- This topic has 11 replies, 12 voices, and was last updated 3 years, 7 months ago by Kridsada Sirichaisit.
-
AuthorPosts
-
-
2020-09-20 at 10:12 pm #22675Wachirawit SupasaParticipant
Two phishing attacks on Minnesota DHS breach 21,000 patient records
Provide a brief description of the story.
Two Minnesota Department of Human Services employees fell for phishing email results in leaking 21,000 patients records that contain identifiable information. While this incident has been hidden from IT department, it occurred for more than a month period. There are reports that Email containing the malicious links also been sent to other employees too, suggesting that hackers target Minnesota’s agencies.
What is the impact of this data breach? Consequences of the data breach.
Identifiable information (name, phone numbers, social security numbers, employment information and other personal data) has been exposed to the hackers.
How did the data breach occur?
Two Minnesota Department of Human Services employees clicked malicious links in the Email. While the news didn’t report technical details but I suspected that the link leads to the installation of malware that can send data from the originated computer to the hacker’s destination.
What should be the main cause of the data breach? Provide a brief explanation of the cause of data breach, such as phishing, ransomware, HIPAA violation, database misconfiguration, human error, third-party vendor error)?
The main reason for this incident is phishing and failure of user security. The lack of policy that governs how user uses the computer that connects to the network.
How could you prevent this data breach attack? To prevent these incidents,
I would like to separate security measures into five sections.
First, user security, I would like to set up a policy about Email in the workplace and create a phishing awareness workshop. Personnel who attend will understand about phishing and consciously aware before clicking any link in the Email.
Second, system security by setting up anti-spyware that regularly scan and update its database to prevent malware infection.
Third, the database security by encrypting all identifiable data so hackers cannot use our data without a key such as encryption with two-factor authentication.
Fourth, software security by update computer software regularly because some malware used system exploitation to obtain our data.
Fifth, network security by set up a firewall that blocks malicious Email from an incoming connection or unidentifiable port that we did not use.
-
2020-09-23 at 9:43 pm #22706Sila KlanklaeoParticipant
I agree with this measure. I think user awareness of cybersecurity is a top priority.
-
2020-09-26 at 8:01 pm #22779Sittidech SurasriParticipant
I also agree with your provided information. I would like to add more information for how to prevent data breach (Phishing):
1. Never Click on Hyperlinks in Emai.
2. Never Enter Sensitive Information in a Pop Up Window.
3. Verify HTTPS on Address Bar.
4. Protect Against DNS Pharming Attacks.
-
2020-09-26 at 11:20 pm #22793Khaing Zin Zin HtweParticipant
Thank you for stating your opinion on how the data breach occurred. It would be a lot more comprehensive if the consequences of identifiable information exposed can be added to the report. And it is very precise of you to separate prevention measures into different categories.
-
2020-09-26 at 11:48 pm #22798NaphatParticipant
For cyber security policy is a great idea and need for set up information system and risk management.
Thank you for useful information. -
2020-09-28 at 11:29 pm #22836SaranathKeymaster
Your proposed preventive measures are well defined and cover all aspects to prevent this kind of attack. 🙂
-
2020-09-29 at 10:09 pm #22861Phone Suu KhaingParticipant
This is a very interesting case study! Your preventive measure are extremely useful also. According to brief description of the story, the incident was hidden from IT department for more than one month which worsen the situation. So, I’d like to add one thing for all staff which is “Communication”. If staff communicate each other and inform you IT department earlier, it would not be much worsen like this. Also, IT staff also has to communicate and educate about phishing emails and other preventive measures with understandable language to all users.
-
2020-09-29 at 11:41 pm #22871Ornpicha ThiampolParticipant
I love how to describe preventive. It’s easily to understand and cover all topics that we should concern.
-
2020-09-30 at 4:20 am #22879Saravalee SuphakarnParticipant
Thank you for your great explanation. Your prevention measures are very clearly and covered all sensitive points of the system security. One of the weak point of this situation is the late detection of IT team. In my opinion, the organization should add the system monitoring protocol or plan to detect the thread as fast as possible.
-
2020-09-30 at 11:01 pm #22902Navinee KruahongParticipant
Well done for a really good explanation on prevention measures!
-
2020-10-02 at 1:52 am #22910Kaung Khant TinParticipant
Thank you so much for this informative report. As I am also assigned to this case, it’s a great opportunity for me to learn new things from your report. I like the way you present your ideas. It is so systematic and clear. And the message you would like to deliver reach to the reader in an efficient way. Bravo!
-
2020-10-20 at 11:17 pm #23438Kridsada SirichaisitParticipant
I agree with your security policy. In may firewall can detect abnormal traffic that networking admin can review this data to identify the infected clients.
-
-
AuthorPosts
You must be logged in to reply to this topic. Login here