Professional Documents
Culture Documents
Conlan A. Casal
Abstract
The topic of cyber security has made it to the front and center of the information technology
conversation of late. The recent wave of hackers targeting retailers, financial institutions, and government
entities, has brought the issue to the attention of everyone from major corporations, government entities,
to the guy using his smart phone to stream YouTube videos in his spare time. The fact of the matter is
that the hacking of public and private segment at every level has become a major problem, and if not
properly addressed, could create a major ripple throughout the IT spectrum. Cyber criminals and agents
are no longer the tech savvy kid living out of his parents basement, hacking into government websites
and personal emails of classmates. They are not highly sophisticated homogenized actors who target
various sectors in an effort to extract information of nefarious purposes. The end result of these illegal
attacks against business, government, and a private network is to gather information in order to disrupt
From the retail and financial sectors, companies such as Target, Visa/Master Card, Home Depot, JP
Morgan Chase and countless others have experienced severe breaches of their networks in recent years
(Winter, 2014). These breaches but have put millions of customers at risk for financial and identity fraud
from the data stolen, and created a public relations nightmare for all effected parties.
Financial Sector: In 2014, a cyber-attack, hackers from what is believed to originate from Russian,
defeated network security measures for JP Morgan/Chase and compromised the data of over 80 million
accounts and millions of small businesses. The attack was identified in July of that year but system
security teams were unable to correct or stop the intrusion for close to a month. During that same attack,
agents attempted to defeat networks by other financial companies as well such as Chase, E*Trade, and
Retail Sector: From 2013 through 2014, several large retail companies were suffered from breaches
to their network security, exposing debit and credit card information of millions of customers. Two of the
largest big box chains, Home Depot and Target, experienced thefts of customer financial information that
equaled nearly 96 million (Winter). In both instances, hackers were able to infiltrate company networks
by introducing malware software via self-check-out terminals. The malware used in these instances was
Healthcare Sector: From 2014 to 2105, healthcare processing companies such as Blue Cross and
Anthem were attacked by hackers who stole financial and personal information from nearly 90 million
customers in a coordinated attack of their networks (Anthem, 2017). Hackers apparently were able to
defeat the security measures in place due to the fact that the data stored was not encrypted, making it
easily readable to thieves (Castle, 2013). The information (names, addresses, dates of birth, social
security numbers) from these particular thefts placed millions of people at risk for identity theft. All
pertinent information necessary to obtain credit the identity of someone was made available to hackers
between foreign governments have especially come to light in the last twelve months during the 2016
Presidential election when it was revealed that candidate Hillary Clintons private email server had been
hacked by foreign actors. And although the principals involved in that hacking are still being debated, the
fact of the matter is that sensitive, and in some cases classified information, had been ascertained and
eventually disseminated to Wiki Leaks and possible unfriendly governments interested in having sensitive
Preventive Measures
Cyber warfare and thefts are not a new phenomenon. The gravity of this issue has been know and
felt for years, and entire industries related to combatting this issue have developed as a result. Large and
small companies alike are now dedication enormous resources to address this issue. Some corporations
such as Sony have even hired hackers to defeat its security measures, and or help them engineer better
systems to protect their network (DuBois, 2011). This move came after attackers known as the
"Guardians of Peace," created havoc on Sonys company hard drives and digital archives (Schupak).
Many corporations are reviewing internal policies, procedures, and training for its employees, in
order to build a better understanding of the issue of cyber security, which can be practiced at each level of
a business hierarchy. Procedures such as enhanced password protection, network management, hiring
hackers to test security systems, and system hardening are all preventive measures that can better protect
the network as a whole, and prevent unwanted intrusions into it from occurring (DuBois). Incorporating
both simple and complex preventive measures into policy and procedure, and reinforced through training
can help mitigate security infractions and possibly prevent catastrophic ones as mentioned previously.
MIS Final Paper 5
Summary
The security related issues of IT networks are a moving target and one that will require the proper
amount of attention and dedication of resources to resolve. Unfortunately all major sectors (private and
public) seem to be more reactionary than proactive when it comes to implementing preventive measures
to their networks. The cyber criminals in many cases seem to be one or two steps ahead of the keepers of
information. The problem has become the flavor of the week and so wide-spread, that many college and
technical schools are now offering courses and disciplines in cyber security to address the market field for
MIS Final Paper 6
References
DuBois, S. (2011, July 11). What it actually takes to prevent a hack attack. Retrieved March
Schupak, A. (2014, December 13). Hacking after Sony: What companies need to know.
companies-need-to-know/
Writer, L. G. (2013, May 30). How to Prevent Hackers in a Company. Retrieved March 28,
Winter, M. (2014, November 07). Home Depot hackers used vendor log-on to steal data, e-
http://www.usatoday.com/story/money/business/2014/11/06/home-depot-hackers-stolen-
data/18613167/
Anthem hack exposes data on 80 million; experts warn of identity theft. (n.d.). Retrieved March
Castle, A. (2013, January 18). How to encrypt (almost) anything. Retrieved March 28, 2017,
from http://www.pcworld.com/article/2025462/how-to-encrypt-almost-anything.html