Page 106 - Data Science class 11
P. 106

• CEO phishing attacks: As we know that CEOs have access to confidential information in a company and also have
          access to important company property, they sometimes become a target of cyberattacks. CEO phishing attack is a
          cyberattack in which cybercriminals impersonate the CEO and ask employees to transfer funds from accounts, send
          confidential information like that of human resource or reveal secret data.
           • Misuse of USB drive: Malware carried in on a USB drive can cause a security threat to a company. Malware includes
          viruses, worms, trojans, hybrids, and spyware that steals, encrypts, modifies or removes company data.
           • Password attacks: Users' passwords are cracked either by guessing a possible password or through a dictionary
          attack by cyber attackers. To prevent such attacks, employees must ensure strong passwords and account lockout
          policy, that locks out a user after a certain number of wrong attempts.
           • IP spoofing: In Internet Protocol (IP) spoofing, an attacker tries to convince a system that it is communicating with a
          trusted entity like a trusted website. Therefore, the attacker provides an IP address known to the system instead of its
          real IP address to gain access by breaking system's firewall.


        1.6 rEaL LiFE casEs oF insiDEr attacks

        Insider attacks can lead to a variety of repercussions, from fines for non-compliance with cybersecurity necessities to
        the loss of customer trust. Given below are the most common outcomes of a successful attack:

        Some real-life cases of insider attacks are given as examples here. They demonstrate common motivations for attacks
        and sources of insider threats. These incidents also show how a single attack can cause harm to a company.

        1.6.1 case #1: Employee negligence caused the Data Leakage

        This is a case of Microsoft customer support database. This database contained 250 million entries, accumulated
        during 14 years, that were leaked. The database contained emails and IP addresses of customers, geographical
        locations and notes made by Microsoft support agents. The database remained publicly accessible for a month. The
        company secured the data on the same day the breach was reported.

        Since the leaked data did not contain personal information and the company immediately sealed the breach and
        notified the affected users, Microsoft suffered no penalties. However, Microsoft got fortunate that the insider-caused
        data breach was discovered at the end of 2019. Few days later, the California Consumer Privacy Act took effect on
        January 3,2020. This law inflicted a fine of $750 for each individual hurt by a breach. Under the new law, Microsoft
        could have been fined millions of dollars.
        From the onset of December 2019, Microsoft deployed a new version of Azure security rules. Microsoft employees
        misconfigured those rules and caused the accidental leak. Access to the database wasn’t secured with a password or
        two-factor authentication. Also, the company could have limited the detection time immensely by keeping track of
        user records and reviewing activity with sensitive assets.


        1.6.2  case #2: compromised third-party application by marriott hotel group
        The famous hotel group Marriott Jewish used to provide guest services through a 3rd party application. In January
        2020, the hackers gained access to over 5.2 million records of hotel’s guests. These records contained personal
        information like names, gender, birthdays, contact information, loyalty account details, personal preferences, etc.
        Marriott’s security team noticed dubious activity and sealed the insider-caused security breach at the end of February
        2020. The investigation of this incident is ongoing. It is reported that Marriott may face serious penalties because the
        stolen data included personal information. This isn’t the first data breach investigation for the company since Marriott
        is still fighting a £99 million (approximately $124 million) GDPR fine for a 2018 data breach.





          104   Touchpad Data Science-XI
   101   102   103   104   105   106   107   108   109   110   111