IT Security for Equifax Data Breach - myassignmenthelp.com

Question: Discuss about theIT Security for Equifax Data Breach. Answer: Equifax data breach What was the problem behind the incident? Equifax is known to be one of the massive cyber security incidents till date. The massive attack took place in the mid of 2017. The breach came to light on 29th of July in the year 2017 (Mikhed Vogan, 2015). The personal credentials of number of people were at stake. Names, social security numbers, date of birth, personal addresses and driving license number were unethically hacked by some unauthorized source (Mikhed Vogan, 2015). The website application of the company was exploited by the cyber criminals to access the confidential resources of the US Company. Equifax is well-known among the credit reporting companies in the US. The company provided their clients with information regarding their financial records. Who were impacted? As per the reports, nearly 209,000 consumers confidential were at stake and around 182,000 US customers personal information were exposed to the criminals (Gressin, 2017). Reports also suggested that the clients from Canada as well as the UK were also equally affected from the data breach. The number of affected people reached to a 148 million by the end of the attack (Gressin, 2017). The hacked information of the consumers can be utilized by the criminals for illegal purposes. The 148 million populations of US were suffering from theft of identity because of this data breach and the incident to haunt the commoners for the coming years as well. How the data breach took place? The data security breach of the Equifax was due to the vulnerability in their software which was used to run their website application known as the Apache Struts. Although the vulnerability is resolved by Apache in the March, 2017 but there still remained minor faults in the software (Mikhed Vogan, 2015). In a shorter span of time the attackers took this software vulnerability to their advantage and hacked their web servers. Equifax was reported number of times regarding this vulnerability and by US CERT, Apache and the Homeland Security department (Berghel, 2017). They were even provided with suggestion to fix these bugs but even after repeated efforts Equifax could not fix the issue with the software. During this period, the attackers hacked the companys website and stole all the relevant information regarding their clients as well as accessed the databases of the company. Equifaxs response towards the data breach was also not appropriate. The clients were informed about the incid ent post six weeks after the data stealing took place. Steps that should be taken to prevent the data breach Equifax was reported beforehand about its software vulnerabilities. The company serves millions of people thus instant response to such risks was essential. Considering the safeguarding of the personal information of these millions of people spontaneous response of the company regarding this matter was desirable. In context of this data breach it can be said that Equifax was slow and negligent in resolving these issues before hand. Automated monitoring of the website application as well as the website environment can be made more innovative and improved. For example, incorporation of artificial intelligence (AI) based tools might have been instrumental in detecting the suspicious behavior of the online application (Anandarajan, D'Ovidio Jenkins, 2013). In case the theft is detected in the initial months of the year 2017, the company could have resisted this massive cyber attack. Stringent application testing could have reduced the risks of such massive attacks. Integration of much secured practices for the purpose of developing the Apache software could have significantly reduced the risks of such cyber attacks. Improvised application testing would have sufficiently helped in reviewing the encryption text (Mikhed Vogan, 2018). In the process the Apache vulnerability could have been identified at the time of developing the software and the bug could have been fixed by the programmer at that instant of time. The Equifax could have well prepared itself to resolve the matter post attack. The layered approach of security handling could have been helpful considering the impact of the attack. Quantum key distribution Concept of Quantum key distribution (QKD) QKD can be defined as the utilization of the beams of laser in order to transmit cryptographic keys in a much secured manner. QKD well implements the concept of quantum properties that the photons under laser beams can showcase. QKD can be immensely beneficial in encrypting messages which are to be transmitted through an insecure communication channel (Liu et al., 2013). The security feature of QKD mainly depends on the basic laws of the environment and nature, which are very less prone to attacks or thefts. This improves the computational power, enhances the algorithm for the new attack. QKD can efficiently solve the challenges posed by the classical approaches of key distribution. QKD can ensure stringent security for the purpose of transferring the keys of as it enables constant generation as well as sharing of one-time keys (Tang et al., 2014). Mechanism of QKD QKD utilizes the basic characteristics involved in quantum mechanics. Measuring of the quantum system can hamper the desired system performance. Therefore, if an eavesdropper tries to divert or stop a quantum transmission it will possibly leave traces that could be detected easily by the system. It will be dependent on the communicating parties weather they wish to discard the attacked information or reduce the amount of information in that corrupted message. Implementation of QKD mainly involves a fiber quantum channel that would be used for transmitting the quantum states between the sender and the receiver. It is not necessary for this channel to be secured. An authenticated link for communication between the sender and the receiver will be used for performing the post-processing stages before proceeding with the transmission (Tang et al., 2014). This link is also used for distilling a secret as well a correct key. A protocol for the purpose of key exchange is incorporated in QKD. This protocol with the help of quantum properties detects the unnecessary errors as well suspicious attacks on the keys (Vallone et al., 2014). The protocol can also calculate the amount of information that has been lost due to the attack. The potential scope for the leakage of information and the possible errors are resolved during the process of privacy amplification and error correction thus ensuring security to the shared key. Classification of QKD The following are some of the approaches for securing the shared keys with respect to the QKD: The approach of discrete value is sometimes incorporated in QKD. In discrete value QKD all the quantum information are encoded in the form of discrete variables. This technique utilizes only one photon detector for the purpose of measuring the quantum states in the receiver end (Lo, Curty Tamaki, 2014). The next approach is the continuous variable QKD also known as CV-QVD. In CV-QVD, all types of quantum information is encoded with respect to the amplitude as well as phase quadratures of the subsequent coherent laser. In this technique, homodyne detectors are incorporated for measuring the quantum states in the receiver end (Jouguet et al., 2013). Future trend of QKD The emergence of QKD has potentially increased the security of the personal keys. This concept has a huge potential considering the present scenario of uncertainty. A number of QKD networks have been already implemented across the globe and major experiments are still in progress. The future research of QKD involves extending the range as well as increasing then data transmission rate of QKD (Vazirani Vidick, 2014). The limitation in the range of QKD has been posed because of the unavailability of the quantum repeaters. Quantum repeater scan potentially increase the SNR ratio thus enhancing the quality of signal (Vazirani, Vidick, 2014). The future scope of QKD also involves integration of satellite technology in the QKD infrastructure in order to expand the range of the QKD networks. Present researches suggest that the present range of the QKD is 400 km. Further research in this field can possibly enhance the usability of QKD. Network security fundamentals and firewalls Comparison between different types of Firewalls Types of Firewall Architecture Functionality Computational cost Speed Applications Market share Packet filtering firewall Packet filtering is achieved by configuration of the access control on the switches or the routers ACL is specified with the filter rules. This type firewall applies ACL as soon as the traffic enters the interface Strictly checks all the packets as per the rules of the Network administrator. The corrupted packets are dropped or updated for information. The information that are required for the purpose of filtering are source and destination IP address, address of the transport level, interface and the IP protocol Lower in cost This firewall is recommendable for high speed networks. This type of Firewall can filter the packets in different ways. This means that different rules can be applied for different incoming as well as outgoing packets. Other than this, packet filtering firewall is considered to be more efficient. Simpler to deploy. In 2017, the market share of this type of Firewall was 15.9%.( Modi, et al., 2017) Application proxy firewall This Firewall mainly works on the application layer found in the OSI model providing protection to the defined layers of the application protocol. It works on the conjured protocol. Sometimes it is also configured as that of the caching servers. In this type of Firewall application all the entering packets are processed until it reaches the application layer. The firewall verifies only those packets which are legitimate. In the process, the firewall also ensures weather the data within the packet is secured (Hayajneh et al., 2013). Cost-effective This Firewall is relatively slower compared to the other Firewalls. The processing of the incoming packets up to the application layer consumes more amount of tine with respect to the other Firewalls in the market. This Firewall gives a vivid description of all the relevant connections and the as well as the application data. The firewall can filter the data on the application layer as well as packets on the transport layer simultaneously (Fernandez, Yoshioka, Washizaki, (2014). As per the reports, the market share of this firewall was 14%( Modi, et al., 2017). Stateful packet filter firewall The architecture of the stateful filter Firewall involves the utilization of 3, 4 and 5 layer of the OSI model. Each time after establishing the TCP as well as the UDP connection this type of Firewall logs data in the in the respective session flow table (Rathod Deshmukh, 2013). This Firewall mainly functions in the transport layer as it regulates all the relevant information regarding the connections (Hu et al., 2014). Stateful packet filter firewall monitors the TCP connections as well as the UDP connections. This Firewall is bit costlier compared to the three other Firewalls. This type of Firewall is relatively slower compared to that of packet filter Firewall as it requires more time for the purpose of processing. This firewall is similar to that of the packet filter. It comprises of all the major features of the packet filter (Rhodes-Ousley, 2013). The added advantage of this Firewall is that it monitors and keeps on checking all the ongoing connection. The market share of this Firewall is 12.6%.( Modi, et al., 2017). Circuit level gateway firewall Mainly deployed in the session layer of the OSI model. Its architecture is similar to that of the three way handshake model of the TCP. Similar to the TCP it constantly checks weather the connection is relevant or not (Kim Feamster, 2013). Extensive screening is done before establishing the connection. In this type of Firewall any information which are required to send to a computer which are outside the network coverage have to pass through a gateway. Inexpensive This type of Firewall is considered to be more secured considering the gateway it provides for external communication. The market share of this Firewall was found to 10.6% as per the reports of 2017( Modi, et al., 2017). References Anandarajan, M., D'Ovidio, R., Jenkins, A. (2013). Safeguarding consumers against identity-related fraud: examining data breach notification legislation through the lens of routine activities theory.International Data Privacy Law,3(1), 51. Berghel, H. (2017). Equifax and the Latest Round of Identity Theft Roulette.Computer,50(12), 72-76. Fernandez, E. B., Yoshioka, N., Washizaki, H. (2014). Patterns for cloud firewalls.AsianPLoP (pattern languages of programs), Tokyo. Gressin, S. (2017). The Equifax Data Breach: What to Do.Federal Trade Commission, September,8. Hayajneh, T., Mohd, B. J., Itradat, A., Quttoum, A. N. (2013). Performance and information security evaluation with firewalls.International Journal of Security and Its Applications,7(6), 355-372. Hu, H., Han, W., Ahn, G. J., Zhao, Z. (2014, August). FLOWGUARD: building robust firewalls for software-defined networks. InProceedings of the third workshop on Hot topics in software defined networking(pp. 97-102). ACM. Jouguet, P., Kunz-Jacques, S., Leverrier, A., Grangier, P., Diamanti, E. (2013). Experimental demonstration of long-distance continuous-variable quantum key distribution.Nature photonics,7(5), 378-381. Kim, H., Feamster, N. (2013). Improving network management with software defined networking.IEEE Communications Magazine,51(2), 114-119. Liu, Y., Chen, T. Y., Wang, L. J., Liang, H., Shentu, G. L., Wang, J., ... Ma, X. (2013). Experimental measurement-device-independent quantum key distribution.Physical review letters,111(13), 130502. Lo, H. K., Curty, M., Tamaki, K. (2014). Secure quantum key distribution.Nature Photonics,8(8), 595. Mikhed, V., Vogan, M. (2015). Out of sight, out of mind: consumer reaction to news on data breaches and identity theft. Mikhed, V., Vogan, M. (2018). How data breaches affect consumer credit.Journal of Banking Finance,88, 192-207. Modi, C., Patel, D., Borisaniya, B., Patel, A., Rajarajan, M. (2013). A survey on security issues and solutions at different layers of Cloud computing.The journal of supercomputing,63(2), 561-592. Rathod, R. H., Deshmukh, V. M. (2013). Roll of distributed firewalls in local network for data Security.International Journal Of Computer Science And Applications,6(2). Rhodes-Ousley, M. (2013).Information security: the complete reference. McGraw Hill Education. Tang, Y. L., Yin, H. L., Chen, S. J., Liu, Y., Zhang, W. J., Jiang, X., ... Yang, D. X. (2014). Measurement-device-independent quantum key distribution over 200 km.Physical review letters,113(19), 190501. Vallone, G., DAmbrosio, V., Sponselli, A., Slussarenko, S., Marrucci, L., Sciarrino, F., Villoresi, P. (2014). Free-space quantum key distribution by rotation-invariant twisted photons.Physical review letters,113(6), 060503. Vazirani, U., Vidick, T. (2014). Fully device-independent quantum key distribution.Physical review letters,113(14), 140501.