Detailed Notes on eBay Data Breach and Cybersecurity

Abstract

  • Overview of security services to protect systems against risks, focused on eBay’s February 2014 data breach as a case study.
  • Discussion on security policies that not only detect risks but also assure system protection.
  • Importance of human factors in security systems and awareness of security procedures.

Introduction

  • Definition of computer security: mechanisms ensuring confidentiality, integrity, and availability of information systems.
  • Major targets for cybercriminals include large organizations like eBay.
  • Case study of eBay: methods of breach, intentions of hackers, vulnerabilities, and countermeasures.
  • Background of eBay, founded in September 1995 by Pierre Omidyar.

Literature Review

  • Shift in funding towards essential security measures in organizations (Yuri & Erdal, 2022).
  • CIA Triad:
    • Confidentiality: Restricts access via encryption.
    • Integrity: Ensures no unauthorized alterations, typically through hashing.
    • Availability: Ensures systems are operational for authorized users, using load balancing and fault tolerance.
  • February 2014 breach: affected 145 million users; exposed personal details.
  • Criticism towards eBay’s delayed communication to affected users and the manner of password reset prompt.

Incident Overview

  • Breach occurred due to compromised login credentials of three employees.
  • eBay discovered the breach two weeks prior to public announcement on May 21, 2014.
  • Financial information was not exposed, but personal data was vulnerable to identity theft.
  • eBay’s initial statement was posted on a less trafficked corporate website.

Discussion and Analysis

  • McCumber Cube Model (1991): Framework for assessing information security programs.
    • 1st Dimension - Information security properties: Confidentiality, Integrity, Availability.
    • 2nd Dimension - Information states: Processing, Storage, Transmission.
    • 3rd Dimension - Safeguards: Rules and methods necessary for organizational security.
  • Importance of user education on security policies to enhance security effectiveness.

Security Policies and Procedures

  • Access Control: Limits user permissions based on their roles.
  • Authentication: Confirms user identity through passwords, biometrics, or smart cards.
  • Physical Security: Protects sensitive documents and devices.
  • Social Engineering: Attacker manipulates individuals to divulge confidential information.
  • Importance of Due Care and Due Diligence in organizational security measures.

Incident Response and Risk Analysis

  • Incident response strategies are critical for managing breaches and establishing a response framework.
  • eBay’s response analyzed as ineffective; delayed communication post-breach.
  • Risk analysis: evaluation of potential losses from system vulnerabilities and the cost of protective measures.
    • Assess data resources: Value, exposure, protection costs, and potential loss impact.

Disaster Recovery Planning

  • Essential to maintain data accessibility during disasters.
  • Plans may be informal (mutual arrangements) or formal (dedicated backup locations).
  • Importance of informing users about potential phishing attacks following data breaches.

Cyber Threat Landscape

  • Evolving threats like ransomware (e.g., WannaCry) created significant challenges for organizations.
  • Three-dimensional approach to security: Detection, Prevention, Response.
    • Effective detection measures can mitigate intrusions before they escalate.

Conclusions and Recommendations

  • Assumption of security is flawed; every system is vulnerable to exploits.
  • Organizations should prioritize computer security to safeguard sensitive information from cyber threats.
  • Security experts must develop and enforce not only technical solutions but also foster a culture of security awareness within organizations.
  • Different types of computer security (Network, Application, Endpoint, Information) must be addressed comprehensively.