered a Remote Access Trojan (RAT)
    allowing remote access to Marriott systems from outside of their network. The RAT
    was installed in the Starwood Hotels system, however, when Marriott Hotels acquired
    the Starwood chain and merged the systems, the RAT took control of both systems.
    The attacker’s motive: The hacking group used their access as leverage to blackmail
    the Marriott group and demand a huge amount of money, which the company did not
    pay. Hence the data was sold in the black market to the highest bidders.
    Countermeasures: The breach occurred on the database of Starwood Hotels which
    was inherited by Marriott as part of a merger. This is a common issue, and this
    incident has motivated companies to do a strict security check of both systems so that
    one infected system does not affect the other to ensure security.

    SUBMITTED TO DR. MUNAM ALI SHAH COMSATS UNIVERSITY ISLAMABAD


    AMAAN AHMAD SP22/BCT/004 CYBER SECURITY
    3RD SEMESTER

    3. Capital One Finance Company Data Breach (2019)

    Date: July 19, 2019

    Impact: 100 million customers in the United States and 6 million customers in
    Canada

    URL: https://edition.cnn.com/2019/07/29/business/capital-one-data-breach/
    index.html

    Security Breach: Paige


    Thompson, the 33-year-old
    criminal from Seattle, the
    United States, who previously
    worked as a software
    engineer for Amazon Web
    Services is accused of
    breaking into a Capital One
    server by exploiting a
    misconfigured web
    application firewall and
    gaining access to 140,000
    Social Security numbers, 1
    million Canadian Social
    Insurance numbers, and
    80,000 bank account
    numbers, in addition to an
    undisclosed number of
    people’s names, addresses,
    credit scores, credit limits, balances, and other information, according to the bank and
    the US Department of Justice, reports CNN.
    How did it occur? Paige Thompson, the 33-year-old criminal from Seattle, the
    United States, who previously worked as a software engineer for Amazon Web
    Services is accused of breaking into a Capital One server by exploiting a
    misconfigured web application firewall.
    The Attacker’s Motive: Financial motives, to become rich by exploiting Capital One
    and 30 other companies to pay her huge sums of money to retrieve their stolen data.
    Countermeasures: Along with the WAF (Web Application Firewall), the role should
    be configured using the Principle of Least Privilege (POLP). That is, to limit access to
    the bare minimum for the role to be able to perform its function. Alerting could have
    been added to notify users or groups whenever credentials are used. Access to the use
    of these credentials could also be limited to within the network.

    SUBMITTED TO DR. MUNAM ALI SHAH COMSATS UNIVERSITY ISLAMABAD


    AMAAN AHMAD SP22/BCT/004 CYBER SECURITY
    3RD SEMESTER

    SUBMITTED TO DR. MUNAM ALI SHAH COMSATS UNIVERSITY ISLAMABAD

    You might also like