LD7010 Ethical Hacking for Cyber Security Assignment Sample 2024
Introduction
SolarWinds is mainly a software-making company that primarily deals with the system management tools used by IT professionals. The most renowned product of solar wind is Orion, which is also a network management system. In this process, the breaches of the same group that targeted Fire Eye and the SolarWinds are also elaborated. This context is mainly elaborated for a better understanding of the attacks of the hackers and the process of the hacking tools and also the process to identify them. In this case, the company of SolarWinds was perpetrated by group APT29 which has been also become one of the most effective parts of the breaches in SolarWinds.
Scope
In order to collect the database of the incident regarding the breaches of the SolarWinds, the data has been collected from the part reports of this company (Basu et al. 2018). For a better understanding of the affected part and also to have a better result of the research the online research about cyber security and ethical hacking also has been done. Solar wind breach was also based on ethical hacking and cyber hacking for this reason the reports of the national news channels and international online portals also has been checked for further information.
The “SolarWinds Orion security breach”, (SUNBURST) affected different U.S. government agencies, consulting firms and business customers (Bbc.com, 2020). The loss of this company and the demotion in the market value also make understand that this company faced a huge negative effect, which was also reported in the national news portals.
It gets worse by continuing its adverse impact on victims like Homeland Security, US departments of Commerce, Energy, and Health and Defence departments. However, impact of this breach becomes more worrisome for those responsible for cyber security at enterprise data centers; however, are the technology vendors, which allowed compromised “SolarWinds Orion software” into their environments. In order to a better report of this affected issue, the past final reports and the present status report of this company also have been taken (Brown et al. 2018).
The engineers of this company and the low-level workers of this company also have been interviewed for collecting authentic data and proper issues after the breach of SolarWinds. Furthermore, this breach issue leads to malware attacks and information or data breach issue within different technology based companies, including start-ups (Maria Korolov, 2020). Conversely, it influences many organisations to adopt innovative, yet strong and effective security management strategies to deal with circumstances or data breach issues.
Critical discussion and Analysis of SolarWinds breach
In this scenario, the APT29 hacking group who was also renowned for hacking in the FireEye Company has affected the solar wind company. This hacking was taking place in the supply chain of SolarWinds, which became the breach for this company in few days after the first attack on this company (Caldwell, 2017). In this case, the company also faced the less secure software security of their own firewall, which became the reason behind the hacking of the third party.
This case also describes the effects on the supply chain for ethical hacking and cyber hacking which became the reason for the breach of this company. It can be also said that this company is based on the software programming and software configuring for which the effect of the hacking on this company affects so badly on their reputation (Devanny, 20121). This also decreases the value in the marketplace and decreases the reliability of this company.
Threats: as being a software company this company has to face several issues and trends by the challenging companies and the ethical hackers who always find chances to steal data from the supply chain and to crack data to find the investments of the company. Based on the past reports this company does not have a strong firewall that can become a thread for them if the hackers try to hack the financial expands and the financial details of the company (Fathima et al. 2018).
This also makes a huge negative effect on the customers and employees as this incident can break the reliability of them. This can also make a huge negative effect on the financial status of the company as the investors and the stakeholders of this company lose their reliability on this company for further investments as this company does not have strong security protocols.
Discussion
This topic is based on the ethical attack on the company of SolarWinds, a software-making company that faces cyber hacking on their supply chain and breaks the process of supplying their software and programs to their customers. This makes the decrease of the valuation in the market and makes them less reputation of this company in this challenging market (Pirro et al. 2021).
In this case, the company also loses the reliability of there for not holding and strong cyber security and any firewall security for their website protocols. This makes a huge impact on their financial factors and their investors also which became the result of less reliability and less profit of this company for a certain period of time (Giese, 2019).
This effect makes a huge difference between the competitive companies, which decreases the valuation of this company and makes a negative impression of this company in the marketplace. In order to achieve the reputation of this company, this company makes a better security protocol for the upcoming software processing of this company.
They also make some of the strong protocols of their network that are resulting in a better security protocol than others. In order to re-achieve the reputation and the reliability, the company must make better policy and investment policy for the future. This can increase the reliability of the stack holders and the investors to invest in this company in the proper way (Haber et al. 2018). As this company is software making company this company usually has a reputation in between the companies that make the software work in their programs and initial works.
This can be told too that this company lost 30% of their customers in the year 2009 for this negative impact of this cybercrime (Joseph et al. 2021). In order to have the profits in the business and to have the proper incensement in the market value, this company should make highly secure and strong firebase software for the proper access of their internet portals and also face fewer hazards in the future.
Reflection
Based on the past reports of this company it can be said that this company faced huge issues in the processing of the software transferring from the workplace to the customers. It can be said that as this company holds less secure security protocols and the huge reputed reliability in the society and the targeted locality, for this reason, the company faced a huge negative impact on the reputation of this company. This can be told too that this company holds huge reputed software, which is also useful in many companies (Kansal et al. 2019).
For this reason, this company also lost its financial status and its profit ratio. In this case, with the solar wind company, the financial status broke down for this reason that results in the shutdown of this company for a certain time. Based on the past issue of this company it can be said that this company does not hold a strong security protocol or effective internet protocols which became the reason behind the ethical hacking on the supply chain of this company.
This can be told too that the company does hold a strong protocol now as the factors and the issues are faced by the company previously. It can be also told that the company has the status of a reliable company now as the company now holds the proper and authentic protocol for the security of their websites also (Kim et al. 2017).
The increased value of the company in the present-day market returns their valuation and their reliability for renewing the new security and the strong software in the protocols of the company. This can be said that this company now holds the world’s 6th most top security holding software and also making their reputation worldwide for the protocols of the new software of this company.
Analysis
It can be told from the past reports of this company that this company is base on software security and software making. For this reason, the facing issue o this company demotivated the employees of this company and also the stakeholders of this company. This can be told too that the company has faced many of the issues and the hazard in the workplace for this ethical hacking and cybercrime.
It can be also told that this company also has faced many of the demotivation of the employees which result as the closing of the sales of this company. In order to make a proper understanding of the affected facts, the past annual reports of this company have been researched which represents that this company
Solar Wind is a US-based company that deals with the information system, and development of software. The risk of cyber-attack is more in the company since it deals with information technology. The Solar Winds Company has many high-profit clients along with several US agencies (Olalere et al. 2019).
At the beginning of March 2020, the company sent software updates to all its clients which include the hacked code. According to several investigators and cyber security experts says that this cyber-attack is done by Russia’s foreign intelligence services. Apart from that, this cyber-attack becomes a major cause for damaging the business of Solar Winds. The impact of this cyber-attack is discussed below with the help of several points;
Financial loss
Due to the cyber-attack, the company Solar Winds has to sufferer with losses because their data was stolen by the cyber-attackers. Apart from that, this company has many reputed US agencies as customers or clients. As for this, it becomes a risk for all the agencies that their personal data, as well as the data of their customers, were exposed by cyber-attackers (Pyrèv et al. 2019).
This also creates a loss of trust because most of the US companies are the clients of the Solar Winds. Due to this, after having the cyber-attack the trust of other agencies on the Solar Wind was broken.
Reputation loss
Solar Wind is one of the reputed information technology companies of the US. This company also deals with software development so most of the companies in the US use the software of this company. As for this, after having a cyber-attack on this company the reputation of the company decreases in the financial market (Ranade et al. 2021). This is because every company wants to secure their data but due to the cyber-attack the risk of having a loss in data increases. This is the reason that decreases the reputation of this company in the US.
Prevention of cyber attacks
The reality states that current technical information is not effective enough to mitigate the cyber threat. As the cyber security updates are monitored by cyber attacker’s science they are made public according to which suitable changes are made before cyber-attack. However, certain steps can be used for better use of cyber security to mitigate these issues. Security managers should be more deliberate while checking the vendor profiles. The internal chain of command should be reviewed before continuing their work process.
Due to the lack of industry-standard of cyber security for software development, it is important to maintain government rules. The purchased software should be validated by the suppliers with proper audits. If the supplier is not agreeing or the validation is not efficient then it is safe to presume that it is not suitable for use.
It is recommended to check for fake ids and certificates that could be used to infiltrate any system. The world in this digital era is facing a huge issue of cyber hacking and cyber-attacks, the domain of such crimes is taking place in every part of the corner. It is difficult to prevent such a phenomenon of crime from taking place but awareness and education can be helpful for people to overcome this problem. The data systems where the data of various organizations are saved are required to be protected with passwords and firewalls (Thompson, 2020).
The layer of protection must be high and a well-experienced and equipped IT team must be hired by organizations in order to protect the data stored on the online platforms or data of the companies or organizations. Proper and constant monitoring of the data to check for theft and comprises must be done.
Conclusion
The study reflects that the company named Solarwinds has faced a breach in the supply chain of their software business. The breach in the supply chain was mainly due to the ethical hacking of the third-party team called APT29. It also has been shown that the hackers mainly belong to Russia. It can be said that the company faced several negative issues in the reliability and reputation of the company, which decrease the market value and the profit of this company in a visible way.
This can be concluded too that this company does not hold the strong secure protocol and web security for which the investors and the stakeholders lose interest in the investments in this company. It can be concluded that this company now upgraded its security and protocols of the online portals and investment has been expanded to reduce hazards in the workplace and internet access by the employees and the customers. It can be also concluded that the company is now making a huge reputation for holding strong network security and also improving the financial issues and status of this company in the present day.
Reference List
Journals
Basu, D.P., 2018. Emerging Dimensions of Blockchain Technology. AIMA Journal of Management Research, Article, (3), pp.1-21.
Brown, T., 2018. Are miserly budgets putting businesses at risk of cyber-attack?. Computer Fraud & Security, 2018(8), pp.9-11.
Caldwell, T., 2017. The UK’s£ 1.9 bn cyber-security spend–getting the priorities right. Computer Fraud & Security, 2017(3), pp.12-20.
Devanny, J., 2021. ‘Madman Theory’or ‘Persistent Engagement’? The Coherence of US Cyber Strategy under Trump. Journal of Applied Security Research, pp.1-24.
Fathima, K.M., 2021. A Survey of the Exemplary Practices in Network Operations and Management. In Data Intelligence and Cognitive Informatics (pp. 181-194). Springer, Singapore.
Feinstein, S.G. and Pirro, E.B., 2021. Testing the world order: strategic realism in Russian foreign affairs. International Politics, pp.1-18.
Giese, S., 2019. The endpoint epidemic of IoT–just a bad dream?. Network Security, 2019(4), pp.11-12.
Haber, M.J. and Hibbert, B., 2018. Making It All Work. In Asset Attack Vectors (pp. 249-265). Apress, Berkeley, CA.
Joseph, J., Jaynes, A.N., Baker, D.N., Li, X., and Kanekal, S.G., 2021. Van Allen Belt Punctures and Their Correlation With Solar Wind, Geomagnetic Activity, and ULF Waves. Journal of Geophysical Research: Space Physics, 126(1), p.e2020JA028679.
Kansal, Y., Kapur, P.K. and Sachdeva, N., 2019. Determining Best Patch Management Software using Intuitionistic Fuzzy Sets with TOPSIS. International Journal of Performability Engineering, 15(5), p.1297.
Kim, J., 2017. Cyber-security in government: reducing the risk. Computer Fraud & Security, 2017(7), pp.8-11.
Olalere, M., Ndunagu, J., Shafi’i, M. and Odey, P., 2019, April. Performance Analysis of Security Information and Event Management Solutions for Detection of Web-Based Attacks. In Cyber Secure Nigeria 2019 Conference (p. 39).
Pyrèv, M.S. and Kollerov, A.S., 2019. Retrospective Analysis Tools Of Local Area Network Traffic. UrFR Newsletter, Information Security, 4(34), pp.58-62.
Ranade, P., Piplai, A., Mittal, S., Joshi, A. and Finin, T., 2021. Generating Fake Cyber Threat Intelligence Using Transformer-Based Models. arXiv preprint arXiv:2102.04351.
Thompson, E.C., 2020. Vulnerability Management. In Designing a HIPAA-Compliant Security Operations Center (pp. 65-93). Apress, Berkeley, CA.
Websites
Bbc.com, 2020 SolarWinds: Hacked firm issues urgent security fix viewed on: 01/03/2021 from: <https://www.bbc.com/news/technology-55442732#:~:text=Network%20tools%20specialist%20SolarWinds%20has,networks%20and%20companies%20including%20Intel.>
Maria Korolov, 2020 The List of Known SolarWinds Breach Victims Grows, as Do Attack Vectors viewed on: 01/03/2021 from: <https://www.datacenterknowledge.com/security/list-known-solarwinds-breach-victims-grows-do-attack-vectors>
Know more about UniqueSubmission’s other writing services:
