Information Security Hackers Compromised the MICROS System

Question: Discuss about theInformation Securityfor Hackers Compromised the MICROS System. Answer: Part A Breach of Oracle Data: Hackers Compromised the MICROS System Introduction The Oracle Corp. has been a very large software company owning the payment system of point of sale credit card called MICROS. The MICROS have been the victim of cybercrime group organized in Russia that have been responsible for stealing over $1 billion from various businesses in the past few years (Hustad, 2013). The reports on this have been unclear regarding the number of affected individuals. However, there are over 330,000 cash registers across the world using MICROS systems. The Problem On August 8, 2016, Brian Krebs, the security expert, first announced the problem at Oracle. One customer of MICROS contacted Krebs in July about a possible major breach at the retail division of Oracle. Thus, investigation was started by Krebs with regards to the claims on 25 July, 2016. Krebs was confirmed by Oracle that there was detection and addressing of a malicious code in certain MICROS systems legacy. However, Oracle declined in its elaboration or provision for more information. Further, the Oracle asked all customers of MICROS in resetting their passwords for the online support portal of MICROS. It must be recognized that amongst the top point of sale global vendors, MICROS is one of the foremost. There are over 330,000 cash registers globally with respect to the selling of point of sale systems of Oracles MICROS division. When MICROS was bought by Oracle in 2014, the company announced the deployment of it at over 30,000 hotels plus more than 100,000 retail sites, and over 2 00,000 outlets of beverage and food (Krebs, 2016). How the Incident Happened The hundreds of computers belonging to the company have been affected by the breach. Moreover, online portal for support that has been in use for remotely addressing any issue of the customer. According to Krebs, the usernames and the passwords of MICROS could be stolen by the hackers with the plantation of malicious code in the support portal. This meant that with the logging in of the customers, the information was passed onto the attackers (Fox-Brewster, 2016). The unconfirmed report suggests that the Oracle seemingly has concerns about the cyber criminals in terms of chances that upload of malware can be by them into the systems of point of sale. Those systems have connection with the stores cash registers which could have the potential of stealing debit and credit card numbers (Fox-Brewster, 2016). The investigation is going on regarding the scope and the size of the break-in. It is also unclear regarding when the Oracle systems access was gained first by the attackers. It is believed that breach was considered by Oracle initially as having limitation to a few computers at the retail division of the company. However, after pushing new tools of security to the affected networks systems, the investigators of Oracle realized the impact of the intrusion to over 700 systems that were infected (Fox-Brewster, 2016). The malware that are based on point of sale has been responsible for driving most of the breaches regarding credit card over the past couple of years that includes Home Depot and at Target along with the breaches at the point of sale vendors (Yadron, 2016). The installation of the malware has been via tools of remote administration that has been hacked. Once in the point of sale devices, the malware is loaded by the attackers, they can be capturing the data remotely at that cash register with each card swipes. The data can be sold by the thieves to crooks specializing in the stolen data encoding onto any magnetic stripe card and the card can be used in buying high priced commodities and buying gift cards from stores such as, Best Buy and Target (Kirk, 2010). Solution The Oracle has been in the process to send to the customers of the MICROS that it said has been forcing the reset of a password supporting accounts on the portal of the MICROS. Oracle recommended their customers in changing the password for any account that the MICROS representative has used in accessing the customers on premise systems. Conclusion The coming of the breach for Oracle has been at a pivotal time. This is because, Oracle was struggling in competing with the software bigwigs such as, Google and Amazon in the services that are cloud based. The breach was more than the outbreak of malware at Oracle. However, it is unlikely that the attacking gang had the failure of grasping the power and access enormity that has been controlling the support portal of the MICROS. The concern of the company was apparent in the statements released by Oracle regarding the compromise of the customer accounts credentials at the support portal of MICROS. This support portal is usable and administered remotely and in uploading malware that can steal the card at some systems related to the point of sale of the customer. Part B 2015 Anthem Medical Data Breach Case Introduction In the healthcare industry, there was a wave of panic because of the breach in Anthem. The most valuable and sensitive information of the clients was exposed revealing the extent of the unpreparedness that the health industry was subject to the threats emanating from the sophisticated cyber criminals. The 100 million health records have been accessed by the hackers, which has been greater by 100 times than before over the FY 2015 (Zetter, 2015). The Problem The health insurer Anthems administrator noticed in January 2015 that a query that has been unusually complex is on the run on the computer network. The initial analysis was that it was the responsibility of a colleague, but it was revealed after a quick check it came from somewhere else (Terhune, 2015). After few minutes, the crisis mode showed for the Anthem. The investigators are of the belief that it was the work of Chinese hackers. These hackers operated undetected for months inside the network of the company. The access was gained by them with a trick that led to the employee clicking on a phishing email that was with a disguise and looking like a message internally sent. With the use of the credentials of the administrator, the database of the Anthem has been combed by the hackers that contained social security numbers, names and the birth dates of the people to the tune 78 million that have the enrollment since 2004 on the insurance plans (Abelson Creswellfeb, 2015). Who Were Affected and How Anthem did not have the right protection in place in minimizing the hacking risk or limiting the vulnerable information if there was a infiltration in the network. The hacking already has cost around $230 million to Anthem in consultant and legal fees. The costs were mostly covered by its policy of cyber insurance (McNeal, 2015). The general counsel of Anthem, Thomas Zielinski, however, toldthe regulators of insurance that since the breach, there have been more expenses attached to the cyber insurance. The Anthem has been considering the initial cost ofa breachto the tune of $25 million and the policy offering has been purchased by it to the tune of $100 million as additional coverage (Weise, 2015). Prevention of Attack Anthem plansspending$130 million over the period of two years for protecting its network better from the breaches. The regulators were assured by the company that its system is strengthened with the steps such as, change of password given to the administrator in every 10 hours and recruiting 55 experts related to cyber security (Abelson Goldstein, 2015). The Anthem should also be implementing two factor authentications. Further, they should be made compulsory for the users in requiring changing their passwords. The employees of Anthem should not be allowed in accessing personal information that has been beyond their jobs scope. Some users have alleged Anthem that the alerts were ignored by the company. This includes one alert that had lasting of a month. There was failure on the part of Anthem in implementing systems that would do monitoring of the data extraction and usage. Now, the company is endowed with two factor authentication for its system administrators of high level. During the Anthems audit, which took place in September 2013, the inspector general of the Personnel Management of US Office said that Anthem is possessed of vulnerabilities that have been the catalyst for hacking activity and malicious virus (Reuters, 2015). These corrective is required to taken by Anthem or it can be facing fines. How was the Attack Carried Out? The investigators of the hacks are of the opinion that the hacks emerged from China. However, there has been denial from the Chinese government with regards to their involvement in hacking. The investigators of US believe that their insurers were targeted by the Chinese hackers as it happened with Anthem, so that they can learn the way insurer databases and the medical coverage can be set up. For the sake of intelligence purposes, there is value attached to the records. One of the priorities of the Chinese government has been the healthcare challenges that they tries to address as they faces an affluent and ageing population that demands better care (Pepitone, 2015). When the discovery of hacking was made by the administrator of Anthem on 27 January, it has been the extraction of the patient datas large file. It is believed that the hackers have been for months in the system. They stayed under the radar as they run multiple queries with respect to the database in understanding it before the files have been removed (Terry, 2015). The repeating patterns were used by the hackers to extract data and altered the query slightly in avoiding detection. Then the data was removed by them followed by transferring it to an encrypted share site that has similarity with drop box. The choice of the hackers in sharing a similar site that was already used by Anthem already made it tougher to detect (Bonini, Eichler, Wathion Rasi, 2014). Conclusion The breach at Anthem had affected 80 million customers that set alarm ringing to the regulators in US. Where there is existence of breach, there is requirement for the health insurers in meeting cyber standards and subject to reporting of the federal health as per the rules. However, the Anthems vulnerability as has been exposed prompted the questions with regards to the extent to which present security standards protects data from the present days hackers. References Abelson, R., Creswellfeb, J. (6 February 2015).Data Breach at Anthem May Forecast a Trend - NYTimes.com.The New York Times. Abelson, R., Goldstein, M. (5 February 2015).Anthem Hacking Points to Security Vulnerability of Health Care Industry.The New York Times. Bonini, S., Eichler, H.-G., Wathion, N., Rasi, G. (2014). Transparency and the European Medicines Agency Sharing of Clinical Trial Data. New England Journal of Medicine, 371(26), 2452-2455. Fox-Brewster, T. (2016)Oracle MICROS Hackers Infiltrate Five More Cash Register Companies.Forbes. Hustad, K. (4 October 2013).Hackers access Adobe's source code, plus 2.9 million customer accounts.Christian Science Monitor. Kirk, J.(2010). Security company dives deep into the 'Dark Web' for stolen data.PC World. Krebs, B. (2016).Data Broker Hackers Also Compromised NW3C Krebs on Security.Krebs On Security. McNeal, G. S. (4 February 2015).Health Insurer Anthem Struck By Massive Data Breach.forbes.com. Pepitone, J. (2015). Anthem Hack: Credit Monitoring Won't Catch Medical Identity Theft. NBC News. Perlroth, N., Gelles, D. (5 August 2014).Russian Hackers Amass Over a Billion Internet Passwords.The New York Times. Reuters. (17 March 2015). Premera Blue Cross Says Data Breach Exposed Medical Data. Business Day. Terhune, C. (5 February 2015).Anthem hack raises fears about medical data - LA Times.Los Angeles Times. Terry, N. (7 February 2015).Time for a Healthcare Data Breach Review? | Bill of Health.Harvard Law School. Weise, E. (5 February 2015).Massive breach at health care company Anthem Inc.USA Today. Yadron, D. (4 May 2016).Hacker collects 272m email addresses and passwords, some from Gmail.the Guardian. Zetter, K. (5 February 2015).Health Insurer Anthem Is Hacked, Exposing Millions of Patients' Data. WIRED.