Identify one cyberattack that occurred in the last 2 years. What caused the cybe
ID: 3875686 • Letter: I
Question
Identify one cyberattack that occurred in the last 2 years. What caused the cyberattack? Do not repeat an example that has been posted previously. How did the cyberattack impact data loss, financial loss, cleanup cost, and the loss of reputation? If you were the manager of this company, what are some key steps you would have taken to prevent cyberattacks and enhance cybersecurity? Recommend information that should be in the cloud and describe which information should not be in the cloud. Be sure to include in your recommendation your thoughts on preventing cyberattacks, addressing security concerns, or strengthening network infrastructure.
I need a different answer
Explanation / Answer
Ans:
Hacking of 3.2 million Cards
Hitachi Payments Services has accepted its systems were compromised by a sophisticated malware in mid-2016, that led to one ofthe biggest cyber security breaches in the country with 3.2 million cards affected and a scare over security of card based transactions.
The National Payments Corporation of India (NPCI) had said over 600 customers had reported losses of at least Rs 1.3 crore due to the breach.
The company made the acknowledgement following the receipt of final assessment report from payments and information security audit firm SISA Information Security and said it "regrets" the inconvenience caused.
In what poses more scope for worries, the company said the amount of data exfiltrated is "unascertainable due to secure deletion by the malware".
"We confirm that our security systems had a breach during mid-2016," its managing director Loney Anthony said, adding this happened despite following adequate security measures and adopting the standards of internationally- accepted best practices.
The compromise period has been identified between May 21 and July 11. It had come out in public after a slew of banks, including those not serviced by Hitachi, approached customers making either card replacements or ATM PIN changes compulsory.
Out then, the compromise was suspected to have happened through one of the ATMs of Yes Bank, one of the biggest clients of the company.
steps to take to reduce your risk of a cyber-attack:
1. Create cyber security awareness amongst your staff
IT security systems can only go so far. You also need to be able to rely on your employees practising safe internet and network usage to achieve greater protection from hackers. Over 90% of cyber-attacks use information stolen from employees who unwittingly give it away.
This is where company-wide cyber-security education needs to be implemented and, as a starting point, it needs to cover six key elements:
2. Invest in security and backup
I can’t stress enough that every business needs to invest in multi-layered security, robust backup, and recovery systems to mitigate risk from cyber-attacks.
This is about being proactive and reducing the consequences of an attack – which, of course, is better than finding out your systems are deficient and having to suffer excessive downtime, or paying a ‘ransom’ for critical data to be decrypted or returned.
3. Stay up-to-date with all your security systems
There’s no point having a security system in place and then not keeping it up-to-date, but this is something we see all the time. The capability of attackers is increasing regularly and scams continue to evolve, which means you need to always have the latest release of definitions or software to stay protected.
This goes for all your company-owned mobile devices too, not just the technology in the office. While your employees have responsibility for using their equipment in a safe manner (e.g., deleting suspicious emails), it is still important to do your due diligence and ensure devices are regularly updated. If the mobile devices are staff owned, then BYOD guidelines for accessing the company network need to recognise security risks and implications.
4. Don’t settle for easy-to-remember passwords
Most people see passwords as an annoying part of using technology, but they are there for a reason. However, in day-to-day business operations, they are often misused.
A lot of companies make the mistake of issuing all staff default (and easily guessed) passwords and not encouraging or forcing people to regularly change them. Just google ‘top 10 passwords 2016’ and you’ll see how easy it might be to break into a network without robust password controls. A study of 10 million users in 2017 showed 17% used ‘123456’ as their password!
Place more emphasis on creating strong, unique passwords for all business-related software, hardware and devices. Ensure they are changed on a regular basis too (this can be automated). Strong passwords should be more than 10 characters long and contain a mix of upper and lower case letters, as well as numbers and other symbols.
5. Test your backups and security systems regularly
There would be nothing worse than thinking you have all the right backups and systems in place, only to discover after a cyber-attack that something wasn’t working as it should. Regular testing should be built into your IT policy to ensure that you are never left vulnerable to an attack. An untested DR or recovery plan is not a plan.