Question

Describe one cybersecurity attack that has occurred in the past 6 months, and based on your understanding of this week’s readings, explain what vulnerabilities within the organization may have contributed to the breach.

Answer 1

Answer:-

Incident Of The Week: Investigation Of Walmart Email Breach

The FBI is investigating allegations that employees from one of Walmart’s technology suppliers was illegally monitoring the retailer’s e-mail communication.

The New York Times reports that in late 2015 through early 2016, Compucom employees assigned to Walmart’s help desk were using their access to monitor specific e-mail accounts at the retailer and allegedly using that information to get an edge over competitors.

The scheme was discovered after a Compucom technician took a photo of an email about an internal Walmart disciplinary matter and sent it to a Walmart employee he had been chatting with on an instant messaging system, according to the F.B.I. filing.

The photo was then forwarded accidentally to the daughter of a second Walmart employee who reported it to the company’s security department. Walmart filed a complaint with the F.B.I. about the suspected breach in September 2016.

According to a court filing, Compucom employees searched internal Walmart e-mail correspondence for information that could give the firm an edge over competitors. The suit alleges that the information helped the solutions provider submit a winning bid on at least one occasion.

The case exposes a potential vulnerability for companies that rely on contractors for technical work, giving outsiders broad access to sensitive internal documents with little oversight in the process. It also raises questions about how technicians hired to support the computer system of one of the world’s largest and most insular corporations were able to gather information from employee emails.

“Companies with an extensive communications network like ours require the support of different partners and a high level of trust,” Walmart spokesman, Randy Hargrove, told the NYT. “We relied on this vendor but their personnel abused their access and we want those responsible to be held accountable.”

A Walmart spokesman said the company terminated its contract with Compucom and has put in place “new tools to improve our monitoring process” of IT contractors in light of the incident. Walmart said its own investigation into the matter showed no customer information was compromised.

Compucom told the NYT they are cooperating with the investigation and currently cannot comment on the allegations.

to protect:-

• As far as practicable, use strong passwords. Such passwords should contain special characters and numbers, and should not have any connection to you whatsoever(no “tendulkar94 or sona28111994). This will make you less prone to social engineering attacks.
• Prevent shoulder surfing. Put a privacy guard on your device.
• Do not save any of your card details on any website.
• Do not use public Wi-Fi networks. As far as possible, use your own data plans or home Wi-Fi networks.
• Keep your OS and software up to date.
• Always keep your device locked or switched off when leaving them unattended (which you should not do anyway).
• Do not engage in piracy.
• Be careful of any attachment you receive on mail or on cloud storage.
• Spread awareness among others. The more people are aware, the safer cyberspace will be.