The issue of computer security breaches has always been rampant over time. The security attacks have a significant impact on companies regarding costs for amending the attacks. Also, the security breaches affect many companies regarding their reputation to the public and even minimizes the trust of the people to the companies that encounter security attacks. It has been noted that the attackers continuously modify and innovate their procedures of attacking and infiltrating companies and steal confidential information.
The breaching of data results in the exposure of confidential data to unauthorized personnel through theft or blockage. Usually, the secret information may comprise of business contract documents, regulatory documents, or even personal information documents that the attackers access and use to manipulate companies and individuals for financial gains or also tarnishing the reputation of a given company (Rid& Buchanan, 2015). This paper, therefore, aims at expounding on a security breach case at the Deloitte company in the year 2016 while focusing on the significant problem, how and why the problem occurred and the possible solutions to the challenge.
Deloitte Cyber Security Breach in 2016
The Deloitte if one of the big four companies across the globe under the list of accountancy firms. In the year 2016 November, the company was infiltrated by sophisticated personnel who hacked the security system of the company and accessed confidential emails and information concerning the plans for blue-chip clients of the company.
The perpetrators compromised the server for the worldwide emails by the use of an administrator’s account, and this allowed them to access all the available information in the server. It was noted that access to the statement required just one password and it did not require a two-step verification. All the email conversations between the Deloitte company and its 244,000 staff members were all stolen and transferred to the cloud service storage of Azure that was offered by Microsoft (Hopkins, 2017). The Azure cloud service is Microsoft’s service that is similar to the cloud platform of Google.
According to the Guardian news, it is believed that the perpetrators also had access to crucial information like passwords, usernames, IP addresses, health information and even design diagrams for businesses. It is thought that the incident was US-forced and it was so sensitive that only a few lawyers and partners of Deloitte Company were informed of the matter.
An internal investigation concerning how the breach took place has been named as a “Windham” for further studies. Cybersecurity experts have been involved in trying to investigate and analyze the exact location of the hackers through the analysis of the search trails that were made by the hackers (Hopkins, 2017). A team of experts that was selected for the investigation worked from outside the offices of the Company in Virginia where they perused through the documents that were believed to have been compromised for about six months.
According to the Guardian, it was entailed that the cloud store comprised of about five million emails and there is a possibility that hackers might have accessed them. However, when the Company was asked about the number of emails that were compromised, they responded by stating that it was only a fraction of these emails that were accessed and could not give further clarifications on the matter.
After the security breach, the Deloitte company established a comprehensive security process and then started a thorough, in-depth review that included the mobilization of specialists for cybersecurity and privacy both within and outside the company. In liaison with the process of analysis, the Company started getting in contact with very view clients concerning the issue and government regulators and authorities were informed.
According to the reports from the Deloitte company, the top management entailed that the system review enabled them to understand the activities the hacker enacted in their system and the information that had been made vulnerable as a result (Hopkins, 2017). However, it was noted that the Company did not disclose the government authorities it had contacted and as to whether it had shared with the law enforcement agency concerning the issue or not.
In conclusion, the issue of cybersecurity threat is more than just security or a technology issue; it exposes the entire business to a high risk of falling. Technology and innovation have steered great and positive strides in the field of strategic developments but also a similar manner, it has exposed the business to possible cybersecurity breaches. Deloitte Company is one of the Companies that faced the challenge of the security breach in the year 2017, and unauthorized persons accessed some of its crucial information. As a result, the Company established a security intelligence center that always oversees and ensures that there is a 24/7 hour security to the operations of the company and its customers.
One of the primary advantages of an operating system that has got a fence register is that it can relocate from one point to another and such property is very vital under an environment that promotes multi-users. In an environment with more that one user, no one is capable of determining where a program on the system may e heading to next for execution. The register for relocation helps solve a challenge by issuing out the primary address. All the programs’ addresses are not included in the primary address. A base register can also be referred to as a variable fence register.
It should be noted that a fence register promotes a lower bound rather than an upper bound. To effectively check the for overflows into unrequired regions and the totals space allocated to a particular activity, an upper limit is vital in doing these operations. For useful encounter of the challenge of lack of an upper bound, there is usually an addition of a second register. The bound register or the second register is the upper limit address. Every address of a program is forced to be on the upper part of the base address since all the information of the base register is supplemented to the base address.
This strategy safeguards a program address from being modified by a different user. When there is a shift in the execution process from program A to program B, the operating system has also to move the information of the base and bound register so that they can also show the actual space for the new user B. The shift of the bound , and the bottom is lying under the general preparation that is also referred to as content switch.
When a register pair of the bound/base is in place, then it implies that any user is effectively safeguarded from any external user. An incorrect address within a user address space will also affect the program since the bound/base overseeing the system only allows that all the addresses should be stimulated from within the address of the user at every moment.
This issue can be countered through the use of an extra pair of a bound/base resisters whereby one will be for the data space and the second one will be for program’s instruction. The first pair of register ensures the relocation and checking of the data access while the second register pair provides the relocation and verification of the preparation fetches. Even though the two pairs of register do not guarantee total security of the entire program’s errors, they minimize the effect of instruction manipulation to the data space. Nevertheless, there is an extra advantage that this pair of register allows: the ability to integrate/divide a program into two distinct parts that can be relocated differently without considering the other role.
The two characteristics tend to demand for the use of more than three pairs of registers whereby one will be for the code, the second one for the read-only data and the third one for the data value that can be modified. However, a two pair of the register is the actual design of a computer and therefore, for every addition of the register pair, an action in the code of the network for each instruction should show the relocation pair that will be used to execute the instruction operations. For more than two pairs, every command determines one of the two or more spaces of data. However, for just two couples, then we can have an automatic decision, i.e. data for one pair and the other pair for instruction.
What was the Problem?
On 20th April 2011, Sony’s network for the PlayStation and its media Qriocity services for streaming anonymously stopped working. A few hours afterward on the same day, the Sony company reported that it had knowledge concerning the network failure for some functions of its PlayStation network and that they would say back soon after they have gathered adequate information concerning the issue.
On the following day 21st April, the Sony Company responded and said that they were investigating the cause of the network failure and that the exercise would probably take a day or two before the regular services would resume. On 22nd April, the third day after the outage had occurred, the Sony Company explained that it had experienced an external intrusion which affected the Qriocity operations and the PlayStation network. Due to the security breach, they were therefore forced to switch off all their network operations so that they would carry out a more dense investigation to determine and ensure a smooth and secure operation of all its network henceforth.
Who was affected?
On April 2011, the Sony PlayStation was hacked, and it is stated that the hacker accessed about 77 million user accounts and their account information. The security breach took 23 days before it was corrected and it was indeed one of the biggest security hacks in the history of data security breaches across the globe.
According to the Sony reports, it is believed that more than 12,000 numbers of credit cards were accessed by the hacker that was in an encrypted form. However, after a thorough investigation of the Sony network services, the Company stipulated that the hackers had compromised personal information and details for 2500 of its users and a list of these users was posted on the website. The data that had been accessed comprised of addresses and names of its customers that were stored in the network’s database which had been created in 2001.
How was the Attack Carried Out?
On 4th April 2011, there was an anonymous security breach of the online services for the Sony Company which is also believed to have targeted the families and children of the employees of the Company. The attack was believed to have aimed at paralyzing or destroying the operations of the company’s services completely (Do, Hsu& O’Rourke, 2011). The company acknowledged that it was under attack by first stating that it had noted that the PlayStation network services were down and it was doing something about it.
After the attack occurred, the hackers encrypted the credit card data and other personal information that was stored in the Sony network’s database. It was also noted that the system was yet to encode some personal details and data information of its users when the security breach occurred. According to the report from the top management of the Sony company, it was confirmed that the security network mechanisms of the PlayStation services was thoroughly compromised and one of the primary databases of the company was hacked and accessed.
Sony is known to be one of the best and reliable companies that are sensitive to matters about security but how it was precisely hacked is still a question to be answered. However, a breach of the database of the PlayStation network is the primary way through which the hack was enacted (Do, Hsu& O’Rourke, 2011). The anonymous may have realized the weaknesses of the PlayStation’s network security protocols and then leaked this information to a different group of hackers – from this point now, and the gap might have been big enough to allow the attackers to execute the hack by an SQL attack interjection.
Another alternative that might have steered the attack is the release of the PlayStation 3 with a Rebug firmware that conveniently converts a PlayStation 3 into a unit developer and drives some features that are not usually accessed by customers. Through the Rebug firmware, it is believed that one can have access to Sony Company’s most trusted network for internal developer options. It is understood that once a person is in the internal developer network, he/she can access a wide range of various hacks including the use of bogus credit card information on the PSN.
What Could Have Been Done to Prevent The Attack?
Given that the Sony Company attack of 2011 was a carefully planned and executed the attack, at least Sony is a big Company should have developed a continuous model of security that would enable them to conduct a regular assessment and evaluation of the security systems of its network services (Do, Hsu& O’Rourke, 2011). Also, the Company should have done in advance investment to the appropriate tools that it would always use to protect, monitor and fish out any forms of internal security threats.
The Sony Company should have prioritized the security and safety of the company’s networks above anything else to prevent security breaches and exposure of the personal details of its customers, and through this, they would have avoided the effects and strengthened the trust of its customers. Such action would not have allowed the operations of the Company to be paralyzed or repealed in such a manner as it was for about three weeks.
Abomhara, M., & Køien, G. M. (2015). Cybersecurity and the internet of things: vulnerabilities, threats, intruders and attacks. Journal of Cyber Security, 4(1), 65-88.
Do, S. C., Hsu, X. ., & O’Rourke, J. S. (2011). Sony Corporation: The PlayStation Network Crash (A). doi:10.4135/9781526403858
Hopkins, N. (2017, November 27). Deloitte hit by cyber-attack revealing clients? Secret emails. Retrieved from https://www.theguardian.com/business/2017/sep/25/deloitte-hit-by-cyber-attack-revealing-clients-secret-emails
Rid, T., & Buchanan, B. (2015). Attributing cyber attacks. Journal of Strategic Studies, 38(1-2), 4-37.
Do you need an Original High Quality Academic Custom Essay?