Part A: Spambot Data Breach

Computer security breach is any incident that results in unauthorized access of data, applications, and services or devices bypassing their underlying security mechanism. A security breach takes place generally when an individual enters a private, unauthorized and confidential. The report throws light on recent computer security breach (Schou, & Hernandez, 2014).  

News Article – Spambot leaks more than 700m email addresses in massive data breach

Link- https://www.theguardian.com/technology/2017/aug/30/spambot-leaks-700m-email-addresses-huge-data-breach-passwords

More than 700 million email addresses, and various passwords, have spilled openly because of a misconfigured spambot, in one of the biggest information ruptures ever. As of now, a huge number of email locations and passwords have been leaked on the Internet. It might be possible that this is the biggest data dump ever in which 700 million of email addresses were exposed online (Alexhern, 2017). As per the Troy Hunt, a researcher and a person who take care of security alert site HaveIBeenPwned said that might be possible each e-mail id belongs to a person but the dump also contains some duplicate and fake addresses. There might be the possibility that the small number of users got affected. The problem was detected by the security researcher Benkow who claim that Netherlands-based Onliner spambot server encompasses of email id along with the passwords and details related to the e-mail servers. He said that it gives off an impression of being associated with a strain of malware called Ursnif, a Trojan that takes usernames and passwords and in addition managing an account record and payment card details (Leyden, 2017).

Due to this spambot, the general public got affected. As their email addresses along with the passwords were disclosed. The e-mail id might contain essential details of the users. So there can be a threat to the users of the leakage of the official as well as personal details. The personal details of the users contain bank details, some authentic documents, phone numbers, etc. there are many such details that can be saved in the email address (Gregg, 2017). The email id of the customer might include the card information. These details can be misused by the third person. This may lead to problems for the genuine users whose email ids are disclosed. The third person can make use of the card details to safeguard the same. Each and every people need to monitor credit card transactions to check the information on each transaction. Credit card users should talk to bank branch if they found any suspicious activity. The official details might be related to the details of the client and the plans of the company. These details can be used by the rival companies to overtake the competitive company. People should not keep their official details in personal e-mail id. There should be proper management of the details that one person maintains in their e-mail ids.  

The reason for a spambot is to convey a huge number of touchy messages at any given moment, yet without them being caught by the spam channels set up on all significant email frameworks. By utilizing the points of interest put away on the server, the botnet could go around a significant number of these channels, by influencing the messages to show up as though they had been sent genuinely. The data was available due to spammers failed to secure their servers. This server can allow the visitors to download gigabytes of data without any need for the credentials. It is difficult to know what number of others other than the spammer who ordered the database has downloaded their own duplicates (Newcomb, 2017).

Facts of the Case

There was millions of password enclosed in the breach that took place. According to the Hunt, the major number of passwords seems that they have been gathered from the earlier leaks. In May 2016, approximately 164 million passwords got stolen from LinkedIn. A small set of 4.2 million of the passwords was stolen from Exploit.in.

Securing of the email address should be done by the users on the top priority. The user can activate the safety measures for this users need to add a phone number to the e-mail account. Use of password on social accounts need to be carefully done. Every time user should change the password or need to set a unique password. For each social account user should set different passwords. A password manager like Dashlane will help in storing and creating unique different passwords for every account (Collins, 2017). This will generate the difficulties for the hackers to replicate the combination of the e-mail id. This is a truth that the email is first in the malware infection chain. The user should avoid clicking on links that they receive on emails. While operating the email address the user should not connect to free public Wi-Fi networks. E-mail users need to be capable enough to identify online scams. Users need to be careful while using email to services and websites.

The user should ensure that they use https so that their personal data can be communicated safely to the servers. There is various social networking website in which customer mentions their email id for daily purposes. Those social networking websites should establish security systems to keep the customer’s details secure. To avoid these kinds of an incident will not take place again in the future. There are many websites in which customer details related to email id and password is must to access the website. Users should avoid using their personal and official email id everywhere.

Massive ransomware cyber-attack hits nearly 100 countries around the world

Link- https://www.theguardian.com/technology/2017/may/12/global-cyber-attack-ransomware-nsa-uk-nhs

A ransomware digital assault that may have begun from the burglary of “digital weapons” connected to the US government has hobbled doctor’s facilities in England and spread to nations over the world. According to the security researchers through Kaspersky Lab said that they recorded 45,000 attacks in approximately 99 countries. These 99 countries include UK, Russia, India, Ukraine, Italy, Egypt, etc. telecommunication like Telefonica also got infected in Spain (Wong, and Solon, 2017). Basically, Ransomware is one of the types of malware that blocks the access to the computer or its data. Apart from it this malware demand for the money to get a release from the blockage (Mercaldo, Nardone, Santone, & Visaggio, 2016). The problem starts when the company gets in touch with this malware. Once the company gets infected with this ransomware, the important documents and files get encrypts. To save the documents and files company need to pay the amount of $300. Basically, the companies were not able to access the files. The company was also in a threat that they will not be able to restore the data and information due to encryption of the information.  

Impact of the Case

All the computer and web users were affected with ransomware. Computer users of different industries across the world got affected with this malware. NSAGOV disclosed that the malware was established to attack hospitals. Most of the hospitals got affected with this malware (Smith, Ortiz, & Mccausland, 2017). This was the reason due to which the patients got affected. The functioning and activities got affected due to the ransomware malware. Different organizations including France’s BNP Paribas SA, U.K. publicizing monster WPP Plc and Hamburg-based Beiersdorf AG, the producer of Nivea and Labello lip medicine, were additionally adapting to the aftermath. The working of the company got affected, the activities of the business come to an end. The confidential details of the company will get a leak in the market. The company needs to bear the legal replication due to leakage of the confidential details (Wire, 2017). The company can face the issue related to the brand value of the company. The details of the company which should not be disclosed in front of the public will be disclosed. This affects the customers as they change their perception for the companies. This can impact the goodwill of the company in the market (India Times, 2017).

By 12^th May the ransomware had spread to the United States and South America; however, Europe and Russia remained the hardest hit, as per security scientists Malware Hunter Team. The Russian inside service says in regards to 1,000 PCs have been influenced. This attack used malicious software called “WanaCrypt0r 2.0” or WannaCry, which exploits exposure in Windows. The ransomware asked users to pay $300 worth of cryptocurrency Bitcoin to release the important files (Mullen, Larson, & Burke, 2017). For instance, a hospital in Los Angeles paid approximately $ 17,000 in bitcoin to ransomware hackers. The reason being they want to save the documents that contain useful information. After some time people actually started paying the amount that helps in raising the payment from the users. Ramson message transaction is available in 28 languages. This malware attracts in the system through e-mail. The malware was made accessible online on 14 April through a dump by a gathering called Shadow Brokers, which guaranteed a year ago to have stolen a reserve of “digital weapons” from the National Security Agency (NSA). At the time, there was distrust about whether the gathering was overstating the size of its back.

 The affected companies can take Prevention from the attack. The companies can keep the backup of the details for the near future. Backup of all the details that are essential for the company’s working should be done. This can prevent the companies from paying the amount to restore the information. Spam e-mail should not be entertained by the users. The attack was done through emails only; people who opened these spam mails they started facing the problem on their computers (Wermuth, 2017). There should be privacy on the use of the laptop by the users. This prevents the usage of the laptop and computers by other users. There should be restricted use of the websites, not all the sites should be accessible on the computers. The reason being du e to the use of the unauthentic sites, the malware can affect the computers (AFP, 2017).

Reasons for the Attack

The use of antivirus can help the users in identifying the spam material and can prevent the computer from different kinds of malware. There are different types of tools that can be used by the users such as Anti-Exploit, Anti-Malware, Anti-Espionage, and Anti-Ransomware. These tools help the users to prevent the computers from any kind of issue related to the cyber-attack (Jang, Yun, Woo, & Kim, 2014). Bitdefender Anti-Ransomware is a free security tool that can fight against the ransomware attacks.

Conclusion 

The emergence of technology can be harmful to the general public. There are many cases that took place in the past few months related to the computer security breach. The paper talks about the two cases one talks about the leak of more than 700 million e-mail ids along with the passwords, other talks about the ransomware malware attack on the computers.

References 

AFP. (2017). Massive cyber-attack hits nearly 100 countries. The Express Tribune. Viewed on 8^th September 2017.  https://tribune.com.pk/story/1408701/fast-moving-cyberattacks-wreak-havoc-worldwide/

Alexhern. (2017 August 30). Spambot leaks more than 700m email addresses in massive data breach. The Guardian. Viewed on 8^th September 2017 https://www.theguardian.com/technology/2017/aug/30/spambot-leaks-700m-email-addresses-huge-data-breach-passwords

Collins, T., (2017 August 30^th). Change your email password now! More than 700 million account details are leaked in the biggest spambot dump ever. Daily mail. Viewed on 8^th September 2017 https://www.dailymail.co.uk/sciencetech/article-4836496/More-700-million-email-addresses-leaked-spammers.html

Gregg, K., (2017). SPAMBOT LEAKS MORE THAN 700M EMAIL ADDRESSES IN MASSIVE DATA BREACH. Viewed on 8^th September 2017. https://boardtownblast.com/spambot-leaks-more-than-700m-email-addresses-in-massive-data-breach/

India Times. (2017 May 13^th). Massive Ransomware Attack Hits Nearly 100 Countries, Stops Computer Networks Worldwide. India Times. Viewed on 8^th September 2017 https://www.indiatimes.com/technology/news/massive-ransomware-attack-hits-nearly-100-countries-stops-computer-networks-worldwide-321535.html

Jang, J. W., Yun, J., Woo, J., & Kim, H. K. (2014, April). Andro-profiler: anti-malware system based on behavior profiling of mobile malware. In Proceedings of the 23rd International Conference on World Wide Web (pp. 737-738). ACM.

Leyden, J., (2017). Open and accessible’ spambot server leaks 711 million records. Viewed on 8^th September 2017 https://www.theregister.co.uk/2017/08/30/spambot_leak/

Mercaldo, F., Nardone, V., Santone, A., & Visaggio, C. A. (2016, June). Ransomware steals your phone. formal methods rescue it. In International Conference on Formal Techniques for Distributed Objects, Components, and Systems (pp. 212-221). Springer, Cham.

Mullen, J., Larson, S., & Burke, S., (2017 May 13^th). World reels from massive cyberattack that hit nearly 100 countries. CNN Tech. Viewed on 8^th September 2017. https://money.cnn.com/2017/05/13/technology/ransomware-attack-nsa-microsoft/index.html

Newcomb, A., (2017). Data Breach Exposes 700M Email Addresses — And Some Passwords. NCB News. Viewed on 8^th September 2017. https://www.nbcnews.com/tech/security/data-breach-exposes-700m-email-addresses-some-passwords-n797421

Schou, C., & Hernandez, S. (2014). Information Assurance Handbook: Effective Computer Security and Risk Management Strategies. McGraw-Hill Education Group.

Smith, S., Ortiz, E., & Mccausland, P., (2017 May 13^th). Huge Cyberattack Hits Nearly 100 Countries With ‘Wanna Decryptor’ Malware, NBC NEWS. Viewed on 8^th September 2017. https://www.nbcnews.com/news/world/national-health-service-cyberattack-hits-english-hospitals-hackers-demand-bitcoin-n758516

Wermuth, S., (2017 May 13^th). ‘Biggest ransomware outbreak in history’ hits nearly 100 countries with data held for ransom. ABC NEWS. Viewed on 8^th September 2017. https://www.abc.net.au/news/2017-05-13/biggest-ransomware-outbreak-in-history-hits-nearly-100-nations/8523102

Wire, C., (2017 May 12^th). More Than 75,000 Ransomware Cyber Attacks Hit Nearly 100 Countries. KTLA. Viewed on 8^th September 2017. https://ktla.com/2017/05/12/more-than-75000-ransomware-cyber-attacks-hit-nearly-100-countries/

Wong, J.C., & Solon, O., (2017 May 12^th). Massive ransomware cyber-attack hits nearly 100 countries around the world. The Guardian. Viewed on 8^th September 2017 https://www.theguardian.com/technology/2017/may/12/global-cyber-attack-ransomware-nsa-uk-nhs