Hi5019 Cyber Security Case Study Answers

• Internal Code :
• Subject Code : HI5019
• University : Holmes Institute
• Subject Name : Strategic Management

Contents

Introduction

Report 1: https://search.proquest.com/docview/1690499748?accountid=30552

General information of the company

Key Business Processes in the Company

Key Cyber security issues identified in each case

Risk associated with the issues

Impact of the issues on case company

Actions reported in each case to address the identified issues

Outcomes of the reported actions

Proposed actions

Suggestions for prevention

Report 2: https://www.sans.org/reading-room/whitepapers/casestudies/case-study-cis-controls-limit-cascadingfailures-attack-36957

General information of the company

Key Business Processes in the Company 

Key Cyber security issues identified

Risk associated with the issues

Impact of the issues on case company

Actions reported in this case

Outcomes of the reported actions

Proposed actions

Suggestions for prevention

Report 3: https://www.sans.org/reading-room/whitepapers/casestudies/case-study-home-depot-data-breach-36367

General information of the company

Key Business Processes in the Company 

Key Cyber security issues identified

Risk associated

Impact of the issues on case company 

Actions reported in each case

Outcomes of the reported actions

Proposed actions

Suggestions for prevention

Conclusion

References 

Introduction

Cyber security is the process or system that is used to safeguard computers, servers, mobile devices, electronic systems, networks and similar types of data against wicked attacks made in order to spoil such systems and data or to gain illegal and unauthorized access to all such devices or systems for some ulterior motives which lead to the harmful outcome for the masses. Cyber security is applicable not only for software or electronic data but is equally important and relevant for hardware functions as well. Such type of security helps to prevent any sort of interruption or misdirection of the services rendered by those systems (Dua, and Du 2016). Cyber security is gaining more and more importance day by day owing to our increased dependence on computer systems along with other internet-based services and various other wireless network-enabled features like Bluetooth and wifi. The entire world is functioning based on "smart devices" like smartphones, smart tv, and so on. Due to the complex nature of the technology involved in it cyber security has been a matter of prime challenge in today's hi-tech world. Here we will discuss three such incidents about breaching of cyber security and the various aspects associated with such cyber security breaching (Carr 2016).

Report 1: https://search.proquest.com/docview/1690499748?accountid=30552

General Information of The Company

In this case, the victims of the cyber attack had been the national and private servers of two nations- Estonia and Georgia. Both had been part of the erstwhile USSR and are now independent nations post-breakup of the Soviet Union. Both the nations share a very hostile political relationship with Russia and the cause for such countrywide cyber-attacks has been blamed to Russia as well (Mendel 2017). It is linked to some ethnic conflicts between Estonia and Russia while the same cyber attack in Georgia has been linked to civilian unrest between Georgia and the Russian supported regions of South Ossetia. Officially however Russia denied any such claims and the actual culprit is yet to be found but however this created new precedence of using the cyber attack as a means to gain political vengeance.

Key Business Processes in the Company

In Estonia, the key business processes affected were felt primarily by the disruption of the internet and email connectivity which went for a continuous period of 3 weeks affecting all types of government and private servers which also caused the blockage of many international cyber connections. The login function to the email accounts had stopped functioning (Kshetri 2017).

The main business processes that were affected in Georgia were again primarily the government servers of the nation. Such fiasco also extended to the hacking of various government websites and resulted in the changing of information shared in those websites. The domain of government information was the most affected part of this entire cyber hacking episode in Georgia (Sun, Hahn, and Liu 2018).

Key Cyber Security Issues Identified in Each Case

The main cyber security issues that were identified in the case of cyber-attacks made in Estonia had been the vulnerability of the government websites of Estonia and the ease with which they were hacked. The impact was far-reaching to the extent that all the government servers were overflown with international connection requests which challenged the server capacities and ultimately the servers went out of service.

While the security issues in Georgia had been mostly similar in nature. The capacity of the government servers got choked due to an abnormal number of ping requests and even the information domain of the government websites had been maligned by the hackers which clearly showed the weakness of the existing cyber security process that had been in place for the Georgian servers (Dua, and Du 2016).

The Risk Associated with The Issues

The risks associated with the issues in Estonia had primarily been related to national security. The extent of such a cyber attack was very deep and it predominantly targeted the government servers initially. This can be proved from the fact that even the defense minister was denied access to his official email account owing to this hacking which would further lead to leakage of confidential data related to the nation’s defense matters and similar other matters of national security as well (Kshetri 2017).

The risks associated with the issues in Georgia had been again targeted towards the government websites only which had caused widespread tampering of government information exhibited at those websites. The hackers toyed with such information with ease and this clearly showed the risk associated with such widespread tampering of national information in public.

Impact of The Issues on The Case Company

In Estonia, the impact of such a cyber attack had been very grave. The extent of the attack was extensive and the primary impact of such an attack was felt via the creation of large scale public confusion and reeling under the threat of an unknown external power to take control of the entire nation's cyberspace (Hubbard, and Seiersen 2016).

In Georgia, the impact of such a cyber attack was of total shock and awe. The entire country was taken aback and had hardly any time in hand to react to the imminent crisis. The cyberattack was able to threaten and disrupt the flow of government information without any prior intimation.

Actions Reported in Each Case to Address the Identified Issues

The actions reported in the case of the cyber attack in Estonia after identifying the issues had been as follows. With the objective of fixing the damages in the national servers caused by such an attack the news agencies belonging to the government as well as a few private news agencies had to adopt the policy of blocking any pings having international origin (Carr 2016).

The actions reported in the case of the cyber attack in Georgia after identifying the issues had been as follows. The government of Georgia, with a view to garner more international support against such cyber crimes, shifted the nation's President's website hosting to a distant server located in another part of the globe- Atlanta in the USA.

Outcomes of The Reported Actions

Outcomes of the reported actions taken in response to the cyber attack in Estonia is that it created precedence for becoming victim to such nationwide cyber hacking and placed the matter of cyber defense at par with national defense as an issue of political priority. As an outcome, NATO established a cyber defense centre in Estonia in 2008 so as to counter any such cyber attacks in the future (Ellis, and Mohan 2019).

Outcomes of the reported actions taken in response to the cyber attack in Georgia is that the international political community was made aware of such a widespread cyberattack being made on Georgia and more importance was given to develop a better cyber security system to protect the nation from any such crisis in future.

Proposed Actions

Other than the reported set of actions that have already been adopted and implemented in both the cases of Estonia and Georgia it has been proved that the existing measures of cyber security had been highly ineffective to prevent any such nationwide cyber attacks that have caused widespread disruption of information and have created countrywide confusion. In order to counter any such national crisis in future both the nations need to develop a highly sophisticated and state of the art cyber security system based on the pre-evaluation actions which denote identifying and analyzing the loopholes in the existing cyber security system and then develop it accordingly to meet the need of the hours keeping in mind the future requirements.

Suggestions for Prevention

The suggestions for preventing such issues in future would definitely include the development and implementation of a very strong national cyber security system based on the pre-evaluation approach of the existing cyber security system and also to evaluate the outcomes of such planning and implementation and to identify and resolve any gaps that can be located in the newly adopted cyber security system. Cyber security to be given a status of national security importance and should be dealt with accordingly. As a countermeasure, the cyberspace of these 2 nations should be secured by specially designed cyber protection programs.

Report 2: https://www.sans.org/reading-room/whitepapers/casestudies/case-study-cis-controls-limit-cascadingfailures-attack-36957

General Information of The Company

The name of the victim company in this case is ACME Inc. It is a conglomerate company that deals with the production and marketing of various types of products. Having their head office at Michigan City, Indiana, United States of America, they are a global brand to reckon with. In this report, we will deal with a cyber attack on the systems of organization and how the infected system reacted till the issue was addressed along with the various other aspects related to such a cyber attack (Kshetri 2017).

Key Business Processes in The Company

The key business processes that got affected in the company due to such a cyber attack are as follows. The infected machine affected the file transfer protocol service of the organization leading to the granting of anonymous access to the internal network. As a result, the network operation center was left with a huge amount of data over a securely coded channel. It also affected the data traffic in the system as without the code keys the system filed to decipher the traffic in order to recognize the content (Dua, and Du 2016). Most importantly it affected the various high priced programs in the system which included contents related to parts lists, quotations of price, and proprietary drawings.

Key Cyber Security Issues Identified

The key cyber security issues identified in this case are as follows. The forensic squad detected a malware tool that harmed the machine; they also located a temporary file that contained the directory of the FTP site listing. Since this cyber attack made the control of access to the network vulnerable hence any such illegal device or machine can lead the organization to a variety of security risks. Such illegal gadgets can cause malware or other similar types of danger to the internal areas of the organizational network (Mendel 2017). Moreover, any such illegal device would never have the required level of standard software configurations and similar technical tools. As such the protection mechanism of the organization becomes defunct.

Risk Associated with The Issues

The main risks associated with the issues are as follows. One of the risks is network-level authentication which got compromised due to this cyber attack and even affected the use of certificates to validate the gadgets. In this instance, the machine had failed to validate since the user was also unable to provide the required credentials and the connection got activated even without getting proper validation from the controlling system. Another risk associated is with the issues of data protection. It would have exposed the area where all confidential data are kept stored and leakage of such classified data would give rise to a huge problem for the organization (Hubbard, and Seiersen 2016).

Impact of The Issues on The Case Company

The impact of the issues on the company in question is as follows. Owing to this issue the data protection system of the company came under question. Here maintaining the proprietary state of the data is a very important issue. It affected access to a vital set of data without proper validation which is a gross violation of cyber security in itself. Storage of such data with unknown access is a crucial matter of failure in this particular case. It also impacted the wireless and wired options of the system and the wireless rogue detection system failed to act under this situation (Carr 2016).

Actions Reported in This Case

The actions reported in this case to address the identified issues are as follows. Violation of primary control granting anonymous access to the system was identified and reported. Those accounts that have usage rights to sensitive data were also reported for better security measures like adopting multifactor validation or using of abnormally long passwords. Another action was to report the usage of an illegal machine in granting access to the system. Actions were also reported to ensure the data protection measures so as to make sure that any such data that is preserved in the system is safe from any threats of illegal disclosure, obliteration, or modification (Sun, Hahn, and Liu 2018).

Outcomes of The Reported Actions

The outcomes of the reported actions are as follows. A wireless network was implemented with an end to gain better security measures. Additional steps were taken to guarantee that the users are granted with required training facilities related to security measures and the configuration of the network system was revamped to an extent so that such situations cannot impact the system in times to come. Another outcome was establishing a strong monitoring mechanism to detect any instances of anonymous access. So the management sensitized their workforce about the problems resulted out of data preserved in the system which are not guarded and do not have a proper backup system to support it (Joinson, and van Steen 2018).

Proposed Actions

Having a new set of multilevel cyber protection systems so as to check and arrest any scope of unauthorized access in the system. This would help in the immediate detection of such malware and appropriate corrective measures can be taken to nullify the ill effects arising out of any such breaches in the system (Ellis, and Mohan 2019). The adoption and implementation of various policies and system components are to be done on an immediate basis. Such acts would ensure a drastic improvement in the response time of the system to react to any such critical issues. Such measures can be preventive in nature or can be exactly opposite in nature as well wherein some special cases would even administer complete destruction of the infected system.

Suggestions for Prevention

In future malware detection facilities needs to be implemented at every level so that no such gadgets can get access to get connected to the internal network system of the organization. More emphasis to be given on wireless protection protocols so as to boost up the control at the configuration level. Also, the management would take the lead to sensitize and educate the workforce about the vulnerability of such breach of security and the value of information protection through the arrangement of various security alertness training programs. There must be proper maintenance of the computer systems supported by a useful detection system along with an improved response mechanism in the system (Graham, Olson, and Howard 2016).

Report 3: https://www.sans.org/reading-room/whitepapers/casestudies/case-study-home-depot-data-breach-36367

General Information of The Company

In this case, the victim company is Home Depot. Here the Home Depot has been a repeated victim of such cyber security breaches which have to lead them to malfunction of their point of sale system. In spite of their best efforts to arrest this, they have repeatedly fallen prey to such cyber-attacks and as a result, all their records for third party vendors were breached and malware was also got installed in the system which caused the disruption of the system's RAM. Even being a government organization the Home Depot could not avert such cyber threats from unidentified offenders which caused so much of disturbances in their regular operational activities (Kshetri 2017).

Key Business Processes in the Company

Some of the key business processes are the enabling of EMV chip and PIN processed payment cards which have been followed religiously by the Home Depot. It is due to the usage of such a process did the hackers took chances and became successful in breaching the cyber security of the organization on multiple occasions that caused stealing of vital and confidential records of various vendors working with the Home Depot and it also caused the malfunction of the RAM of the Home Depot system (Dua, and Du 2016). Such incidents of repeated offense clearly showed that there is some major drawback in the key business processes of the company which they have been following till date.

Key Cyber Security Issues Identified

The main cyber security issues that had been identified in this case are that all the confidential vendor details stored in the system of Home Depot had been fully compromised and stolen. Even the payment card information of numerous customers was hacked and sold such confidential information online through which the cyber-criminals can make a lot of money (Mendel 2017). Another major issue identified in this case was that such information related to payment card would be sold to various cyber brokers who would buy such payment card information from these hackers and would again sell these payment card details further to prospective customers on specific websites meant for carders only.

Risk Associated

The most inherent risk associated with this type of crime is the mass scale compromising of classified vendor data that had been preserved confidentially within the internal system of the Home Depot. Such classified information getting in the wrong hands would imply that cyber criminals can do any malicious activities based on that confidential information (Hubbard, and Seiersen 2016). Another risk that is more dangerous in nature is the pilferage of the entire payment card system of all customers who have swiped their payment cards at the point of sale of the Home Depot. The entire set of information related to such payment cards had also been breached and is expected to be used for online financial crime to generate more income via illegal means.

Impact of The Issues on The Case Company

Due to such a large scale cyber security breaches, the Home Depot had been forced to make a public announcement stating and accepting the fact that their payment card system had been compromised due to some cyber scams in which cyber criminals have breached the system and hacked to steal all confidential information from the system. As a result of such a large scale cyber fiasco, the Home Depot was compelled to declare that they would be providing free credit service to all those customers whose payment card systems were hacked while making their payment at the store and also regretted such a mishap.

Actions Reported in Each Case

As soon as the cyber breaches in Home Depot were identified and detected the case was immediately referred to the incident response team of Home Depot and that team was designing and executing the incident response plan to check and eliminate the harm and loss that has been caused and was working in unison with some of the eminent cyber security companies for further and deeper investigation. This incident has been taken as a learning issue for the Home Depot and they are using the learning taken from this cyber security breach to implement for the betterment of their own payment card mechanism by strengthening their cyber security measures to a more advanced level.

Outcomes of The Reported Actions

As a result of the reported actions, the exact extent of the cyber data breach was identified. To what extent the losses can amount and who all are the potential customers whose payment card system information got hacked was also identified. As a result of such findings, it was easier to plan for the loss minimization measures and also to make a suitable plan for compensating the loss of the affected customers so that their grievances get properly addressed and the market reputation of the Home Depot is also maintained in a positive way. So the effect of each such actions was significant for the regular business functioning of the Home Depot (Virmani, Choudhary, Pillai, and Rani 2020)

Proposed Actions

This incident of a cyber security breach should be considered as a learning experience to strengthen the existing cyber security measure of the retail business units like that of the Home Depot (Ellis, and Mohan 2019). In order to arrest any such future threats, the conventional methods of payment card acceptance have to be changed and some new and safer mode of accepting payments through payment card has to be explored and implemented. This act of cyber breach has been a matter of repeated offense only because Home Depot has been sticking to its traditional methods of payment acceptance and data preservation. New methods of data preservation should be explored and implemented to add more and better security features to the system of Home Depot.

Suggestions for Prevention

The major suggestions for preventing the occurrence of such issues in the future are as follows like opting for more modern methods to accept payment cards to be done. More encouragement to be made so that the customers use other modes of payment like chip and pin cards which have a better level of security measures to prevent any such data breach incidents also the frequency for accepting payments via mobile link methods to be used more frequently (Ellis, and Mohan 2019). The measures of point to point encryption to be adopted and implemented to check any such incidents of cyber breach in the future. With such an encrypted payment system in use, the chances of any sort of data breach can be reduced to a minimal level.

Conclusion

Cyber crimes had been the prime reason for many major incidents of financial losses across the globe. A proper estimation of the probable losses arising out of such cyber-crimes should be taken into consideration while making budget allocations for organizational planning and the investment decisions should also be made accordingly. The vulnerability of the cyber system has to be correctly identified and necessary remedial measures should be taken to prevent any such vulnerability issues existing in the system. Adopting latest cyber security updates and employing a competent set of cyber security specialists would be very useful in challenging this growing trend of cyber-crimes in an environment when the entire world is dependent on online activities via the internet for a wide range of activities ranging from business to economics and to almost every possible field of life.

References

Carr, M. 2016. Public-private partnerships in national cyber-security strategies. International Affairs, 92(1), pp.43-62.

Dua, S. and Du, X. 2016. Data mining and machine learning in cybersecurity. CRC press.

Ellis, R. and Mohan, V. eds. 2019. Rewired: Cybersecurity Governance. John Wiley & Sons.

Graham, J., Olson, R. and Howard, R. eds. 2016. Cyber security essentials. CRC Press.

Hubbard, D.W. and Seiersen, R. 2016. How to measure anything in cybersecurity risk. John Wiley & Sons.

Joinson, A. and van Steen, T. 2018. Human aspects of cyber security: Behaviour or culture change?. Cyber Security: A Peer-Reviewed Journal, 1(4), pp.351-360.

Kshetri, N. 2017. Blockchain's roles in strengthening cybersecurity and protecting privacy. Telecommunications policy, 41(10), pp.1027-1038.

Mendel, J. 2017. Smart grid cyber security challenges: Overview and classification. e-mentor, 68(1), pp.55-66.

Sun, C. C., Hahn, A. and Liu, C. C. 2018. Cyber security of a power grid: State-of-the-art. International Journal of Electrical Power & Energy Systems, 99, pp.45-56.

Virmani, C., Choudhary, T., Pillai, A. and Rani, M. 2020. Applications of Machine Learning in Cyber Security. In Handbook of Research on Machine and Deep Learning Applications for Cyber Security (pp. 83-103). IGI Global.

Remember, at the center of any academic work, lies clarity and evidence. Should you need further assistance, do look up to our Strategic Management Assignment Help