( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers
description
Transcript of ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers
![Page 1: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/1.jpg)
(2011) Security Breach Compromises 75,000 Staff/Student Social Security
Numbers
Image from this Site
Presenters: Aron Eisold, Matt Mickelson, Bryce Nelson, Benjamin Nikolay
![Page 2: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/2.jpg)
UWM discovered Malware Infection, May 25, 2011
Affected Server was Immediately Shutdown Authorities were called in to investigate
What Occurred
Image from this Site
("Information on Computer," 2011)
![Page 3: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/3.jpg)
UWM found Malware had access to SSNs, June 30, 2011
No evidence of Identity Theft was found No suspects were found
What was Found
View TMJ News Video - http://www.todaystmj4.com/news/local/127459218.html
("Information on Computer," 2011)
![Page 4: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/4.jpg)
UWM notified effected individuals, August 10, 2011
They were asked to monitor their credit reports UWM updated security on Servers
Notification and Plan
Image from this Site
("Information on Computer," 2011)
![Page 5: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/5.jpg)
EASy Project - CobiTEvaluate Analyze Synthesize
![Page 6: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/6.jpg)
5.1 Manage Security Measures
Analyze Synthesize
UWM Objective Failure Security was updated
in reaction to Breach
Risk Management Training
Re-evaluation of IS roles and responsibilities
Risk Assessment Regular Business/IT
Management Meetings
Cost = $8118Image from this Site
![Page 7: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/7.jpg)
5.2 Identify, Auth., and Access
Analyze Synthesize
UWM Objective Failed Inferred malware
access obtained via weak Admin password
Dictionary Attack
Use Radom Password Generator
Setup automated Password Expiration
Password History ACL Access Limitation Hardware and Port
Lockdown Cost = $minimal
Image from this Site
![Page 8: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/8.jpg)
5.3 Security of Online Access to Data
Analyze Synthesize
UWM Objective Passed UWM has a solid
“Admin Access” policy
No Recommendations Needed
Image from this Site
![Page 9: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/9.jpg)
5.4 User Account Management
Analyze Synthesize
UWM Objective Passed UWM requires use of
“Strong” Passwords Multiple characters
types required
No Recommendations Needed
Image from this Site
![Page 10: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/10.jpg)
5.5 Management Rev. of User Accounts
Analyze Synthesize
UWM Objective Passed UWM requires use of
“Strong” Passwords Auditing of Passwords
is performed randomly
No Recommendations Needed
Image from this Site
![Page 11: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/11.jpg)
5.6 User Control of User Accounts
Analyze Synthesize
UWM Objective Failed Inferred - Server
Admin. Account Compromised
Delay in recognition of illicit activity
Provide users history of prev. activity at login.
Implement Active Directory Audit Tool (AD Audit Plus)
Cost = $7680 annually
Image from this Site
![Page 12: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/12.jpg)
5.7 Security Surveillance
Analyze Synthesize
UWM Objective Failed Insufficient audit trail
to catch the intruders Far too much elapsed
time before those affected were notified
Verify existing configuration / make changes (Windows Group Policy / Auditing tools)
Research and assess possible 3rd party tools
Cost – Variable or minimal, depending on option selected
![Page 13: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/13.jpg)
5.8 Data Classification
Analyze Synthesize
UWM Objective Passed Sensitive data
classifications do exist Data was separated
and housed on different systems
No Recommendations needed
![Page 14: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/14.jpg)
5.9 Central Identity And Access Rights Management
Analyze Synthesize
UWM Objective Passed Scalability as an
enterprise level network
Thousands of user accounts and various types
No Recommendations needed
![Page 15: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/15.jpg)
5.10 Violation and Security Activity Reports
Analyze Synthesize
UWM Objective Failed Security activity was
insufficiently logged Inability to track/catch
the attacker Checked and
escaladed on a regular basis?
Refer to 5.7 recommendations
“Common Sense Security Auditing”
Cost – Variable, depending on route taken
![Page 16: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/16.jpg)
5.11 Incident Handling
Analyze Synthesize
UWM Objective Failed Attackers were never
caught 2 months had elapsed
before notifying those affected
Continuously evaluate system/audit security on a regular basis
Evaluate/revise procedures and auditing as necessary
Cost – variable to minimal
![Page 17: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/17.jpg)
5.12 Reaccreditation
Analyze Synthesize
UWM Objective Passed UWM will setup times
to perform audits on their network
No Recommendations Needed
![Page 18: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/18.jpg)
5.13 Counterpart Trust
Analyze Synthesize
UWM Objective Failed Hacker gained access
through open firewall ports
Purchase and install a new firewall
SonicWall NSA E7500 Features Next-
Generation Firewall, & Intrusion Prevention.
Cost = $35,339
Image from this Site
![Page 19: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/19.jpg)
5.14 Transaction Authorization
Analyze Synthesize
UWM Objective Failed UWM’s spyware failed
to deny the outside attacker from gaining access.
Purchase security add-ons to the NSA E7500 firewall.
Included is anti-virus and spyware, and application intelligence on the firewall.
Cost = $14,514 for 3 years.
![Page 20: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/20.jpg)
5.15 Nonrepudiation
Analyze Synthesize
UWM Objective Irrelevant
There were no transactions or digital signatures needed in this type of security breach.
No Recommendations Needed
![Page 21: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/21.jpg)
5.16 Trusted Path
Analyze Synthesize
UWM Objective Passed UWM has a excellent
records and retention policy to explain how to transfer data.
No Recommendations Needed
![Page 22: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/22.jpg)
5.17 Protection of Security Functions
Analyze Synthesize
UWM Objective Passed Malware bypassed
tamperproof security measures
Security design of infrastructure kept confidential
No Recommendations Needed
![Page 23: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/23.jpg)
5.18 Cryptographic Key Management
Analyze Synthesize
UWM Objective Failed Cryptography
Encryption Keys were not used
Unlikely attackers accessed data
Implement asymmetric database encryption
Use DSS encryption technology with private and public keys
Cost - $12,500
![Page 24: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/24.jpg)
5.19 Malicious Software Prev., Detect. And Corr.
Analyze Synthesize
UWM Objective Failed Failed to prevent the
malware to install Physical firewall and
configuration remained private
Symantec Endpoint Protection 12.1
SEPM Training for IT department
Policy and Procedure creation and implementation
Cost - $40.89 per device per year $3761.57 for training
![Page 25: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/25.jpg)
5.20 Firewall Arch. And Connect. With Public Networks.
Analyze Synthesize
UWM Objective Passed No data was
transmitted to the WAN
Firewall did not play a role in this incident
No Recommendations Needed
![Page 26: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/26.jpg)
5.21 Protection of Electronic Value
Analyze Synthesize
UWM Objective Irrelevant
Integrity of physical mechanisms maintained
Unrelated to physical access or authentication of foreign devices.
No Recommendations Needed
![Page 27: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/27.jpg)
End of PresentationEASy as Pie!
![Page 28: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/28.jpg)
End of PresentationEASy as Pie!
![Page 29: ( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers](https://reader035.fdocuments.net/reader035/viewer/2022081519/56813956550346895da0f65e/html5/thumbnails/29.jpg)
End of PresentationEASy as Pie!