Developments in information technology have prompted many organizations to automate their production processes to improve their efficiency. However, the computerization of an organization’s activities has promoted cyber risks perpetuated by unscrupulous individuals for personal gains. The risks lead to massive losses and inconveniences in an organization. In the case study, Azumer Water is facing cybercrime, which have disrupted service delivery of the volunteers. This present paper brings out a detailed incidence analysis, and risk assessment and management report of Azumer Water.
Incident Analysis and Response
Factors Contributing To Azumer Water Cyber Attack
Azumer water suffered a distributed denial-of-service (DDos) attack and Phishing because of the weak information technology infrastructure in the company. The hackers executed the DDos attack by using the weak firewall between the main office and internet service provider considering Pruhart Tech had delayed the configuration of the enterprise firewall to secure the company servers, database, and emails. Moreover, employees rarely updated their passwords; most of them have been using the same passwords to log in into the organization’s system since they joined the organization. The hackers took advantage of the vulnerabilities to control the company’s system by sending confusing emails to the volunteers (Schoenfield et al., 2015). The hackers applied phishing by tricking volunteers to donate to an unconfirmed course. They attached a link on the emails that redirected the volunteers to a web form that requested them to choose the amounts to donate that would be deducted from their credit cards. In light of the above, the weakness in the company’s information technology infrastructure facilitated the attack.
NIST, ISO 27002- Breach of Confidentiality, Integrity and Availability of Azumer Water’s Operations
The ISO 27002 brings out detailed information on IT security controls associated with confidentiality, integrity, and availability of stakeholder information. Azumer Water breached Section 6.2 of the ISO 27002 standards; the organization lacks a backup database to store crucial information. Not only does the firm lack efficient access controls to manage the contact of information in the database but also lacks classified information based on the security level required. Moreover, it stores crucial and non-crucial information in the same database thus risking manipulation of the data. Access controls in the firm are limited considering most employees can access any information in the database and even make copies of the information in external storage devices (IsecT, 2018). Besides, the passwords in the firm’s computers are rarely updated thus giving hackers an ideal chance to manipulate information the company. Moreover, Azumer’s water network is unprotected and open source thus granting hackers an ample chance to hack the company systems and manipulate information to their advantage.
Azumer Water Federal Regulation Violations
Azumer Water has violated several federal regulation thus making it vulnerable to suffer legal ramification because of non-compliance. It has failed to meet various ISO 27002 Sections especially section 12.3 (Back up), section 12.4 (logging and monitoring), section 13.1(network security management), section 13.2 (information transfer), section nine (access control), section eight (asset management) and section six (organization of information security) (IsecT, 2018). The firm has also violated the Public Health Security and Bioterrorism Preparedness and Response Act of 2002. The law requires all water systems serving over 3,300 people to evaluate their vulnerabilities to intentional disruption of water supply (Powner, 2008). The assessment covers all the company’s computer and automated systems. Azumer Water delayed in addressing its information technology loopholes thus facilitating the cybercrime by Elecktores.
Mitigation Strategies to Limit Cybercrime
Azumer Water should implement various security optimization measures to mitigate occurrence of cybercrimes. PruHeart Tech should conduct a vulnerability test of the firm’s information technology infrastructure to bring out the vulnerabilities the firm faces and address them accordingly. One of the strategies is installing and configuring the firm’s firewall to cover all the loopholes that might be utilized by hackers to manipulate the company’s system (Green, 2018). It is prudent for the firm to advance its anti-spam protection as its system was compromised through email thus discrediting the company before its volunteers. More importantly, the firm should back up its database and limit access to the database. Doing so safeguards information in the database and access to crucial information. Typically, unscrupulous employees orchestrate 90% of cybercrimes in organizations (IsecT, 2018). Essentially, the firm should update its operating systems and update the passwords regularly considering that embracing the mitigation strategies will play a significant role in containing cybercrimes in the organization.
Importance of Incident Response Plans
Mitigation plans play an instrumental role in containing cybercrimes. Most cybercrimes reduce the credibility of an organization before its stakeholders, especially clients, and consumers. For this, all the employees in the IT department should work collaboratively to ensure the department’s security is upheld. Security managers in the department should ensure that each employees is delivering their duties accordingly and that all the equipment are functional (Scholz, 2017). System administrators should monitor the company’s system closely for any malicious activities and respond based on the cybercrime. They should ensure effective function of the IDS and IDDs to notify them of any attempted intrusions to the system (Scholz, 2017). Security technicians should always ensure that the firm is running on the latest software and operating systems. They should also install credible antivirus to secure the computers and should repair faulty hardware. Security consultants on the other hand should perform vulnerability tests and advice the management on the best strategies to apply to heighten security.
Risk Assessment and Management
Recommendations for Azumer Water in Promoting Compliance
The compliance with federal regulations limits legal ramifications that can lead to unnecessary fines that would have been used to increase production capacity in the organization. The firm needs to develop stringent internal controls such as assigning specific employees the responsibility of managing its database considering it holds critical information used in running the firm’s affairs (IsecT, 2018). The firm should train its employees on the importance of securing their emails and use of personal devices while accessing company data. In essence, the firm should limit sharing of passwords, especially those involved in the access of critical information such as volunteer personal information. The firm’s IT staff should update the firm’s operating system and install strong antivirus software to safeguard the computers from viruses that can be introduced by unscrupulous individuals with aim of corrupting critical information. Azumer should develop a credible back-up system to ensure it has all critical information at hand. It ensures that the operations of the company continue smoothly after a malicious attack.
Technical Solutions to Prevent Future Attacks at the Firm
Implementing technical solutions safeguards the firm from cybercrime. Configuring the company’s firewall will seal all network and system loopholes that can be used by hackers to access the company’s data (Green, 2018). Data encryption will also play a significant role in safeguarding information stored in the database (Schoenfield et al., 2015). Doing so ensures that the hackers cannot use the information in the database unless they decrypt it, which is difficult considering only limited individuals in the organization have the knowledge to decrypt the data. In essence, persons responsible for data encryption in the firm should remain anonymous to safeguard credibility of the information in case the hackers get access to it. The IT administrators should control the installation of software in the firm’s computers to prevent hackers from planting bugs, which they can utilize to access critical information from the firm’s network. The Network administrators should change the network access protocols of the personal devices used to access the firm’s system.
Azumer Water should use a pooled system architecture. The system architecture is structured such that the computing, storage, and network components run separately in distinct pools from a single base. The structure has vast benefits for it can be upgraded easily depending on the demands in the field (Schoenfield et al., 2015). Optimizing security is easy as each component can be secured individually. The identification of problems is easy under the pooled system architecture.
Risk Management Approach
The most ideal risk management approaches for Azumer Water are compliance and operational. The firm should comply with all the federal regulations linked to information technology. The firm should shift form a WEP wireless to a WPA2 wireless network, which is more secure and impermeable. The firm needs to implement an effective system monitoring software or device to detect any malicious activity such as DDOS attacks on the company network and notify the system administrator to make the necessary precautions (IsecT, 2018). The firm should increase accountability of employees by assigning specific employees to manage the information technology department in the organization. Additionally, it should bar use of external storage devices in the company unless authorized by the relevant authorities.
The analysis of Azumer Water case study has brought out insightful revelations that led to the cybercrime executed at the firm. The firm had several loopholes that hackers utilized to execute the cybercrime. Addressing the loopholes will advance the information technology security at the firm and prevent future attacks. Notably, the firm should comply with all the federal regulations associated with information technology infrastructure as they aid in averting numerous cybercrime risks.
Green, C. (2018). Cybercrime: 9 steps to safeguard your organizations data and technology. Retrieved from https://redlevelgroup.com/cybercrime-9-steps-to-safeguard-your-organizations-data-and-technology/.
IsecT. (2018). ISO/IEC 27002:2013 — Information technology — security techniques — code of practice for information security controls (second edition). Retrieved from http://www.iso27001security.com/html/27002.html.
Powner, D. A., (2008). Information technology: Federal laws, regulations, and mandatory standards for securing private sector information technology systems and data in critical infrastructure sectors. GAO-08-1075R – Federal Legal Requirements for Critical Infrastructure IT Security.
Schoenfield, B., Stewart, J. & Ransome, J. (2015). Securing systems: Applied security architecture and threat models. Boca Raton: CRC Press.
Scholz, T. (2017). Big data in organizations and the role of human resource management : a complex systems theory-based conceptualization. Frankfurt am Main: Peter Lang