In: Computer Science
While scraping user data from social media sites is not illegal, failing to secure this data after it has been collected poses a serious risk to the affected users as cybercriminals could use the information from the database to target them online. What are your recommendations to the online risk policy makers as you think it is a breach of PII (Personal Identifiable Information). Justify your answer. Explain the need for cybersecurity experts in such a case scenario.
Hackerssuccessfully infiltrated systems operated by the City of Baltimore this past May. The attackers encrypted data files and demanded a ransom in exchange for the decryption keys. Mayor Bernard C. “Jack” Young refused to pay and IT leaders were instructed to rebuild the municipality’s computer systems. City of Baltimore officials placed a price tag of $18 million on the estimated cost of the ransomware attack. In August, city leaders voted to divert $6 million of parks and recreation funding to IT “cyber-attack remediation and hardening of the environment,” according to the city’s spending panel known as the Board of Estimates. Now, Baltimore’s auditor told city officials that IT performance data was lost during the attacks, according to reports in the Baltimore Sun. Without backups of the locally stored data, the auditor is unable to verify some claims made by the IT department. This is the first notification made by City of Baltimore than data loss occurred from the attack.
The need or cybersecurity experts with respect to such a case scenario:
Personally identifiable information, also known as PII, is all and any data that could potentially be used to identify an individual and sometimes, even an organisation. Examples include Social Security number, driver’s license, bank account number, passport number, and email address, phone numbers etc.
Not all PII is equal in terms of importance or sensitivity.Some of them may be critically important to your identity. Often, identity thieves piece together a potential victim’s PII.
Internet, being one of its kind invention of humankind, has undoubtedly brought some significant amount of terror. We can see a constant increase in the number of cyber-attacks, there is a need for producing more and more experts in this field. Hence, we need more cyber security experts.
As we move furthur , with the advancement of the technology all the data is being stored in Cloud systems and if this is not protected properly , this data could easliy be hacked by attackers/hackers.The dependency of entire organisation's data on the internet increases the risk of data leakage by many folds.In such scenarios the need for cyber security increases at an exponential rate. To accomplish such tasks , we need highly professional and trained cybersecurity experts and specialist on whom the company can lay its trust on.
In the given scenario, Baltimore officials voted to transfer 6 million USD from a fund for parks and public facilities to help pay for the devastating impact of the May ransomware attack. According to the city's panel this funding will help in the "cyber-attack remediation and hardening of the environment".
The city of Baltimore was attacked by a ransomware called RobbinHood. All servers, with the exception of essential services, were taken offline and as a result it had a negative impact on the real estate market. The city of Baltimore was susceptible to such an attack due to its weak and obsolete IT practices, which included decentralized control of its technology budget and a failure to allocate money to fund cyberattack insurance.
Also they failed to allocate various cybersecurity experts and firewalls which could have prevented such an attack if not completely then also to some degree gain the access back from the attackers. With the technology we possess today it is of sheer importance that we invest in the security of data not only of the users but also of the platforms that the users trust dearly. This can be done by having cyber security experts as their job is to monitor, detect, investigate, analyze, and respond to security events, cybersecurity specialists protect systems from potential risks, threats, and vulnerabilities.