Preventing Cyber Breaches

Preventing Cyber BreachesJacob MaloneThe digital universe is growing at an astonishing 40% every year. With this kind of growth cyber security is more import straighta sort than any time in history. Cybersecurity is the body of technologies, exploites and practices degestural to entertain ne cardinalrks, computers, programs and info from attack, toll or unauthorized portal (Rouse, 2016). In 2015 the global cybersecurity apportion hit $75B and is expected to reach oer $170B by 2020.Cyber stake has shape an international priority due to fears that cyber-attacks or security failures could lead to a global economy collapse. Cyber crime costs the global economy over US$400 billion per year, according to estimates by the nubble for strategic and International Studies. In 2013, some 3,000 companies in the United States had their frames compromised by criminals, the Center reports (Gabel, Liard, Orzechowski, 2015). These cyber-attacks fall into two main categories partes in e ntropy security and sabotage. A security breach mass be anything from targeting personal selective information to gaining trade secrets to information pertaining to bids or mergers. On the some other hand attackers my send self-renunciation of service attacks in hostelry to sabotage the infrastructure in exhibition to gain information.Since the late 1980s there have been separateal searing cyber-attacks. In 1989 the first computer worm was created by Robert Morris that spread so hastily that it shut down the major(ip)ity of the internet. Fast forward to 2008 and Heatland remuneration Systems suffered suffered from one of the largest deferred payment card information breaches in history. It is estimated that over cxxx million records were compromised. Their system was corrupted by malw be that was inserted into their lucre that recorded credit card info as it was received from retailers.Finally, in 2015, China attacked the federal official official government in which the y stole PII for over four million federal employees spanning almost every government agency. Officials said the thieves broke in by using stolen contractor logins and passwords (Nakashima, 2015). Once the attackers gained gravel to OPMs network they installed a malware software the created a backdoor. From there they were able to escalate their rights and privileges in order to access more of OPMs network. The hackers got away with names, birth dates, home addresses, and Social tribute poetry (Castelluccio, 2015, p. 79). Almost a year passed before OPM realisticized they had a job that discovered irregular SSL traffic by using a decoding legal instrument that was install a few months earlier. Once discovered they inform the find to DHS U.S. Computer Emergency Readiness Team which began the investigation.The discovery of a threat to the background investigation data led to the finding two days later, on April 17, of a risk to the personnel records. US-CERT made the discovery by loading data on the April 15 incident to Einstein, the departments intrusion- detection system. On April 23, US-CERT spotted signs of the Dec. 15 exfiltration in historical netflow data, and OPM decided that a major incident had occurred that required nonifying Congress. (Lyngaas, 2015)After a thorough investigation it was undecided how the hackers acquired the credentials from the contractor KeyPoint Government Solutions. In the wake of the disaster OPM deployed a predictive malware prevention across their network in order to sever the attackers network access. In addition, the agency apply an advanced host-based security tool to discover, quarantine and eliminate the malware (Lyngaas, 2015). In the end, the Chinese government arrested the hackers that were responsible for the attack.OPMs network was protected by one major Department of Homeland Security (DHS) program called Einstein. The Einstein system, which DHS began deploying in 2005, focuses on the perimeter of federal networks by installing sensors at Web access points and sifting through that data for vulnerabilities (Lyngaas, 2015). This system is only a first line of defense with nil else to help back it up in case of an intrusion. In order to have avoided this attack or minimize the devastation these programs needed to be accompanied with tools such as masking, redaction, and encryption.OPM could have also used data masking or redaction and encryption techniques to minimize the damage through with(p) by the attackers. selective information masking obfuscates sensitive data by substitute it with other data typically characters that will meet the requirements of a system designed to test or still work with the masked results. mask ensures vital parts of personally identifiable information (PII) (Simpson, n.d.). This is commonly used in organizations that work with sensitive data like PII. The sensitive data is masked or redacted in order to protect the information since it passes through so many hands. For example, the first five digits of a social are typically covered or masked is Xs in order to protect the information leaving only the last four digits legible. This process, once completed, is irreversible. Data encryption involves converting and transforming data into scrambled, often unreadable, cipher-text using non-readable mathematical calculations and algorithms. Restoring the message requires a corresponding decryption algorithm and the original encryption key (Simpson, n.d.). This process is used in organizations where data needs to be transferred between networks or computers. During this process the data is converted to non-legible gibberish like ciphertext. The only real way to gain access to this data is to have a specific key or password that only authorized users have access to.encryptionMaskingReversibleHighest securityTrusted with security proofs down-to-earth dataFormat-preserving and partial revealsRange and appraise preservingDe-centralized ar chitecturesFormat-preserving and partial revealsComplexNo performance impact on usageKey management nonentity need for authentication and authorization and key managementUseless without fat authentication and authorizationNot as well marketedData value destructionNot reversibleTable 1Given the scenario of OPMs data breach encryption would not have prevented the breach or blemish of data. This is largely due to the fact that the perpetrators had valid user credentials and would be able to access the network just like any other user. The best way to have prevented this attack would have been the timely detection of the intrusion. It can take days or weeks for an intruder to navigate their way around a system and successfully compromise data. During this point if you can account a breach you can contain the infiltrator before he can accomplish his mission. This could mean the difference between a ruinous breach and unauthorized user access.Since the attack DHS developed the Continu ous diagnostics and Mitigation (CDM) program. It focuses on endpoint security and identity management. Furthermore, it provides a splasher to allow network administrators to view vulnerabilities and provides continuous monitoring. Finally, it also has the ability to identify bad sectors of the network once an attacker is through the perimeter. Also, President Obama signed an Executive Order to create the Information Sharing and Analysis Organizations (ISAOs) to polisher between government and industry. The Order presented a framework for enhanced information sharing with the purpose of encouraging private sector companies to work in concert and work with the federal government to identify cyberthreats (Russo Rishikof, 2016, p. 427).In conclusion, it is highly marvellous that OPM could have completely prevented this attack. However, there are steps they could have taken in order to mitigate the devastation that was caused. Although if encryption techniques were used it would not have protected the information due to the fact the intruders were operating on a lower floor valid credentials. However, if the data was masked then a limited measuring rod of PII would have been available. Furthermore, if there was a more timely detection of the attackers the damage would have been significantly less. Finally, with the new Executive Order signed by President Obama is a step in the right direction to fort cyber security and prevent future attacks.ReferencesCastelluccio, M., (2015). The biggest government hack yet. Strategic Finance, 97(8), 79-80Gabel, D., Liard, B., Orzechowski, D. (2015, July 01). Cyber risk Why cyber security is important. Retrieved certify 07, 2017, from https//www.whitecase.com/publications/insight/cyber-risk-why-cyber-security-importantLyngaas, S. (2015, August 21). Exclusive The OPM breach details you havent seen. Retrieved marching music 07, 2017, from https//fcw.com/articles/2015/08/21/opm-breach-timeline.aspxLyngaas, S. (2015, June 5 ). Security experts OPM breach shows Einstein isnt enough. Retrieved March 07, 2017, from https//fcw.com/articles/2015/06/05/opm-einstein.aspxNakashima, E. (2015, July 09). Hacks of OPM databases compromised 22.1 million people, federal authorities say. Retrieved March 07, 2017, from https//www.washingtonpost.com/news/federal-eye/wp/2015/07/09/hack-of-security-clearance-system-affected-21-5-million-people-federal-authorities-say/?utm_term=.976d563a63f2Rouse, M. (2016, November). What is cybersecurity? Definition from WhatIs.com. Retrieved March 07, 2017, from http//whatis.techtarget.com/definition/cybersecurityRusso, K., Rishikof, H., (2016). Cybersecurity Executive Orders, Legislation, Cyberattacks, and Hot Topics. Chapman Law Review, 19(2), 427.Simpson, J. (n.d.). Data Masking and Encryption Are Different. Retrieved March 07, 2017, from http//www.iri.com/blog/data-protection/data-masking-and-data-encryption-are-not-the-same-things/