Module 1 Discussion Question
Search “scholar.google.com” for a company, school, or person that has been the target of a network or system intrusion within the past 5 years? What information was targeted? Was the attack successful? If so, what changes
were made to ensure that this vulnerability was controlled? If not, what mechanisms were in place to protect against the intrusion?
You must write about a real-life network/system attack that you found through your internet research. Failure to discuss a targeted attack and cite/reference the news source will result in a 0 for this entire discussion.
I am adding my classmate’s response for the above question. You will have to write response for each post in 150 words. No references needed.
Technological growth and the internet age has brought with it increased cases of cybercrimes where cybercriminals target personal information of governments, private firms, and even individual consumers. The value of data and its sensitivity to persons who own it have made cybercrimes and system intrusions very costly for the victims.
In 2017, Equifax broke the news of the system intrusion it had suffered as a company and the resultant exposure of data for approximately 143 million citizens of the United States. The other citizens who had been affected were UK citizens and Canadians, whose specific numbers were not revealed. The breach was noted to have affected online web application only with core consumer database untouched. The information targeted the names, dates of birth, residential addresses, social security numbers, and driver’s license numbers of the consumers.
The company responded to the breach by setting up a website from which customers would be able to tell if they were affected and the potential impact that it may have if their data was accessed (Nurse, 2017). Other measures included the company asking customers to register with their TrustedID premiere, which is a service used in credit monitoring from which they had to agree to a compulsory arbitration clause that would not apply to claims that may have originated from the security breach.
In the wake of the attack, and in a bid to forestall such attacks in the future, Equifax employed a new chief information security officer and rolled out comprehensive efforts to change their approach to data security. Equifax also invested more than $200 million on infrastructures that would help in securing user data, and the chief information security officer since reiterated that the company had allocated him enough resources to ensure they build hack-proof security systems. The company in the process prioritized fundamentals, and essential projects first given the need for an overhaul of most systems like vulnerability management and patching processes.
A network intrusion system from being hijacked and used, the computer equipment must have the ability to be disconnected from the network. The type of computer equipment used is very important. The most common computers used in intrusion systems are laptops which run Windows operating system. In this case, the network intrusion system would monitor the laptops which are connected to the network but it would not be able to determine any identity of the computers that are being used in the network. When a computer is not present in the network and a computer is not in the network, the intrusion system does not interfere with the operation of the network. (Alhadad, R. 2019).
A network intrusion system to be successful, there must be an entry in the intrusion database called network intrusion. This entry has to contain detailed information like IP address, MAC address, hostname, ports that are used, and all the traffic traffic that is flowing through that entry. This is an attack scenario when the attack has a purpose, and has an objective, and has a target. In an attack situation, this is a threat scenario. In an intrusion scenario the attack is carried out by a hacker using malware, or a Trojan, on a computer. The computer has become compromised. Once the computer has become compromised, the hacker enters the network and creates the network intrusion rules on the compromised computer. The computer can now be used as a target for an attack. DANE This is an intrusion system that intercepts the data traffic on the network. It looks the computers, then sends the information in the email. This is the system that can be used for monitoring the computers that are being monitored. If the intrusion system detects any login attempts from unauthorized computers, it is supposed to shut down the unauthorized users. This way, the intruder will not be able to break into your network and compromise your personal data. Network intrusion systems are very useful in preventing and containing network intrusions. These intrusion systems are installed on computers that are connected to the local network and to the internet via a firewall or router. (Poornachandran, P. 2018).