Essay Sample on Recent Cyber Attack at Wolverine Solutions Group (WSG)

Introduction

In the modern internet age, cases of cybersecurity are becoming a significant struggle for many organizations daily. Current trends reveal a massive increase in hacking and breach of data issues from a variety of sources that are gradually common at the workplace including communication and the internet of things or IoT devices. Ideally, hacking of crucial information, destructive viruses, data breach, email phishing, denial of service as well as other related attacks often result in an extensive range of significant impacts from trivial inconvenience to severe incidents (Onuchowska, Chakraborty, Jank & Shrivastava, 2018). Cyber-attacks can mostly be a result of negligence and susceptibilities, or unintended coincidences, even though some threats can be strategic or intentional for instance hacking or unauthorized access of the data. The principal goal of the attackers or hackers is often to gain access to confidential data, to destroy or change the data, and most important to run illegal monetary transactions (Onuchowska et al., 2018). The attackers can, however, be categorized into three major groups including relational hackers, terrorists, and crackers depending on their motives and the target for their attack. Besides, recent research in the technology industry reveals that the majority of organizations have ineffective cyber practices which in turn lead to cases of unprotected data, making them vulnerable to cyber threats (Onuchowska et al., 2018). Cybersecurity is, therefore, an essential concept in the field of information technologies, defined as the processes and countermeasures that are designed to prevent any form of cyber-attack and unauthorized access of data, networks, and computer systems. The chief aim of this essay is to provide a critical overview of a recent cyber-attack that affected the protected health information of approximately one million clients at Detroit-based Wolverine Solutions Group (WSG) and describe some of the potential security measures that could be used to prevent future attacks.

Brief Overview of the Cyber-Attack Along With the Laws and Regulations That Was Broken

Earlier this year on 27th February 2019, the Detroit-based Wolverine Solutions Group in the USA released a statement notifying of a breach or a cyber-security incident in the form of ransomware that attacked its networks (ManageEngine Log360.com). WSG is one of the leading organizations providing outsourced statements processing to various verticles such as financial, insurance and healthcare. Ransomware is typically a type of malicious software that attacks computer systems, denying the users access to their data (Brewer, 2016). Instead, the attacker demands a ransom from the affected assuring to restore data access once the payments are made which is not always the case. Among those affected were the customers of the North Ottawa community health system, Health alliance plan, Three rivers health, and McLaren health care whereby the attacked data mostly included medical information, dates of birth, addresses, social security numbers, and other personal information of their customers (ManageEngine Log360.com). However, it all started in September 2018 when ransomware infected their systems prompting a quick action of files encryption that consisted of protected health records. The organizations informed all the affected customers concerning the breach and vowed to give a complimentary credit for one year while monitoring services to the victims (ManageEngine Log360.com). Significant laws and regulations that were broken during the incident are the existing cyber and computer privacy laws within the organization on threats of attacks or theft where the computer systems are central to the crime.

How Security Systems or Security Protocol within The Organization Failed To Counter The Attack

Encryption was the chief security protocol employed by the organization to protect their data from unauthorized access (ManageEngine Log360.com). Encryption is adequately defined as the process of encoding important information by the use of secure cryptographic keys and passwords that are hard to be bypassed by hackers. However, in the case of the WSG, the encrypted files were attacked by malware referred to as ransomware which gets into the computer systems and hides within the encrypted files. However, the encryption scheme failed to counter the attack because ransomware is a severe threat that runs a code that encrypts the users' data on the infected computer system (Brewer, 2016). This dangerous computer virus primarily uses an encryption algorithm such as RSA to make the files inaccessible by the computer user, and thus the only way the user can prevent or counter the ransomware threat is by the application of updated antivirus software such as the anti-virus guard AVG.

Some of the Potential Security Measures That Could Prevent Further Attack and What the Organization Has Done

Ransomware is a sophisticated malware that infects the users' data until a particular payment of ransom is made. It is a very hazardous threat for organizations and failure to prevent it can significantly result in the loss of confidential information. However, some of the potential security measures that can be put into practice to avoid similar future attacks include using the 3-2-1 backup rule that ensures the most important files are stored in three distinct versions of data on two separate storage forms with one offsite (Brewer, 2016). Regularly educating the users on how to recognize and prevent common ransomware threats like phishing emails adequately is also a best practice in preventing further attacks. Using an intrusion detection system, logically separate networks, and whitelist applications are also substantial security measures that can be used to cut off ransomware attacks in their initial stages (Brewer, 2016). However, to counter the attack, WSG installed a manage Engine Data Security Plus app which is an automated ransomware threat identification and prevention solution that can be used to secure personal data efficiently (ManageEngine Log360.com). In the incident of a ransomware attack, the data security plus system generates a real-time alert and provides an automated response to lock down the infected computer systems.

Ethical Dilemma Presented By the Cyber-Attack to the Organization and How the Organization Rebuilds Stakeholder Trust after the Attack

After the ransomware cyber-attack on 27th February 2019, the organization had indeed to face an ethical dilemma regarding its responsibility, privacy, and confidentiality (Thomas, Burmeister & Low, 2018). Confidential and vital information concerning many of their healthcare clients was attacked were over one million customers had to suffer the loss of their health information. However, to address the issue or to enhance their stakeholder trust, the organizations notified and apologized for the incident and offered to provide complimentary credit for one year while monitoring the services to the affected.

Conclusion

In conclusion, cybersecurity has become a primary concern in the contemporary era of internet technologies. Cybersecurity primarily incorporates processes through which computer systems, essential data, and services are protected from attacks such as hacking, ransomware, and unauthorized access. However, enhancing cybersecurity plays a prominent role in ensuring data confidentiality, integrity, and privacy.

References

Brewer, R. (2016). Ransomware attacks: detection, prevention, and cure. Network security, 2016(9), 5-9.ManageEngine Log360.com. (n.d). Retrieved from https://www.manageengine.com/log-management/wolverine-solutions-group-ransomware-attack.html

Onuchowska, A., Chakraborty, S., Jank, W., & Shrivastava, U. (2018). Detection and Classification of Attacks on IoT Networks.Thomas, G., Burmeister, O., & Low, G. (2018). Issues of Implied Trust in Ethical Hacking. ORBIT Journal, 2(1).