Computer Security Breaches Security and Privacy

Question: Discuss about the Computer Security Breachesfor Security and Privacy. Answer: Introduction There are several cases of computer breaches encountered every year by cyber experts and in most of cases the main reason for these security breaches is lack of maintenance of security and privacy. The purpose of this report is to discuss about a news of computer security breach and a case of popular hack on web. Discussion This segment of report is based on discussion about news of computer security breach that happened in 2015 and selected case of computer security breach is US Navy that suffered with data breach. Part-A What was the Problem? It is announced by the US Navy that personal data of 1, 30,000 recruited men was accessed from laptop by hacking. It is notified by the HP Enterprise Services to US Navy about the breach and said that one of the laptop of the Navy was operated by their employee to backup a Navy contract was compromised. The hacked information from laptop consists of the names and social security numbers of 134,386 former and current sailors. This computer security breach was taken seriously by Navy and they also said that it is a matter of trust of our sailors. The huge amount of data was stolen from laptop by hackers and the reason of this can be lack of usage of advanced security parameters by Navy (Esecurityplanet.com, 2017). How and Why it Occured? The main reason is not yet specified by US Navy for this breaching but after knowing about this case, it can be estimated that the security of authorization was not applied properly. The Vice Admiral Robert Burke said that they are in early stages of their investigation and doing all potential efforts for those who are affected by this breach. The investigating team of US Navy will notify all sailors who are affected by this incident and will elaborate them what is actually happened and why it has happened (Databreachtoday.in, 2017). What are the Possible Solutions? According to statements of US Navy, they are doing all potential efforts to resolve this problem of computer security breach. The Navy Criminal Investigative Service is handling overall process of investigation of this case and they have no evidence for misusing of information. In list of possible solution, it is also an effective solution that will be implemented by US Navy (Information Age, 2017). Besides this, US Navy is also improving its monitoring services, so that they can keep record of users of their computers and laptops. Besides this, following solutions can also be implemented b US Navy to get prevention from this type of breaches (Roi Perez, Olenick, Correa, Correa, Perez, 2017). US Navy should be aware about available software security updates and security patches that must be installed into computer systems and laptops for enhancing its security. Advanced anti-virus should be installed into system to control virus attacks. It is common that while downloading something from internet then some kind of virus can be entered into our system. In this case, anti-virus can help to identify virus from system and to fix it properly (Leadem, 2017). The information of US Navy is very much confidential, so maintain its long term security, high level security professionals should be hired (com, 2017). If above listed possible solutions will be implemented by US Navy then at some extent, computer security breaches can be controlled (Masters, Correa, Correa, 2017). Part-B The cases of information hacking, phishing and virus attacks are increasing day by day. In this segment of report, we will discuss a popular hack case on web. The selected popular hack case is UK Second only to US in DDoS Attacks. In this hacking case, DDoS distributed denial of service attack was occurred on UK organizations in 2016 (ComputerWeekly, 2017). What was the Problem? The United Kingdom second only to the US in being targeted by distributed denial of service attacks. The aim of this attack was to damage, disrupt businesses or extorting money from businesses. The main problem here is increasing rate of DDoS attacks in UK that targets small and medium sized organizations. This trend of DDoS attack also interpreted into high-profile assaults (ZDNet, 2017). Who were Affected and How? As we know that the problem of Distributed Denial of Service attack is increasing in UK at high rate and due to this many people have been affecting for last few years. According to analysis, more than 40% of targets have already targeted with this attack more than once and 16% targets are targeted more than five times (IdentityForce, 2017). The percentage of repeated attacks is increasing. In this way different people from different locations in UK are getting affected by DDoS attack (Morgan, 2017). How was Attack Carried Out? This attack of Distributed Denial of Service by hitting network layer. Through network layer, hackers try to restrict access of server for all systems that are attached with it. After this attack, no user was able to access any website in UK. This was most vulnerable attack of DDoS. The attacks of network layers has become common and these attacks are also growing in size (MakeUseOf, 2017). What could have Been Done to Prevent the Attack? The above discussed attack of DDoS is so much vulnerable and if it will not be controlled on time then heavy loss can occur. Now it is duty of UK government to implement possible solutions to get rid of this problem. In this case, security of network layer and application layer is very much necessary and UK government is doing all potential efforts to get rid of this problem. Besides this, following solutions can be used for prevention from DDoS attack. The early identification of DDoS attack is very much necessary. If we are using our own servers then it is our responsibility to identify when we are under attack. As sooner as possible we will find the problem, it will become easier to find solution for that. The DDoS attack is implemented on network layer so it is necessary to defend network perimeter. To achieve this, some technical measures can be taken to reduce effect of DDoS attack. Some technical measurements include limitation of router to prevent web server from overcome, use filters to tell router to drop packets from possible source of attack and set lower UDP flood drop threshold and ICMP. After knowing that our server is under attack, we should quickly make call to service provider for help. It is necessary to keep emergency number of ISP or Hosting provider to get quick response. To handle this type of vulnerable attacks, the help of specialists should be taken. So according to above discussed case, it will be better to call DDoS specialist. The DDoS mitigation organizations have large scale infrastructure and it uses advanced and variety of technologies to resolve problem of DDoS. In this way above discussed possible solutions will be helpful for the United Kingdom to control issues of DDoS attacks. Conclusion After this whole discussion we can say that during this type of network attacks, heavy loss of data is possible. Therefore, it will be better to keep backup of data periodically that can be used easily by users to perform other activities and to make important decisions. The IT professionals should be aware about these small techniques to protect important data from damage. Besides this, above discussed solutions should also be implemented properly. References Masters, G., Correa, D., Correa, D. (2017). EU privacy regulators query Yahoo CEO on breach. SC Magazine UK. Retrieved 6 April 2017, from https://www.scmagazineuk.com/eu-privacy-regulators-query-yahoo-ceo-on-breach/article/569605/ Roi Perez, C., Olenick, D., Correa, D., Correa, D., Perez, R. (2017). US Navy suffers data breach. SC Magazine UK. Retrieved 6 April 2017, from https://www.scmagazineuk.com/us-navy-suffers-data-breach/article/575165/ ZDNet. (2017). These were the biggest hacks, leaks and data breaches of 2016. Retrieved 6 April 2017, from https://www.zdnet.com/pictures/biggest-hacks-security-data-breaches-2016/ ComputerWeekly. (2017). UK second only to US in DDoS attacks. Retrieved 6 April 2017, from https://www.computerweekly.com/news/450303032/UK-second-only-to-US-in-DDoS-attacks Esecurityplanet.com. (2017). 6 Tips for Fighting DDoS Attacks - eSecurity Planet. Retrieved 6 April 2017, from https://www.esecurityplanet.com/network-security/5-tips-for-fighting-ddos-attacks.html Databreachtoday.in. (2017). Latest breaking news articles on data security breach. Retrieved 6 April 2017, from https://www.databreachtoday.in/news Morgan, L. (2017). List of data breaches and cyber attacks in September 2015. IT Governance Blog. Retrieved 6 April 2017, from https://www.itgovernance.co.uk/blog/list-of-data-breaches-and-cyber-attacks-in-september-2015/ IdentityForce. (2017). Recent Data Breaches | September 2015. Retrieved 6 April 2017, from https://www.identityforce.com/blog/recent-data-breaches-september-2015 Leadem, R. (2017). From the DNC to Mark Zuckerberg -- Here Are the Worst Hacks of 2016. Entrepreneur. Retrieved 6 April 2017, from https://www.entrepreneur.com/slideshow/279740 Information Age. (2017). Top 10 most devastating cyber hacks of 2015. Retrieved 6 April 2017, from https://www.information-age.com/top-10-most-devastating-cyber-hacks-2015-123460657/ Calyptix.com. (2017). Top 5 Cyber Attack Types in 2016 So Far. Retrieved 6 April 2017, from https://www.calyptix.com/top-threats/top-5-cyber-attack-types-in-2016-so-far/ MakeUseOf. (2017). 5 Of The Worlds Most Famous Hackers What Happened To Them. Retrieved 6 April 2017, from https://www.makeuseof.com/tag/5-of-the-worlds-most-famous-hackers-what-happened-to-them/