Identify a Major Breach

Identify a major breach of a virtualized environment that has occurred in the recent past (within the last five years). In a 10 page, critical evaluation of your chosen breach, review and analyze the breach along the following dimensions:

  1. What went wrong?
  2. Why did it occur?
  3. Who was responsible?
  4. How could it have been prevented?
  5. What advice would you offer to prevent such a breach from occurring in the future?

Your paper should meet the following requirements:

  • Be 10 pages in length, not including the cover page and reference page.
  • Your paper should include an introduction, a body with fully developed content, and a conclusion.
  • Support your answers with the readings from the course and at least four scholarly journal articles.
  • Cite a minimum of eight to 10 related sources—five of which should be academic peer-reviewed scholarly sources—to support your positions, claims, and observations, in addition to your textbook.
  • Be clear and well-written, concise, and logical, using excellent grammar and style techniques. You are being graded in part on the quality of your writing.

Identify a Major Breach Identify a major breach of a virtualized environment that has occurred in the recent past (within the last five years). In a 10 page, critical evaluation of your chosen breach,
7 Adobe Security Breach Student Name Institutional Affiliation Course Code Instructor’s Name Date of Submission Introduction Among the data breaches experienced around the Globe, the Adobe breach was one of the biggest of all time, affecting more than 38 million user accounts, including credit cards and personal data. After the attack had occurred in the organization, the company identified many fake user accounts and invalid passwords, which caught the attention of the security experts in the organization. The security analysts did not think it was a significant threat until they scanned the system to find gigabytes of information stolen. (Arlitsch, 2014) After occurrence of the data breach, there was need for security experts to analyze the vulnerability that had led to incident in the organization. This is where they realized that a leaky server was misconfigured under a prototype environment, making it vulnerable to criminals making criminals take advantage of it. This paper will focus on the occurrence of Adobe security breaches and how security breaches can be stopped in the future. What went wrong? Among the servers that had been installed in the company, Adobe had one leaky server, which was a cloud-based software. Despite the cloud-based software being compatible with the server, it was not well configured, and the company security experts did not know about the misconfigurations. Secondly, the software was run under a prototype environment which makes the server expose its files to the internet. (Chauhan, 2021) Since the server was not well configured and intruders could access it from the internet, they could launch a series of attacks, thus getting the information stored in the server. This was an effective strategy for the intruders as they could steal more than 38 million customer records, including their payment methods, login credentials, and other information that was essential for compromising other information associated with the clients. Why did it occur? Two factors led to the hack of adobe cloud; the first one was due to poorly configured cloud software on the prototype environment, which was not fully compatible with be installed cloud storage. Installing misconfigured program might be an issue as the security specialists might not be able to tell the vulnerabilities the problems it might have. The second reason was configuring the server under a prototype environment. This was one of the most significant risks to the company as it would be hard for the specialists to predict the issues that the prototype would have led to. Who was responsible? According to the information provided by Bob Diachenko, who collaborated with cyber security, he suggested that the exploit was made by the attackers who targeted the company using phishing scams and emails. When the attackers were targeting the company, they could pose as Adobe or a target company where they would trick the users into giving their information such as payment methods such as the, financial information, personal information, and other essential information associated with their privacy. (Alharbi, 2020) How could it have been prevented? The security experts who were testing the cloud server suggested that two main issues were associated with the cloud infrastructure. One way was shutting down access to the database after the security teams from the company identified the occurrence of the breach. Despite shutting down access to the database, the security teams shut down the prototype environment, leaving the intruders a chance to access the database where they could access the files they had stolen from the customers. The second means of attack was carried out by phishing attacks, where attackers got customers’ information using scams and emails to target their data. The company would have stopped this type of breach by adding an extra layer of security which could be hard for the intruders to bypass once they had access to customers’ files, such as the passwords. To prevent these attacks, the company would advise customers on how to prevent theft of their information, thus keeping them protected at all times. Additionally, when the company kept the customer’s records, it would have encrypted them to prevent the theft of personal data or financial information. If customers’ data, such as credit cards, were protected using encryption methods, hackers would not have access to the files as they would not have keys to extract the credit cards unless they had access to customers’ secret information. Advice that I would offer to prevent such breaches from occurring in future When advising cloud companies on how to prevent attacks, I would advise them on the advantages of ensuring that the cloud infrastructure, such as the servers, is well configured. If the cloud infrastructure is not well protected, it can lead to vulnerabilities, exploiting the risks to the organization. Secondly, when cloud infrastructure is not well configured, it can give all people from the globe access to the cloud infrastructure, which is a risk to the customer’s files that are stored in the server. When the security analysts are conducting routine checks, they should constantly monitor the codes used in different programs installed in the infrastructure. By monitoring the codes, they can tell the functionality of various codes, and if there are bugs in the system, they might know, thus taking the most appropriate actions before the codes have been exploited. Apart from testing the codes, the programmers must ensure regular updates associated with maintaining the programs’ ace to avoid intruders from getting to the system. When security experts are conducting regular updates, they should ensure that the virtual machine is always encrypted to prevent access. (Simkus, 2017) When an organization is installing a new program or environment to the cloud infrastructure, it should always ensure that the program will work according to the company’s expectations and is free from bugs. Secondly, the security experts would always ensure that a strong firewall is installed on the computer to prevent intruders from modifying the source code. If there is a strong firewall and the company’s systems are always up to date, it will be hard for intruders to access the customer’s files, thus allowing the company to retain its reputation. For attackers to have a hard time getting to the system, the company should enable two-factor authentication or one time password after the client logs in to the system. Two-factor authentication allows the company to enhance security where customers will be sent a code they must enter to get to the system. If the codes are changed regularly, it can be challenging for an intruder to get into the system, thus ensuring that the customer’s files are always protected. Inconclusively, the Adobe breach was one of the most significant data breaches ever recorded, leading to the loss of over 38 million files, including financial and personal information. After analyzing the attack, it was concluded that the company had neglected to protect customers as it stored customers’ files on a leaky server and allowed a prototype environment that had not been thoroughly tested. As a result, the company was required to pay a total of $1.2 million to resolve the customer’s claims, and it also lost its customer reputation. Reference Alharbi, F. S. (2020). Dealing with Data Breaches Amidst Changes In Technology. International Journal of Computer Science and Security (IJCSS), 14(3), 108-115. Arlitsch, K., & Edelman, A. (2014). Staying safe: Cyber security for people and organizations. Journal of Library Administration, 54(1), 46-56. Chauhan, S. S. (2021, November). A Survey on Cyber Security Threats. In 2021 International Conference on Technological Advancements and Innovations (ICTAI) (pp. 218-223). IEEE. Simkus, A. (2017). Preventing Data Breaches at Law Firms: Adapting Proactive, Management-Based Regulation to Law-Firm Technology. Ariz. L. Rev., 59, 1111.