Wednesday, December 4, 2019

Security Breach at OSHA Samples †MyAssignmenthelp.com

Question: Discuss about the Security Breach at OSHA. Answer: Introduction Information Security has grown to become the most researched area in the present scenario. It is because of the reason that there are a number of security issues that have emerged and there are also a great use of the information sets by the users and business organizations all across the globe. There are data sets that fall under the category of public, private, sensitive, critical, personal and shared classes. The security and privacy of the information in all of these data sets is equally important. It is, therefore, required to be made sure that none of the security occurrences and events takes place and there is no breaching/leakage of information as well. One of the recent security breach and the ransomware attacks that took place a couple of months back has been covered and analyzed in the report. Security Breach at OSHA OSHA is an abbreviation for Occupational Safety and Health Administration which is a United States Government agency that operates in the department of labor. Because of the nature of operations and the line of business, the information that OSHA is associated with comprises of sensitive health information. In accordance with the latest development in the technological area, OSHA made a decision to move and convert its entire database in the electronic form. However, the decision backfired as the organization fell victim to a massive breach of information security in the month of August, 2017. The breach resulted in the breakdown and a complete shutdown of the electronic reporting system at OSHA. There was a web-based form that was present in the application to provide the employees with the ability to submit the details on injuries and associated information electronically. An injury tracking application was launched by OSHA on August 1, 2017 so maintain an automated record of all the reported injuries. Soon after, certain pages of the application became inaccessible and it gradually led to a shutdown. The sensitive health information of the patients was exposed to the unauthorized entities leading to a serious occurrence of a computer security breach (Gonzalez, 2017). The worst impact of the breach came down on the employees of OSHA along with the patients that have reported their injuries. The personal and critical data of these entities went in the hands of the malevolent elements. Such computer security breaches also impact the brand image and the market value of the organization that happened in this case as well. OSHA has to bear the rage of the customers and also lost a huge amount of its customer base (Tornone, 2017). The primary threat agent that the attackers made use of in case of OSHA was the weak link in the form of an unsecure access point. The injury tracking application was launched in OSHA on August 1, 2017 and such an application was being implemented for the first time at the agency. The development and the implementation team must not have taken the adequate measures which led to the presence of a weak access point. It became major security vulnerability and the same was utilized by the attackers to cause security breach and attack (Golla, 2017). Networks have been found to be prime threat agents in the recent times. It is through the aid of these networks that the attackers and other malicious entities succeed in gaining entry to the systems and the information. The countermeasures that OSHA may have adopted are in the form of the network based automated systems and tools. These tools have been created to perform various activities and operation to enhance the network security. For instance, there are tools that may perform advanced detection of the intruders and can also implement the preventive measures for the same (Bertino, 2015). There are also automated tools that have been created for the enhanced security of the network through continuous and advanced monitoring and control. The attackers succeeded in breaking through the access control mechanisms that were implemented at OSHA. The agency must have made sure that proper access control mechanisms were deployed and used. With the use and implementation of advanced access control, it is possible that the authorized users only pass through the access gates and the unauthorized users are restricted. There are advanced access control protocols that have been developed that grant the access on the basis of user roles and privileges. The same process should have been implemented in OSHA to protect the internal and external connections. Advanced authentication may also have been used in the form of multi-fold authentication measures comprising of a mix of biometric mechanisms, one time passwords (OTP) and single sign on (Wangen, 2017). Physical security of often not paid much attention by the organizations after the development of the automated tools and applications. However, the relevance and importance of the physical security measures must not be ignored. The presence of physical security mechanisms at all the entry and exit gates of the organizations must be ensured and shall also be reviewed at an timely basis. There have been advancements that have been done in the areas of malware protection with the development of numerous anti-malware packages. These packages can prevent the attack of malware such as viruses, worms, logic bombs and Trojan horses. Denial of service attacks are also common in the current times which can be prevented and controlled through automated anti-denial tools. Planning and analysis are the two major activities that have a lot of significance in every activity. There are many analytics tools that have been developed that may assist in the process. These analytics tools can bring up the trends and patterns that are present in the execution of the security attacks by the malevolent entities. These tools make use of data from different data sources and analyze all of the data to reveal the interesting trends. Also, it is necessary for the organizations to include only the defense mechanisms that are applicable to the requirements of the organizations. It shall be ensured that a plan is put in place before the implementation of the prevention and detection methods. Ransomware Attack May 2017 Occurrence of security attack or risk is not a rare phenomenon in the current era. There have been multiple incidents that have been reported in the past. However, there are some incidents that take place that cause a lot of damage. There was a ransomware attack that was launched at a massive scale in May, 2017. Ransomware is defined as a type of a malware which leads to the blocking of access of the systems that are targeted and the unblocking of the same can be done only after providing a ransom amount to the attackers. WannaCry took place at a global level and cause damage to various systems and applications spread in over one hundred and fifty countries. The malware was a kind of a cryptoworm that blocked user access on the systems that has Microsoft Windows as the operating system. Encryption of the user data and information present within the system was done and the ransom that was being demanded to unlock the access was in the measures of the Bitcoin cryptocurrency (Wong Solon, 2017). The first occurrence was reported by National Health Staff (NHS) in the United Kingdom on 12th May, 2017. NHS experienced the uncontrolled shutting down of its systems and applications and there was a message being displayed that stated that $300 (230) was required to be paid as ransom. The reporting of the incident by NHS was soon followed by the reporting by many other European countries. The incident also impacted a huge number of business applications and systems in Russia. It is being stated that Russia was the country that was affected the most. Many of the private and government institutions were impacted by the ransomware attack in Russia (Hern Gibbs, 2017). Countries such as Germany, China, Taiwan, India, Malaysia, Thailand, Singapore, Spain, and Portugal etc. also reported of the similar cases and occurrences. Worms are the malicious codes that are intentionally designed to cause damage to the systems and the malware spreads on its own. There are many malicious codes that demand human intervention of some form or the other to be triggered. However, the case is not the same with worms. These cryptoworm were used in WannaCry that led to the damage at such a massive scale (Bbc, 2017). The first step that was carried out by the attackers was the exploration of the security vulnerabilities and loopholes associated with the systems having Microsoft Windows as their operating system. EternalBlue was one of the security vulnerabilities that were identified in the Windows-based systems. The vulnerability that was found demanded the implementation of the security patches to control the attack using the same. However, the Shadow Brokers was the group of the attackers that made the vulnerability available in the public in the month of April, 2017. The same vulnerability was used to give shape to WannaCry. The primary reason that was present with the launch of WannaCry was the existence of the security loopholes and vulnerabilities. With the presence of so many security threats and issues, all of the security vulnerabilities shall be analyzed carefully and an immediate action must be taken to overcome the same. There was negligence that was observed by the users and the business organizations that allowed the attackers to easily make advantage of the same (Palmer, 2017). There are steps that Microsoft could have taken to ensure that the users had complete information of the security vulnerability and weakness that was present. The awareness could have been made with the aid of the social media platforms and with the use of email exchanges with the customers. It would have provided the users with the ability to easily detect the loopholes at their end and the fixes would have been made (Erlich Zviran, 2010). Malicious codes have the ability to spread to a number of systems that are connected with each other and the spread takes place at an extremely rapid rate. The infected systems lead to further reproducibility of the codes and there are scenarios wherein it becomes extremely difficult to put a control on the transfer of these codes. The same situation happened in the case of WannaCry as well. The malicious code made use of the security vulnerability and the cryptoworm was launched. The organizations and the users must have made use of the technically and logically advanced tools such as anti-denial, anti-malware and intrusion based detection and prevention. These tools would have generated alters regarding the presence of such malicious codes and the corrective measures would have been taken (Al-Hamdani, 2009). There are many loopholes and insufficient knowledge that is present with the users as well. Users are still not aware of the common security issues that take place and the basic security practices that they must follow. Such events lead to the occurrence of unintentional and accidental attacks at the end of the user. There shall be campaigns and sessions that must be carried out to increase the user knowledge and awareness in this area. Conclusion It is essential to put a check on the security attacks to make sure that the necessary properties of the information are protected and secured. These properties include integrity, availability and confidentiality of the information. References Al-Hamdani, W. (2009). Three Models to Measure Information Security Compliance. International Journal Of Information Security And Privacy, 3(4), 43-67. https://dx.doi.org/10.4018/jisp.2009100104 Bbc. (2017). Massive ransomware infection hits computers in 99 countries - BBC News. BBC News. Retrieved 23 August 2017, from https://www.bbc.com/news/technology-39901382 Bertino, E. (2015). Security and privacy of electronic health information systems. International Journal Of Information Security, 14(6), 485-486. https://dx.doi.org/10.1007/s10207-015-0303-z Erlich, Z., Zviran, M. (2010). Goals and Practices in Maintaining Information Systems Security. International Journal Of Information Security And Privacy, 4(3), 40-50. https://dx.doi.org/10.4018/jisp.2010070103 Gollan, J. (2017). Labor Department blames data breach for injury reporting sites shutdown. Reveal. Retrieved 23 August 2017, from https://www.revealnews.org/blog/labor-department-blames-data-breach-for-shutdown-of-employee-injury-reporting-site/ Gonzalez, G. (2017). Security breach shuts down OSHA electronic reporting application - Business Insurance. Business Insurance. Retrieved 23 August 2017, from https://www.businessinsurance.com/article/20170816/NEWS08/912315224/Security-breach-shuts-down-OSHA-electronic-reporting-application Hern, A., Gibbs, S. (2017). What is WannaCry ransomware and why is it attacking global computers?. the Guardian. Retrieved 23 August 2017, from https://www.theguardian.com/technology/2017/may/12/nhs-ransomware-cyber-attack-what-is-wanacrypt0r-20 Palmer, D. (2017). Your failure to apply critical cybersecurity updates is putting your company at risk from the next WannaCry or Petya | ZDNet. ZDNet. Retrieved 23 August 2017, from https://www.zdnet.com/article/your-failure-to-apply-critical-cyber-security-updates-puts-your-company-at-risk-from-the-next/ Tornone, K. (2017). OSHA halts new online reporting following security breach. HR Dive. Retrieved 23 August 2017, from https://www.hrdive.com/news/osha-halts-new-online-reporting-following-security-breach/449551/ Wangen, G. (2017). A framework for estimating information security risk assessment method completeness. International Journal Of Information Security. https://dx.doi.org/10.1007/s10207-017-0382-0 Wong, J., Solon, O. (2017). Massive ransomware cyber-attack hits nearly 100 countries around the world. the Guardian. Retrieved 23 August 2017, from https://www.theguardian.com/technology/2017/may/12/global-cyber-attack-ransomware-nsa-uk-nhs

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.