Big four accounting firm suffers client data exposure

docx

School

George Mason University *

*We aren’t endorsed by this school

Course

320

Subject

Information Systems

Date

Apr 3, 2024

Type

docx

Pages

4

Uploaded by roberts6edgeorellana

Report
1 Case Study 4 Big four accounting firm suffers client data exposure. Robert Orellana-Alvarez School of Business, George Mason University MIS 320: Networks and Security Professor Huang November 8, 2023 1. Knowing how the firm Deloitte responded, what would you have done differently? The Deloitte cyberattack happened almost one year before it was officially announced. A team expert did seven actions when the attack was happening. Those actions were taking prompt action to halt and confine the onslaught, determining the attack's extent and magnitude, establishing the attacker's target, examining the materials the hacker was aiming for, reaching out to affected clients, notifying the police, and making more deliberate efforts to improve our entire security architecture. The expert team consists of team members who work for Deloitte and other members who work for another company. The main way that the attacker gets access to email information is by gaining access to the Deloitte cloud-based email platform. I am not sure exactly what the steps of preventing a cyberattack were for Deloitte, but I see that to log in you did not need two-factor authentication so just know the password works for anyone. Like the same thing that the university uses for students and staff to log in to any university web service, I would have implemented two authentications so an employee would know that his account is being logged in and know if it is the employee or is not logging in. In terms of determining the attack's extent and magnitude and determining what the attacker performed on the email platform, the team examined the event logs, and it utilized this knowledge to direct its assault strategy. Tracking the hacker is not enough when the hacker is taking personal information so that is why if I oversaw Deloitte, I would hire a red hacker
2 Case Study 4 because it would stop the hacker and punish the hacker. Tracking was not the only thing that Deloitte did while the attacks were happening, analyzing the targeted attacks was another action that Deloitte did during the attacks. A cloud-based email platform was the attacker's aim. This system stands apart from other Deloitte platforms, such as those that store client data, facilitate professional collaboration inside the company, act as engagement systems, and function as non-cloud-based email systems. Not one of these was affected. The forensic analysis carried out by our in-house cyber professionals in collaboration with external specialists has informed us that the attacker's primary objective was to get active credentials. I would analyze what the management team did so there would be no difference in terms of analyzing the targeted attacks. Unstructured data—email, specifically—was implicated in this occurrence. Deloitte was able to ascertain the attack's true nature by carefully examining the logs, and it was discovered that the attacker's target list included only a tiny portion of the platform's total email communications. With great care, we evaluated the type of material in each targeted email message as we manually reviewed each one, document by document. Extremely few cases where there could have been active credentials, personal information, or other sensitive information that affected clients were found by performing this eyes-on inspection. Analyzing and reviewing the targeted attacks were the best ways for the management to stop the attacks without hiring any extra people. Deloitte got in touch with each of the extremely few affected clients. It was a great idea to alert the affected clients but if I oversaw Deloitte, I would alert every client regardless of if they were affected or not just the same way that the university alerts about things that happens around campus. Deloitte promptly got in touch with government authorities. The Deloitte multi-factor authentication (MFA) rollout, which was in progress at the time of the assault, was finished, and the management team extended their centrally managed privileged access management system. Deloitte’s MFA system is now active for all users of the cloud-based email system as well as for users with elevated access credentials. 2. What are some steps you think the firm could have taken to prevent this incident?
3 Case Study 4 The best way to prevent this incident was to establish the MFA earlier. I know that it is not possible to go back in time but at least that the MFA is a way to prevent the attack from happening again. In addition to hiring a red hat hacker, the firm could have hired a white hat and a grey hat hacker. The white hat hacker could be used to make safety measure if an attack happens, and a grey hat hacker could simulate black hat hacker activities, so the firm know what the solutions are. In conclusion, creating and implementing a MFA and hiring red, white, and grey hat hackers would have prevented this cyberattack in the first place.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
4 Case Study 4 References key facts . (2017, October 6). Retrieved November 10, 2023, from https://www2.deloitte.com/content/dam/Deloitte/global/Documents/About-Deloitte/gx- FactsSheetforGlobalWebsite-cyber-attack.pdf

Related Documents

Assignment-Budget:Control.docx
Module 04 Quiz.docx
MODULE 2 QUIZ.docx
Module 07 Quiz.docx
DAT 260 Project One_.docx
discussion.docx
2023-10-16-Yallavala,Sai Yaswanth-HIOTGV.xlsx
2023-10-30_Yallavala,Sai Yashwanth-HIOTGV .xlsx
2023-09-25-Yallavala,Sai Yaswanth-HIOTGV.xls.xlsx
Lockbit Boeing Data Breach.docx
Homework 2- IT (1).pdf
CJ 405 Module Three-two Assignment .docx