Has your company (or school) been the target of a network or system intrusion? What information was targeted? Was the attack successful? If so, what changes has your company (or school) made to ensure that this vulnerability has been controlled?
System Intrusion
The following write-up is a discussion on system intrusion, information targeted and changes made to a system a case study of Premera Blue Cross. Premera Blue is a health insurance and not for profit company with headquarters in Washington DC. The company has more than 2.5 million customers. The company system intrusion was discovered on January 2015. It was suspected that the system was hacked from May 2014.
The system intrusion in Premera Blue Cross targeted customers’ information. It took up more than 11 million customers’ records (Murphy, 2017). The intrusion was successful and was detected by iSight that found suspicious domain that spoofed the official Premera website. The information targeted included; Social Security numbers, credit card numbers, email and mailing address, clinical information, and phone numbers. This information is vulnerable to insurance fraud and blackmail to the company’s customers (Saleem et al., 2008). The information could also be used for banking fraud as a result of the information breach (Snedaker, 2013).
Medical records and bank records are valuable to cybercrime and it was important for the company to make changes and control vulnerability. First, the Company embarked on offering a two years free credit monitoring to all affected customers. Secondly, the company installed an intrusion detection system (IDS) that was meant to monitor the system for any malicious activities. Lastly, the company advised it customers to change their passwords, security questions, and avoid clicking email links or files from suspicious emails (Snedaker, 2013). These change ensured that the system is monitored for future attacks and information breached was not to be used by the attackers.
References
Murphy, C. J. (2017). Healthcare Industry Held Hostage: Cyberattacks and the Effect on Healthcare Critical Infrastructure (Doctoral dissertation, Utica College).
Saleem, K., Luis, S., Deng, Y., Chen, S. C., Hristidis, V., & Li, T. (2008, May). Towards a business continuity information network for rapid disaster recovery. In Proceedings of the 2008 international conference on Digital government research (pp. 107-116). Digital Government Society of North America.
Snedaker, S. (2013). Business continuity and disaster recovery planning for IT professionals. Newnes.
75000+ Completed Assignments
100% Secure Payment
