Data Breach At Equifax The Challenges And The New Cyber Threats - UNB - Assignment

2763 words - 12 pages

The world has become a global village, everything, everyone, and every business is now interrelated. Any firm that chooses to operate in isolation and not move with the trend is likely to fizzle out of business.
The emerging changes in technology today has brought about changes in the way businesses are been run. Prior to the emergence of the internet and the new innovation like the internet of things, artificial intelligence, data mining and cloud computing to mention but a few. Business owners were not prone to the kind of security threats that accompany operating business in today’s market.
Most businesses today operate E-commerce which is the business of buying and selling on the internet. Amazon, E-bay. Ali-express etc. are examples of big players in e-commerce. There are so many other smaller businesses that engage in E-business. Taking business away from the conventional open store system where people walk in and transact to online operations involves some risk which include but not limited to Credit card and debit card fraud , identity theft , unauthorized access to customer data which are issues in e-commerce business thereby hackers can hack into the merchant database obtain credit card records of unsuspecting customers to transact illegal business transaction thereby causing problems for firms transacting business in today’s market place .
Furthermore, the emergence of new technologies like the internet of things, big data, artificial intelligence, cryptocurrency, social media, and cloud computing has made firms and their numerous client vulnerable to threat. With internet-of-things, almost all products can be connected to the internet, and most of them can also be used for spying and other malicious activities which might affect firms security. (Madnick, S., Johnson, S. & Huang, K., 2019) These days, so many organization thrive on data with so many firms investing in big data. The situation wasn’t like this twenty years ago. Relevance has been attached to data nowadays, with many companies making fortunes dealing with data. This has made data theft a hotspot for hackers desperately looking for means to steal data from the data owners.
Due to globalization, some firms operate in many countries of the world with physical presence in some of these countries. As a result of this, firms operating across border need to have a centralized communication system that makes them share information across the border. (Durden, O., 2019). So many intellectual properties and business secrets are shared on these platforms which are susceptible to hacking either by competitors or general hackers. As a result of trying to operate in today’s market place, these firms have to allow their business information to be shared on the network as against the old way of having them in a centralized place thereby posing threats to firms.
In 2004, Omogui Ifueko was appointed as the chairman of Federal Inland Revenue Service and in her quest to operate a world-class tax system she sourced the help of the international monetary firm and the World Bank and one of their recommendations was the full implementation of the self-assessment regime in Nigeria a system which is a regime operational in other developed countries of the world. The self-assessment regime gave opportunity to taxpayer to access themselves to tax, pay the tax liabilities and file their returns online as against the old practice where taxpayers have to visit the tax office and tax officer assess them to tax and the liabilities thereon are paid in cash to the tax officer who on many occasions failed to remit such revenue to the government purse.
As a result of this, the service had to go automate in compliance with the IMF and the world banks recommendation. And for the first time in the history of the service taxpayers were able to file their tax returns online in 2012. In a bid to automate, and measure up to world standard, in 2013, the threat to security manifested with hackers hacking into the database and stealing vital information of taxpayers and staff which were used in defrauding some taxpayers and staffs. Phishing emails were sent to staff and taxpayers which led to the loss of vital information and money. This is an example of a threat to the security of a firm trying to do business in today’s market place.
Operating a firm successfully today comes with some market place, technological, and social forces challenges. Prior to the invention of the internet, the firm’s major problems were getting their products across to their customer, competing with their competitors for fair share of the market, keeping customers happy and staying profitable. With the introduction of the internet , doing business has changed significantly especially in today's networked, digital and internet-enabled marketplace.
MARKETPLACE FORCES: A marketplace is a platform that connects sellers and buyers together. Before the internet, the marketplace used to be the conventional malls where we have different stores but with the internet, we now have an online marketplace.
An online marketplace is a website or application that facilitates shopping from many different sources. The operator of these marketplaces may not own any inventory, their business is to present other people’s inventory to a user and facilitate a transaction example include eBay, Amazon, OFX, Rakuten, Etsy, Zibbet, etc. (Kestenbaum, R., 2017).
The major forces in the marketplace are the merchants (sellers) the customers etc. Customer satisfaction in a conventional marketplace is much easier as the seller and the buyer has direct contact and issues about product are resolved even before the customer leaves the premises of the seller in an online marketplace the operator of the marketplace needs to provide an avenue for the customer to communicate with the seller before issues can be resolved and this may have taken time and the customer could have switched to another competitor making competition in today’s market very challenging.
Another challenging issue in a marketplace is data breach since its an online market that uses network infrastructure, data spill can arise with intellectual pieces of information and business secrets been leaked to competitors. Credit card and personal information of unsuspecting customers can be breached thereby by leading to reputational issues and financial loss.
Another issue in the online marketplace is that it gives the customer access many options when it comes to making a decision on what and where to purchase. In this situation, the seller needs to be more open by providing a lot of information than it used to be in the conventional market leading to more investment in IT infrastructure.
TECHNOLOGICAL- The new technological development in a marketplace include internet of things, data mining, cloud computing artificial intelligence has changed the operation of the marketplace from the way convention way. As a result of these, there are challenges that accompany these innovations. The issue of emerging technology and changes in IT infrastructure is a challenge, regulatory compliance that comes with the use of IT infrastructure is another challenge as there are many regulations to comply with when deploying a technology.
Another technological problem is getting the qualified and experienced hands to manage the IT resources necessary for smooth operation in the marketplace.
Another technological force is getting the right vendor for your IT infrastructure getting a third-party vendor to provide the correct technological advice and equipment to compete favorably in a marketplace can be an issue.
Struggling to balance security control and achieving efficiency in business is another technological issue that can arise.
The social forces include public opinion, social media,  extreme groups, use of email marketing, social media marketing. Establishing a social media culture and been able to manage criticism on social media and making good use of feedback are the challenges social force creates in a marketplace.
The countries of the world need to be conscious of the severity of this cybercrime problem. A study conducted by cybersecurity ventures predicts these crimes will cost the world $6 trillion a year by 2021. (Rafter, D., 2018)
This is a big number, but this should not take anyone who has followed the exploits of hackers and online scammers in 2018 by surprise. Cybercrimes have become big news, with large data and security breaches at companies such as Facebook and Under Armour generating headlines, and cyber threats from foreign locales such as China and Russia threatening U.S. businesses and elections. (Rafter, D., 2018.)
In September 2018, Facebook reported that hackers exploited a network vulnerability in their system which allowed them to gain access to user accounts, potentially exposing the personal information of nearly 30 million users. Reuters said that this exposure ranks as the worst security breach in Facebook’s history. Reuters reported, too, that the vulnerability hackers attacked had existed since July 2017. This big security breach provided yet another example that the huge social media companies, even as tech-savvy as they are, are not immune to cyber attacks and this should put everyone on their toes. (Rafter, D., 2018.)
Here’s a look at some of the most troubling cybersecurity threats we saw in 2018, which are still very much active and the new ones that have been predicted by the expert in the cyber security field for 2019 and beyond.
RANSOMWARE: This is malicious software that gain unauthorized access to files or systems and prevent the users of these files and system from gaining access to them. These systems and files are thereby held hostage by the hackers using some encryption and these owners are been made to pay ransom in exchange for the decrypted key which will enable them to regain access to their files and systems. (Groot, D. J., 2019.)
Ransomware is a form of malware that takes over networks administrative access to prevent real owners’ access to the network data. Hackers use ransomware to force a business or organization to pay for access to be returned to the hijacked network (Gudmundson, E., 2018.)
Ransomware can be seen to be so old and yet so new with the first documented ransomware attack dated as far back as 1989 with the attack targeted to the healthcare industry. The attack was initiated by Joseph Pop an AID researcher with the attack termed as the “AID TROJAN” (Groot, D. J., 2019.)
Years after the attack the health sector remains vulnerable to ransomware attack with Ottawa hospital attacked in March 2016. Some other sectors like San Francisco Municipal Transportation agency also fell victim of ransomware attack in 2016 that disrupted the train ticketing system. Ransomware in 2018 and beyond will target cloud computing businesses to gain unauthorized access to data warehoused by this cloud owners in order to obtain ransom from them. (Giles, M., 2018).However, attackers are increasingly targeting more senior executives and the c-suites with the ransomware attack.
Technically, ransomware gain access to their target system through an infection vector which can be an email attachment, a pop up on the systems or messages on our various mobile system.
CRYPTOJACKING: This is one of the most emergent cyber threat. Crypto hijackers target the nodes on the network and individual systems of the target. The primary purpose of this malware is to use an individual’s computer processing power to mine cryptocurrencies without the knowledge of the target. (Gudmundson, E., 2018.) Mining cryptocurrencies require vast amounts of computing capacity to solve the complex mathematical algorithms problems required to hack a crypto network. This has encouraged hackers to compromise millions of computers in order to use them for such a malicious act.
Some of the recent cases of hacking ranged from the hacking of public wi-fi in a Starbucks in Argentina to a significant attack on computers at a Russian oil company. As cryptocurrency markets keep growing, so will the hackers’ temptation to breach many more computer networks. (Giles, M., 2018).
The cyber-attack on Equifax Credit Company in 2017 that led to the theft of over social insurance numbers, birth date and other personal data of over 145 million Americans. This led to Equifax facing a lot of regulatory issues, deep fall in its share price of Equifax and much senior staff losing their jobs. (Srinivasan, S. &Pitcher Q., 2018)
This incident is a stark reminder to all custodian of sensitive data that hackers are thinking big when it comes to targets and should rise up to this challenge. Other companies that hold lots of sensitive information will be in their sights in 2018 and beyond “Marc Goodman, a security expert and the author of Future Crimes, thinks data brokers who hold information about things such as people’s personal Web browsing habits will be especially popular targets. “These companies are unregulated, and when one leak, all hell will break loose,” he says”. (Giles, M., 2018).
SMART CONTRACT HACKING – “Smart contracts are software programs are written and stored on a blockchain that automatically execute some form of digital asset exchange if conditions encoded in them are met” (Giles, M., 2019). Many business owners are using this smart contract for almost all business transaction ranging from money transfers, intellectual property protection, etc. Though the smart contract is still in its early stage with researchers in this field finding bugs in some of the contracts so also are the hackers exploiting these flaws to defraud people in millions of dollars’ worth of cryptocurrencies.
Users in 2019 and beyond should be careful of this smart contract hacking.
ARTIFICIAL INTELLIGENCE DEFENSE POISONING – From our previous lectures, artificial intelligence is the creation of intelligent machines that function as a human. This was discussed extensively in previous classes. Some organizations have deployed artificial intelligence as a tool to detect an attack on their networks and systems. However, some highly “professional “hackers can target the data sets used to train models used in this AI and try to poison them. One of the tools used by these hackers is the generative adversarial network (GAN) which work by pitching two artificial intelligence neural network against each other. GAN can also be used to guess which algorithm the defenders are using in their AI model. (Giles, M., 2019)
The advancement in artificial intelligence has made it possible to create fake video and audio messages that are incredibly difficult for the public to distinguish from the real thing. These “fake” could be beneficial to hackers in a couple of ways. AI-generated “phishing” e-mails that aim to trick people into handing over passwords and other sensitive data have already been effective for people to fall prey to than the original ones generated by humans. Now hackers will be able to throw highly realistic fake video and audio into the mix, either to reinforce instructions already circulated in a phishing e-mail or as a standalone tactic to the get the perpetrate their evil intentions.
These cybercriminals could also use the technology to manipulate stock prices by circulating phishing emails that a will suggest to the readers that a target company is facing a financing problem or some other crisis so as to force people to engage in panic sales thereby forcing the price of the shares to go down.
INTERNET OF THINGS (IOT) SECURITY BREACH - Hacking of IOT will enable hackers to manipulate and gain access to a more personal element of their target like gaining access to their personal data. For individuals that use a smart lock, smart plugs, and smart thermostat, and individuals with life-saving devices installed in their body, etc. These group of people is more vulnerable as these hackers can easily gain access to their personal world and hold them hostage.
The new threats are so many the most important thing is for organizations to be vigilant, do a continuous backup, and stay up to date on the security of their IT infrastructure.
Not giving adequate attention and a proactive measure to the information received by Equifax on the vulnerability of the apache struts used by Equifax which the management ought to have patched on receiving the warning caused the company a huge loss both in reputation and in financial terms.
There will be other threats like banking Trojan, multifactor authentication, quantum cryptography, and electioneering hacking organization should stay watchful.

More like Data Breach At Equifax The Challenges And The New Cyber Threats - UNB - Assignment

Management Challenges In The 21st Century - NTU - Assignment

1670 words - 7 pages ... , making even more challenging for managers to ensure their processes are up-to-date and efficient to stay competitive in the market. It has also resulted in certain process to be redundant and outdated, managers must ensure that their staff stay relevant with new process and to keep them in the company. Governments have emplaced laws that either welcome free trade or increase trade barriers which make local business exposed to external threats such ...

Module1 Assignment Explaining The Data Analysis Relations - RES 5043 - Assignment

722 words - 3 pages ... voluntarily left the profession and finally interviews with school principals. The surveys should garner insight as to why teachers decide to enter the profession but also the reasons as to why former teachers leave. Principal interviews should indicate the reasons from an administrative perspective as to why a large exodus of teachers in common in many districts. Once data from these three sources has been collected, the responses shall be ...

Discuss The Problems Which May Arise In Linkage Analysis Which Uses Spatial And Temporal Data. - Assignment - Assignment

2578 words - 11 pages ... , Charles Jr killed two people and wounded 13 at his high school. His mother divorced his farther at the age of 3 and moved away from his home town, he was described as loving, well behaved however upon moving, Williams was badly bullied and his academic performance started to fall significantly and as he grew older started to become involved in drugs and alcohol and was sexually abused by his mother’s new boyfriend. (Palumbo, 2016, p.41) He began ...

Fraud And Breach Of Trust At Wells Fargo - Colorado State Business Ethics (BUS220) - Essay

747 words - 3 pages ... Financial Fraud and Breach of Trust at Wells Fargo Founded in 1852, Wells Fargo serves as a pioneer in the financial service industry having relation with some of America’s most pivotal historical events. In September of 2016, Wells Fargo’s reputation was damaged greatly when the public was informed of a scandal consisting of approximately 2 million personal bank accounts. This happened through employees opening these unauthorized accounts ...

The Fight Against Cyber Security Threat - SERC Access - Essay

783 words - 4 pages ... Cyber security induction assignment According to Goutam (2015), Cyber security is defined as processes and technologies manufactured to safeguard computers, networks, data and software from unlawful access. Experts predict that there will be approximately 200 billion connected things by the year 2020; These include cities; cars; planes; and homes (Cerrudo, 2018). Overall, I have a positive view on technology, however I also feel that it is ...

The Facebook Data Leak And Is It Okay For Companies To Sell Our Data? - Management Information Systems - Essay

2444 words - 10 pages Free ... we sign up for a service. My second source is an article on the politics of sharing personal data. This article looks at understanding the sharing of user data and understanding whether the data sharing is being purposefully shared or if it is unwillingly shared. This would help to understand the Facebook data leak and determine whether Facebooks Chief Executive, Mark Zuckerberg, purposefully shared millions of user data to Cambridge Analytica ...

The Benefits Of Deploying A Data Warehouse Platform - Sri Venkateswara College Of Engineering - Assignment

790 words - 4 pages ... hardware as a package with a relational or analytics DBMS pre-installed and configured on the requisite hardware. The server is set up with the proper amount of memory and storage, and the DBMS is installed by the vendor; all the customer needs to do is plug it in and turn it on. (Well, that's what the vendors say, at any rate.) Examples here include products from Teradata, IBM and Oracle. 4. Cloud data warehouse offerings, where the DBMS isn't ...

The Challenges And Future Of Virtual Reality - Chengdu Technology Of University - Essay

1734 words - 7 pages ... The challenges and future of Virtual Reality Virtual reality (VR) is a new technology by means of computer to control the audience's vision, tactile and hearing into a three-dimensional environment, and in this computer generated simulation environment, users would experience the feeling in the real world. And Heim (1993) also listed the main technology of content included sense of interaction and full-body immersion. In recent years, VR has ...

Canadian History - Challenges And Changes - Grade 10 History - Assignment

497 words - 2 pages ... Challenges and Changes of Making The New Canadian Flag Challenges - Canada wanted to change their flag in 1965 as the current one (Canadian Red Ensign) had the British symbol on the current flag which no longer represented Canada as they achieved its path towards sovereignty from Britain. - Many Canadian war veterans and Conservatives thought it should not be changed as it had been the flag under the many Canadians who went to war. - It was ...

Humanism And Renaissance Artistry At The Isabella Stewart Gardner Museum - Renaissance To Modern - Assignment

1846 words - 8 pages ... Yasmeen Al Idrissi Professor Milda Richardson Renaissance to Modern 8 February, 2016 Humanism and Renaissance Artistry at the Isabella Stewart Gardner Museum The Renaissance movement started in Italy during the 14th century and then spread to the rest of Europe and ended in the 17th century. The Renaissance meaning rebirth, came in between the Middle Ages and Modern History, and it acted like a link that bonded the past, present and future ...

Diverse Learners : In This Assignment The Researcher Will Look At Different Trends And Issues - American College Of Education - Assignment

1730 words - 7 pages ... this program, my colleagues and I got computers and other resources for our classroom. The last issue is the need for culturally competent teachers in the classrooms to make learning more appropriate and effective for the students. To address this issue the principal seeking to hire persons from the community when it is possible and have professional development at the beginning of the school year to let the new staff learn about the student body ...

What Are The Main Changes In French Agriculture Since 1945 And What Challenges Does It Face Today?

1612 words - 7 pages Free ... In the days following the World War II, France was a devastated and ruined country: 600,000 people had been killed, 10000 bridges and 1 building out of 22 had been destroyed, and losses were estimated at a fourth of the 1938 domestic wealth (Dallenne 2004, 196). As for agriculture, despite several serious damages, it was still a vital part of the French economy. At the time, the majority of the farms were small family holdings equipped with ...

The Detainment Of Terrorists Suspects: Does It Breach Human Rights - Trinity Anglican School / Legal Studies - Essay

1229 words - 5 pages ... Joey Muir 3/18/18 The Detainment of Terrorists Suspects: Does it breach Human Rights ‘Human Rights’ are fundamental principles entitled to each person regardless of gender, age, beliefs, or background, these rights comprise of dignity, equality and mutual respect (Australian Human Rights ...

New EU States And The Adoption Of The Euro

3551 words - 15 pages ... Table of Contents Introduction.......3 The Three Phases of Monetary Integration........4 ERM II......... 4 Maastricht Convergence Criteria.........6 Threats and Opportunities for the New States Joining the Euro.......8 Target Dates for Euro Adoption         9 The Convergence Issue         12 Real vs. Nominal Convergence         12 Conclusions         13 Bibliography         14 Appendix         15         5 ...

The Problems With Data Mining Paper - CSC 485 - Essay

3033 words - 13 pages ... such pricing results in consumers in lower income neighbors being required to pay more for online products than higher wage communities, the value of online shopping is decreased significantly. We know this and yet we as consumers continue to shop frequently at these retail locations. In our new digital age, it online seems to make perfect sense that companies choose to practice the art of Data Mining. Why wouldn’t they? The resources are there ...