Preventing Cyber Breaches

Preventing Cyber BreachesJacob MaloneThe digital universe is growing at an astonishing 40% every year. With this kind of growth cyber security is more event today than any time in history. Cybersecurity is the body of technologies, processes and practices designed to protect net produces, computers, programs and data from attack, damage or un countenance penetration (Rouse, 2016). In 2015 the world(a) cybersecurity market place hit $75B and is expected to reach everyplace $170B by 2020.Cyber risk has become an international priority due to fears that cyber-attacks or security failures could lead to a global economy collapse. Cyber crime costs the global economy over US$400 billion per year, according to estimates by the Center for Strategic and International Studies. In 2013, some 3,000 companies in the United States had their systems compromised by criminals, the Center reports (Gabel, Liard, Orzechowski, 2015). These cyber-attacks fall into two main categories infractes in da ta security and pervert. A security breach gage be anything from targeting personal data to gaining trade secrets to information pertaining to bids or mergers. On the other hand attackers my send denial of service attacks in aim to sabotage the infrastructure in order to gain information.Since the late 1980s there have been several critical cyber-attacks. In 1989 the first computer worm was created by Robert Morris that spread so hastily that it shut down the majority of the internet. Fast forward to 2008 and Heatland Payment Systems suffered suffered from one of the largest credit card information breaches in history. It is estimated that over 130 million records were compromised. Their system was corrupted by malware that was inserted into their network that recorded credit card data as it was received from retailers.Finally, in 2015, China attacked the federal official government in which they stole PII for over four million federal employees spanning almost every government a gency. Officials said the thieves broke in by utilise stolen contractor logins and passwords (Nakashima, 2015). Once the attackers gained access to OPMs network they installed a malware package the created a backdoor. From there they were able to escalate their rights and privileges in order to access more of OPMs network. The waders got aside with names, birth dates, home addresses, and Social Security numbers (Castelluccio, 2015, p. 79). Almost a year passed before OPM realized they had a problem that discovered irregular SSL dealing by using a decryption tool that was install a few months earlier. Once discovered they reported the discovery to DHS U.S. Computer Emergency manners Team which began the investigation.The discovery of a threat to the background investigation data led to the finding two days later, on April 17, of a risk to the force play records. US-CERT made the discovery by loading data on the April 15 incident to superstar, the departments intrusion-detectio n system. On April 23, US-CERT spotted signs of the Dec. 15 exfiltration in historical netflow data, and OPM decided that a major incident had occurred that required notifying Congress. (Lyngaas, 2015)After a thorough investigation it was undetermined how the hackers acquired the credentials from the contractor KeyPoint Government Solutions. In the wake of the disaster OPM deployed a predictive malware prevention across their network in order to sever the attackers network access. In addition, the agency utilize an advanced host-based security tool to discover, insulate and eliminate the malware (Lyngaas, 2015). In the end, the Chinese government arrested the hackers that were responsible for the attack.OPMs network was protected by one major Department of Homeland Security (DHS) program called head. The Einstein system, which DHS began deploying in 2005, focuses on the perimeter of federal networks by installing sensors at Web access points and sifting through that data for vuln erabilities (Lyngaas, 2015). This system is only a first line of defense with nothing else to help back it up in case of an intrusion. In order to have avoided this attack or decrease the devastation these programs needed to be accompanied with tools such as masking, redaction, and encryption.OPM could have also used data masking or redaction and encryption techniques to play down the damage done by the attackers. Data masking obfuscates sensitive data by replacing it with other data typically characters that will meet the requirements of a system designed to test or still work with the dissemble results. Masking ensures vital parts of personally identifiable information (PII) (Simpson, n.d.). This is commonly used in organizations that work with sensitive data like PII. The sensitive data is masked or redacted in order to protect the information since it passes through so many hands. For example, the first five digits of a social are typically covered or masked is Xs in order t o protect the information go forth only the last four digits legible. This process, once completed, is irreversible. Data encryption involves converting and transforming data into scrambled, often unreadable, cipher-text using non-readable mathematical calculations and algorithmic programs. Restoring the message requires a corresponding decryption algorithm and the original encryption key (Simpson, n.d.). This process is used in organizations where data needs to be transferred between networks or computers. During this process the data is converted to non-legible gibberish like ciphertext. The only real way to gain access to this data is to have a special key or password that only authorized users have access to. encodingMaskingReversibleHighest securityTrusted with security proofsRealistic dataFormat-preserving and partial revealsRange and value preservingDe-centralized architecturesFormat-preserving and partial reveals obscureNo performance impact on usageKey managementZero need for authentication and authorization and key managementUseless without strong authentication and authorizationNot as well marketedData value destructionNot reversibleTable 1Given the scenario of OPMs data breach encryption would not have prevented the breach or loss of data. This is largely due to the fact that the perpetrators had valid user credentials and would be able to access the network just like any other user. The best way to have prevented this attack would have been the timely detection of the intrusion. It squirt take days or weeks for an intruder to navigate their way around a system and successfully compromise data. During this point if you can identify a breach you can contain the infiltrator before he can accomplish his mission. This could mean the difference between a catastrophic breach and unauthorized user access.Since the attack DHS positive the Continuous Diagnostics and Mitigation (CDM) program. It focuses on endpoint security and identity management. Furth ermore, it provides a dashboard to allow network administrators to view vulnerabilities and provides continuous monitoring. Finally, it also has the might to identify bad sectors of the network once an attacker is through the perimeter. Also, President Obama signed an executive Order to create the Information Sharing and Analysis Organizations (ISAOs) to buffer store between government and industry. The Order presented a framework for enhanced information sharing with the purpose of encouraging private sector companies to work together and work with the federal government to identify cyberthreats (Russo Rishikof, 2016, p. 427).In conclusion, it is highly unlikely that OPM could have completely prevented this attack. However, there are steps they could have taken in order to mitigate the devastation that was caused. Although if encryption techniques were used it would not have protected the information due to the fact the intruders were operating under valid credentials. However, if the data was masked then a limited amount of PII would have been available. Furthermore, if there was a more timely detection of the attackers the damage would have been significantly less. Finally, with the new Executive Order signed by President Obama is a step in the right direction to strengthen cyber security and prevent future attacks.ReferencesCastelluccio, M., (2015). The biggest government hack yet. Strategic Finance, 97(8), 79-80Gabel, D., Liard, B., Orzechowski, D. (2015, July 01). Cyber risk Why cyber security is important. Retrieved March 07, 2017, from https//www.whitecase.com/publications/insight/cyber-risk-why-cyber-security-importantLyngaas, S. (2015, August 21). Exclusive The OPM breach details you havent seen. Retrieved March 07, 2017, from https//fcw.com/articles/2015/08/21/opm-breach-timeline.aspxLyngaas, S. (2015, June 5). Security experts OPM breach shows Einstein isnt enough. Retrieved March 07, 2017, from https//fcw.com/articles/2015/06/05/opm-einstein.a spxNakashima, E. (2015, July 09). Hacks of OPM databases compromised 22.1 million people, federal authorities say. Retrieved March 07, 2017, from https//www.washingtonpost.com/news/federal-eye/wp/2015/07/09/hack-of-security-clearance-system-affected-21-5-million-people-federal-authorities-say/?utm_term=.976d563a63f2Rouse, M. (2016, November). What is cybersecurity? Definition from WhatIs.com. Retrieved March 07, 2017, from http//whatis.techtarget.com/definition/cybersecurityRusso, K., Rishikof, H., (2016). Cybersecurity Executive Orders, Legislation, Cyberattacks, and Hot Topics. Chapman Law Review, 19(2), 427.Simpson, J. (n.d.). Data Masking and Encryption Are Different. Retrieved March 07, 2017, from http//www.iri.com/blog/data-protection/data-masking-and-data-encryption-are-not-the-same-things/