Position Paper 2 - Cybersecurity

Hannah Diffee

Professor Reppert

Internet Communication

March 2025


Position Paper 2 - Cybersecurity

America's Worst Data Breaches: What Went Wrong and How to Protect Your Data

Today, cybersecurity is a significant concern for companies and individuals alike. Cybersecurity is "the practice of protecting systems, networks, and programs from digital attacks" (Cisco).

Common Forms of Cyber Attacks


Malware
Malware, or malicious code or software, is the most prevalent cyber attack. It describes programs that infect a computer, delete files and data, spy on users in the network, and change how the computer functions. The software involved in a malware attack has to be installed on the target device, making users an integral part of its spread. Malware is commonly delivered through email (links in emails appearing to come from reputable or trusted sources), websites (pop-up ads that prompt the user to click on them), and malicious code in apps or software.

Many types of malware exist, including ransomware, spyware, and trojan horse viruses

Phishing
Phishing is a cyber attack that uses fraudulent emails, email attachments, phone calls, or text messages to convince people to share their personal data (including bank account information and Social Security numbers), download malware, or send money to scammers. 

Man-in-the-Middle Attack
In man-in-the-middle attacks, an attacker secretly intercepts an interaction between two parties. The goal is to steal personal data, such as banking details or passwords, and/or convince the victim to make a financial transaction. "Broadly speaking. a MITM attack is the equivalent of a mailman opening your bank statement, writing down your account details and then resealing the envelope and delivering it to your door" (Imperva). 

Denial-of-Service Attack (DoS)
A denial-of-service (DoS) attack overwhelms a website, network, or system with large traffic volumes, slowing it down or making it entirely unusable. A distributed denial-of-service (DDoS) attack is a DoS attack that uses a network of computer systems or devices to overload a target. 


Data Breaches
According to IBM (the International Business Machines Corporation), the terms "breach" and "data breach" are often used interchangeably with "cyberattack." However, they state, "Not all cyberattacks are data breaches. Data breaches include only those security breaches where someone gains unauthorized access to data." A DDoS attack is not a data breach, but a ransomware attack that holds a customer's data "hostage," threatening to leak it unless a ransom is paid, is a data breach. 

Data breaches can have devastating effects not only on customers but also on businesses. In the event of a data breach, organizations may face financial losses and a loss of trust from customers, clients, and employees, and potential legal trouble. "Organizations may...be subjected to fines and legal implications from increasingly stringent data and privacy regulations like the European Union's General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA)" (Fortinet).

The number of data compromises in the United States has skyrocketed since 2005, demonstrating the importance of companies and everyday consumers taking steps to protect their data. 

Above: Statista Graph: Number of data compromises and impacted individuals in the U.S. 2005-2023

______________________________________________________

Biggest U.S. Data Breaches (according to UpGuard)

Yahoo
2013-2016
Impact: Over 3 billion user accounts

From 2013 to 2016, Yahoo experienced cyber attacks that compromised the personal data of nearly three billion accounts. The attacks were led by a team of Russian hackers who exploited a vulnerability to access the company's system. They stole Yahoo's cookie generation code and created fake cookies, "small files that keep users logged in without needing to re-enter their passwords" (StrongDM). This allowed the hackers to access users' accounts without needing their login information. The breach went undetected for several years.

In this data breach, hackers obtained personally identifiable information, such as:
  • Names
  • Email addresses
  • Phone numbers
  • Passwords
  • Calendars
  • Birth dates
  • Security questions
Yahoo made several crucial decisions in response to the attack, including hiring a chief information security officer, invalidating the forged cookies, setting up a two-step verification process, and answering user questions.

Image Source: CashFloat

Microsoft
January 2021
Impact: 30,000 U.S. companies and 60,000 companies worldwide
In January 2021, Hafnium, a hacker group with alleged ties to the Chinese government, breached servers using Microsoft's Exchange Program. The group exploited four zero-day vulnerabilities to access Exchange servers, allowing it to request data, utilize malware, and infiltrate other systems while appearing legitimate. "Since the requests looked like they came from the Exchange servers themselves, many people assumed it was legitimate and approved" (UpGuard). Microsoft implemented updates to patch its system in March 2021, nearly three months after the hack was first detected. However, repairing the flaws did not immediately remove hackers or the threat of another hack. 

"If the owners of the individual servers didn't update their systems, attackers would be able to exploit the system flaw again. Because the systems weren't on the cloud, Microsoft couldn't push a patch to fix the issues immediately" (UpGuard). 

Image Source: Gradient Cyber

Real Estate Wealth Network
December 2023
Impact: 1.5 billion records leaked
Real Estate Wealth Network, an online real estate training and education platform, experienced a massive data breach in December 2023. Cybersecurity researcher Jeremiah Fowler discovered the company's database, which contained the real estate records of millions of people, including Britney Spears, Nancy Pelosi, and Blake Shelton. The database was not password-protected and was exposed for an unknown time, although it included records from April 22 to October 23, 2023. It exposed personal information, including:
  • Names
  • Home addresses
  • Phone numbers
  • Property history
  • Mortgage information
  • Bankruptcy information
  • Tax IDs and other tax information
Image Source: Knox Law Center

Cybersecurity is a highly relevant issue for individuals and organizations. By prioritizing cybersecurity, organizations can protect themselves from cyber attacks, keep confidential information secure, maintain customer trust, and experience minimal financial losses. Individuals who prioritize cybersecurity can protect their personal data and minimize the risk of identity theft.

Comments

Popular Posts