Description
I have to reply to four of my classmates posts. 100 words each.
Post 1. By Amber
Layered security, or defense in depth, is basically a structure that uses multiple layers to make up for the faults of the previous layer. The idea behind this being that each layer has the ability to slow an intrusion making it easier to detect them and boot them. Each layer serves a specific purpose and thus would have limited capabilities on preventing different pathways of attacks. The idea is to focus on all possibilities of a data breach to try and prevent them, or to minimize the damage done in the event of a breach. Hackers will always find a way in if they really want to and having steps in place that make it more difficult for them to access data they want which in turns lessens the damage done. The more hurdles the attacker would have to jump over, the easier they are to find within the system. Of course knowing how they breached can help with strengthening the defense of the security to help block from that type of attack. From what I understand there are ways in which the layered security can be adaptable to the needs of the company using it.
When I searched data breaches from this year I came across one that caught my attention. A Capital One data breach identified on August 2nd of this year where roughly 100 million credit applications were stolen. A former amazon employee was arrested in connection with this breach. The connection between the amazon employee and Capital One is that Capital One was using a cloud within the Amazon Web services. Now even with different levels of protection a simple error lead to a major problem. The Web Application Firewall that Capital One was using was misconfigured and had way to many permission allowed to it. This misconfiguration allowed the firewall on Amazon's web services to be tricked. The former amazon worker also had the inner workings of how Amazon's web services and access services worked and was able to exploit the misconfiguration majorly. Amazon's AWS boasts multiple security features that somehow where completely bypassed. For instance, their access advisor is meant to detect and locate pieces of their software that has to many permissions. This did not catch the misconfiguration of the Capital One AWS web application firewall. Other key security measures noted in the article were also bypassed. So it only takes one person with enough knowledge of the subject to exploit a flaw and cause major damage.
Post 2. By Willard
While layered security and defense-in-depth are quiet similar, their similarities end just as quickly as they begin. Layered security is about combining multiple security controls to protect data and resources. Some call it the "Swiss cheese defense" while others simply look at it like an onion. Since you are focusing on multiple layers of security overlapping each other, the chance of complete breach is rare. Yeah one or two layers of security or defense might be compromised or bypassed but there are still more to deal causing some to believe the ordeal too much of a hassle. Lapses and weaknesses do not easily materialize since other defenses exist. Defense in depth originated in the military as a strategy to resist rapid penetration. Here there were multiple layers of defense spread out and the idea is that the attack to lose momentum over time. With defense in depth it is understood that not just one security measure can protect a system. It takes multiple measures and aspects to reduce risk such as technical, physical and administrative controls.
American Medical Collection Agency(AMCA) had a data breach spanning over eight months from August of 2018 to March of 2019. Over 20 million American's personal and financial information had been hacked and potential been put up for sale. AMCA is a third party healthcare billing vendor used by companies such as LabCorp ,Quest Diagnostics, BioReference Laboratories and Sunrise Laboratories to name a few. AMCA claims only 200,000 individuals had data stolen while reports and data have proven otherwise. Neither the collection agency or the companies it works for have notified all those whose information has been stolen while lawsuits around the US come out of the woodwork. Attorney generals from Illinois and Connecticut have opened investigations into this matter while senators from New Jersey and Virginia have sent letters to AMCA and individual companies using AMCA demanding answers on how this happened and how it went on for so long going unnoticed.
Post 3. By Ryan
The topic I chose to discuss from this week’s reading is obscured information. I know very little about this topic because I have not done much work with forensics, but I have heard about it from other cybersecurity classes. The subject I know the most about would be encryption, as most of my other classes talk about it at some point in the curriculum. I enjoy learning more about encryption and testing my abilities at figuring out algorithms on my own. In previous classes, we would do activities where we tried to unscramble an encrypted sentence, such as ones that used the Caesar Cipher, and I found that I enjoyed doing so. As for steganography, I do not know much about this subject at all. The only experience I have for that would be talking about it very little in class and in clubs. One club that I was a part of had a guest come in to talk about what their job entails; he works for the county police in the forensics department, so one of the things he talked about was steganography. Before talking to him, I had virtually no understanding about the subject, but he explained what the general idea was and showed real examples that he has encountered before. One example was a message that was hidden in individual pixels of a picture, used by a criminal to send secret information to someone else. I found that I am very interested in learning about steganography. The other things that the textbook mentions, like compression and proprietary format, I know even less about. I have not really heard of them other than from reading in the textbook. Overall, I am very interested in learning about obscuring information and how cybercriminals use this to their advantage. It is surprising that companies also use this technique for protecting sensitive information, but it does make sense. I look forward to understanding this topic better!
Post 4. By Amaya
The topic I will be discussing is The Children's Online Privacy Act of 1998 (COPPA) which protects children 13 years of age or younger from the collection and use of their personal information by websites. Websites have to obtain parental consent before they can collect or use any personal information. I personally did not know this Act was established but i'm glad it was for the safety of young online users. While researching this act a little further, i discovered that schools can give consent to COPPA, but the information they collect must be used to benefit the school and it cannot be used to commercial purposes. Any personal information such as the child's name, email address, phone number, social security, etc,. are just a few things that are protected under COPPA. I also discovered that screen names are not protected under COPPA unless an email is being used in replacement. I think this act is very important, especially now more than ever with the amount of sex trafficking and online predators, that children are protected while using the internet. They might not always be aware of how much information they give out. Along with that, parents should always keep an eye on the things their children are using the internet for or the websites they visit. Just in doing that can protect the children even more. I think COPPA should be updated slightly just because technology has advanced so much since it was established. It's easier than ever for people to retrieve information quickly and easily. I am interested to see if the policies will be updated.
Sample Solution