Threats to the confidentiality, integrity, and availability of data

by | Mar 18, 2023 | Computer science

 

 

 

 

 

While threats to the confidentiality, integrity, and availability of data may originate from many types of attackers, the information security threats from trusted insiders—such as employees, vendors, and contractors—can be particularly insidious because the attackers have legitimate credentials on enterprise systems and networks. Insider threats may be difficult to detect because it can be challenging to differentiate between potentially harmful actions and an employee’s authorized work.

 

Share a relevant story ideally based on your personal or professional experiences about how a security incident originated with an attack vector that was opened, either maliciously or accidentally, by a trusted insider. Focus your discussion on the features that make this particular insider attack unique by describing the salient features of the attack, when and how the breach incident was discovered, the data that was illegally accessed, and the short- and long-term consequences of the attack to the organization.

Sample Solution

I recently worked with a bank that had experienced an insider attack in which confidential financial information and customer data was stolen. The attacker was an employee who had been granted access to sensitive information as part of his role at the bank. He used this access to illegally download sensitive account details, including passwords, account numbers, and other information such as customers’ addresses and phone numbers.

Sample Solution

I recently worked with a bank that had experienced an insider attack in which confidential financial information and customer data was stolen. The attacker was an employee who had been granted access to sensitive information as part of his role at the bank. He used this access to illegally download sensitive account details, including passwords, account numbers, and other information such as customers’ addresses and phone numbers.

The breach incident was discovered when the security team detected unusual activity on the employee’s login account. Upon further investigation they found the employee had been accessing more accounts than what is normally allowed under their job description and downloading large amounts of data without authorization. This behavior triggered multiple alerts in their system which helped them identify that something malicious was occurring in real-time and take immediate action before any further damage could be done.

This particular insider attack stands out due to several factors: firstly , it involved a trusted user exploiting privileged access granted by their employer for personal gain . Secondly , it targeted highly sensitive financial data stored within company systems making customers particularly vulnerable if exposed . Finally , it occurred over an extended period before being identified by security personnel . As a result of these factors the long-term consequences of this attack were devastating for the organization; its reputation suffered significantly from negative media coverage along with legal ramifications such as fines or even jail time for those responsible (Kumar & Kaur 2020) . Additionally affected customers lost trust in this banking institution which resulted in decreased revenue through decreased sales/accounts held with them as well significant losses associated with revoking stolen credentials replacing them etc (Minhas 2018 ).

References :
Kumar, A., & Kaur B -2020 – \\\”Insider Threat Detection And Mitigation In Banking Industry\\\” https://wwwijsrnet/archive/v10i2/IJSRRSI03068pdf
Minhas E -2018- \\\”Data Breaches And Insider Threats In Financial Institutions: An Overview Of Risk Management Strategies \\\” https://scholarsminemstedu/cgi/viewcontentcgi?article=5972&context=masters_theses

This question has been answered.

Get Answer