Background on the Wannacry Attack

This report is divided into two sections. The first part of report covers the discussion of a recent security breach that occurred. The attack that is selected and discussed in this report is Wannacry that took place in April 2017. The problem faced due to this attack along with its solutions is discussed. The second part of the report covers a detail decision about the sonly PlayStation network case. It is one of the biggest security breaches in the history. The important components of the attack along with the protections measures have been discussed.

There are many computer security breaches that occurred during April-August 2015-2018. In this section the attack that would be considered is WannaCry attack, it is a cyber-attack that targets operating system. This attack has become viral in 2017 and the only motive is to get unauthorised access so that they can earn money in the form of bit coin.

The problem faced due to this attack is it speeded at very high speed and is easily transferrable from one computer to another. This attack hits the computer through emails and downloads as viruses capture the system through theses means (Mattei, 2017). This attack allowed access of information to unauthorised users. This attack occurred in May 2017 and targeted computers to read the information and in return ask for money to release the information.

This attack came with the motive to capture all the confidential data and could be used in unauthentic ways. WannaCry attack captured data of many healthcare services and in return asked for money at time of realising the information. This attack transferred from one computer to another in a short span of time (Lallie, Debattista & Bal, 2018). This has degraded brand image and broke the trust of customers. This attack unknowingly entered the system and then denied the access of valid user by asking payment from them to get the access. This attack spread over the network by phishing attacks thus it is important to keep all the files encrypted so that even if the file is accessed by unauthorised user the information is not leaked. Some of the security tools like firewalls and software’s should be downloaded so that information is not leaked.

This attack was first reported in Window system in Europe that outbreaks the information of the system and has affected large number of organisations all over the world. This attack mostly victim healthcare industry by delaying the operations and keeping the patients wait for a longer time. Future, they earn money while re-establishing the information (Mattei, 2017). Mostly the older based window systems are affected by the WannaCry attack.

The Problems Faced Due to Wannacry Attack

This attack targets the sensitive file by encrypting them so that even authorised user don’t get access to it. They target many file types like database, achieve files and other documents s that valid user don’t get access to it (Lallie, Debattista & Bal, 2018). In return they demand for bit coin from the victim to release the file. This causes a loss to an organisation as these files future gets deleted.

This attack directly affects the computer by causing security flaws. It breaks the trust and loyalty among customers due to loss of confidentiality and integrity. The unpatched computers are easily affected by this attack thus it is suggested that various security measures should be taken to secure the system.

The solution to overcome this issue is using strong firewalls and antiviruses so that bugs are detected easily. This can be achieved by taking backups regularly so that system doesn’t stop working. Apart from that, it is suggested that fake decryption file should be used to claim the original files.

WannaCry is an attack that have captured many computer networks in May 2017, all the files on the computer is encrypted by making impossible for use to access the information. This attack causes vulnerabilities in operating system and Windows that causes network communication error (Clarke & Youngstein, 2017). It is a dangerous attack as it keeps the entire data encrypted from authenticated user.

The protection from this attack can be gained by taking backups so that even if the information is hacked the functions are not stopped and they work continuously (Jenic, 2016). The backups can be taken through automatic means so that time is also saved.

Some of the steps that need to be taken to reduce the risk of WannaCry attack are keeping the system updated with virtual patching solution. By enabling firewalls and using intrusion prevention system also helps in keeping the system secure. Apart from that, it is important to proactively monitor the traffic of the network by implementing security mechanism. It is also suggested that downloads should be performed through certified website and some emails should be blocked (Clarke & Youngstein, 2017). The network segmentation should be performed so that exposure of data can be controlled.

Patching is a way through which this threat could be mitigated. The data need to be categorized so that at time of attack the data could be recovered easily. The unneeded services should be avoided as it gives ways for the hackers to enter in the system (Jenic, 2016). It is suggested that red flags should be identified on social platforms like spam emails that contain system exploiting viruses. Thus, the IT expert should deploy security mechanism to protect the system from such viruses. These attacks can be reduced by keep a track from where the information is downloaded as viruses enter the system through these means. Thus, it is recommended to encrypt all the information so that confidentiality is maintained. Apart from that antivirus software should be used to monitor the viruses.

The Impact of Wannacry Attack

As the word say asynchrony input output activity allows the process to continue before the transmission of previous process has occurred. It improves the turnaround time and latency but it can cause a problem of multiple transmissions. Asynchronous data transfer is done using read and write operations it contains the value of transfer statement. The wait operation is used when other process occurs between data transfer (Kuperman,  Moscovici, Nider,  Ladelsky, Gordon & Tsafrir, 2016). The wait time is used to make the other process wait for the execution process. Input output operations slow down the processing of data as it incorporates the access and wait time (Treviño, 2016).

Asynchronous I/O with base bound and paging provides the ability to relocate the memory, there are two separate user address. One is base address that is offered in starting if user needs to exceed the limit they can make use of bound register. They maintain integrity of data by protecting the information from other users too (Kuperman,  Moscovici, Nider,  Ladelsky, Gordon & Tsafrir, 2016). Paging divides the program into equal pieces and also divides the memory into page frames. In case of memory asynchronous I/O there exist a problem as file sends the request to kernel. Kernel accepts the request so that continuous processing takes place of other process. It can be a problematic situation as it increases time to take backups and access the information (Goode, Hoehle, Venkatesh & Bro, 2017).   Asynchronous is a most commonly used in real time application as it allows users to collect data from multiple channels. The problem faced by asynchronous I/O is compression of data that do not offer access to files (Chinner & Gigante, 2016). If the files are decrypted it will not offer synchronous. In case of paging one root object is created at boot time and other is created at time of pre-processor. This problem affects the operating system interface by submitting blocking operations to pool the threads. These I/O operations affect the main memory by offering different access method which causes issue in terms of efficiency. Memory-mapped I/O is suitable for devices that move to large quantities so that data can be accessed quickly (Miller,  Reed,  Smith & Yee, 2016).

The solution to this problem is interrupting the flags at time of data arrival. If the transfer takes place in an asynchronous way then the status should be initiated. If the status is initiated about the transfer then new data should be time stamped so that no interruption takes place.  It is a way that offers online experience to employees so that they can have complete control over the activities (Jeong,  Lee & Kim, 2015). This causes lack of personal interaction and lack of feedback that causes an issue to run real time activities. Many operating system functions exist to implement asynchronous I/O at many levels. The main function of all operating systems is to perform at least some form of basic asynchronous I/O so that it do not apparent user programmer (Craddock,  Klein, Lais & Yudenfriend, 2018).

Solutions to Overcome Wannacry Attack

This case was a result of external intrusion in this personal information was prevented to access. This attack occurred on 17^th and 19^th April. It was one of the largest security breach that affected many customers. The company tries to offer online service for their customers but has stuck in a security patch (Ricks, Thuraisingham & Tague, 2018). Thus it is important for user to maintain string passwords and change them regularly.

The problem faced by this attack was play station network was taken offline. The company said that this was down voluntarily but it is an external intrusion. The system remained unavailable for next five days after the attack (Kokas, Tryon, Gusterson & Braun, 2016). The users were not able to connect to the services which broke the trust and loyalty among customers. The problem of this attack was anonymous denial of services (Ricks, Thuraisingham & Tague, 2018). This did not allowed valid user to access the service and this outage affected many other services running over the network. This attack gave the access to illegal and unauthorised access to people which brought up many security concerns. Sony had control over many credit card companies like amazon, eBay, PayPal and others. This attack allowed hackers to access theses confidential data. Thus, many credit card number and other details were stolen (Kokas, Tryon, Gusterson & Braun, 2016).  

The corporate network of Sony was hacked and this gave access of data to private data. The original companies were deleted from computers and the left over messages were threat for the organisation. This attack was a huge loss for the customers who relied for their data over the company (Bronte, Shahriar & Haddad, 2017). The network of Sony was down for few days that caused loss in term of reputation as well as financial barrier. The loss of this attack was for the customers whose confidential information got leaked in the public place. The thousands of documents were leaked that stored personal as well as sensitive information about the company (Horton & DeSimone, 2018). The documents contain the information like passwords that gave access to protected data. In this attack it was found that thousands of internal emails, financial documents were leaked. This approximately caused a loss to personal information, payroll breakdown; salaries of top executives, and movies were leaked and released to sharing websites (Milburn, 2017).

The attack was a targeted attack that happened by planning with a motive to break the information about Sony. The weakness of network was noted and then anonymously it was planned to gain the access of data. It was found that there was some contribution due to internal network (Goode, Hoehle, Venkatesh & Bro, 2017). The passwords were leaked and access control was not proper that offered unauthorised user to access the information. The reason of this attack was poor security concern as there were no ways for protection of data. Some of the government and media authorities also blamed Nrth Korea behind this attack as the methods used for breaching the data in Sony were similar to the attack that took place in South Korea. From the suspension it was found that attack was done by North Korea people from china. This attack occurred step by step, firstly an unauthorised access into the play station network was observed. Later there was some unusual activity that was observed over PSN. This indicated that intruder has hit the PlayStation network. The security team was hired so that loopholes could be found and access by unauthorised user could be stopped. The major problem of Sony PlayStation network attack was anonymous denial of services. This did not allowed valid user to access the service and this outage affected many other services running over the network. This attack caused negative image of the company by breaking the trust of the customers. Thus, it is important to maintain security by undertaking various security measures.

Steps to reduce the Risk of Wannacry Attack

Some of the ways through which this attack could been protected is by keeping the information encrypted so that even if the data is leaked it is not read by the user. The network should make use of antivirus and firewalls so that system remains secure from hackers. An access control list should be prepared so that only authorised user get the access to sensitive information. It is recommended that security training should be given to employees so that they deal with social engineering tactics. There should be a proper alert system if someone else tries to access the system (Hawkins, 2017). The alert supports in taking future actions. Passwords should be encrypts so that there are no chances of information leakage. It assures that information remain confidential for only authorised users.

Conclusion

It can be concluded that WannaCry attack occurred in May 2017 and targeted computers to read the information and in return ask for money to release the information. This attack aimed the pcs through emails and downloads as viruses capture the system. Additionally, the major problem of Sony PlayStation network attack was anonymous denial of services. This did not allowed valid user to access the service and this outage affected many other services running over the network.

References

Bronte, R., Shahriar, H., & Haddad, H. M. (2017, April). Mitigating distributed denial of service attacks at the application layer. In Proceedings of the Symposium on Applied Computing (pp. 693-696). ACM.

Chinner, D., & Gigante, M. A. (2016). U.S. Patent No. 9,361,474. Washington, DC: U.S. Patent and Trademark Office.

Clarke, R., & Youngstein, T. (2017). Cyberattack on Britain’s National Health Service—a wake-up call for modern medicine. The New England journal of medicine, 377(5), 409-411.

Craddock, D., Klein, M., Lais, E. N., & Yudenfriend, H. M. (2018). U.S. Patent No. 9,965,350. Washington, DC: U.S. Patent and Trademark Office.

Goode, S., Hoehle, H., Venkatesh, V., & Bro, S. A. (2017). What to do when your clients’ data is breached: the case of Sony Playstation. LSE Business Review.

Hawkins, N. (2017). Why communication is vital during a cyber-attack. Network Security, 2017(3), 12-14.

Horton, N., & DeSimone, A. (2018). Sony’s Nightmare before Christmas: The 2014 North Korean Cyber Attack on Sony and Lessons for US Government Actions in Cyberspace (No. NSAD-R-17-045). JHUAPL Laurel United States.

Jenic. I. (2016). What’s the difference between WannaCry and Petya ransomware?. Retrieved from https://windowsreport.com/wannacry-vs-petya/.

Jeong, D., Lee, Y., & Kim, J. S. (2015, February). Boosting Quasi-Asynchronous I/O for Better Responsiveness in Mobile Devices. In FAST (pp. 191-202).

Kokas, A., Tryon, C., Gusterson, H., & Braun, J. (2016). “Freedom Edition”: Considering Sony Pictures and The Interview. Journal of Broadcasting & Electronic Media, 60(4), 714-728.

Kuperman, Y., Moscovici, E., Nider, J., Ladelsky, R., Gordon, A., & Tsafrir, D. (2016, March). Paravirtual remote i/o. In ACM SIGARCH Computer Architecture News (Vol. 44, No. 2, pp. 49-65). ACM.

Lallie, H. S., Debattista, K., & Bal, J. (2018). An Empirical Evaluation of the Effectiveness of Attack Graphs and Fault Trees in Cyber-Attack Perception. IEEE Transactions on Information Forensics and Security, 13(5), 1110-1122.

Mattei, T. A. (2017). Privacy, Confidentiality, and Security of Health Care Information: Lessons from the Recent WannaCry Cyberattack. World neurosurgery, 104, 972-974.

Milburn, C. (2017). Long live play: The PlayStation Network and technogenic life. In Research Objects in their Technological Setting (pp. 117-134). Routledge.

Miller, D. D., Reed, D. C., Smith, M. D., & Yee, H. (2016). U.S. Patent No. 9,495,262. Washington, DC: U.S. Patent and Trademark Office.

Ricks, B., Thuraisingham, B., & Tague, P. (2018, November). Lifting the Smokescreen: Detecting Underlying Anomalies During a DDoS Attack. In 2018 IEEE International Conference on Intelligence and Security Informatics (ISI) (pp. 130-135). IEEE.

Treviño, M. (2016). Inhibition controls asynchronous states of neuronal networks. Frontiers in synaptic neuroscience, 8, 11.