Scribd Logo
Carica

Benvenuto in Scribd!

  • CC6f5Fr0TE6un Ra9NxOUQ - Applied Project - Attack Type PDF

    Caricato da

    Harleen Kaur
    162 visualizzazioni7 pagine

    Titolo originale

    CC6f5Fr0TE6un-Ra9NxOUQ_45d23c0b0b56428884fd8c1f0c2f581d_Applied-Project---Attack-type---.pdf

    Copyright

    © © All Rights Reserved

    Formati disponibili

    PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    162 visualizzazioni7 pagine

    CC6f5Fr0TE6un Ra9NxOUQ - Applied Project - Attack Type PDF

    Caricato da

    Harleen Kaur

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 7

    See discussions, stats, and author profiles for this publication at: https://www.researchgate.

    net/publication/344045076

    Attack Case Study Marriott Data Breach 2018

    Presentation · August 2020


    DOI: 10.13140/RG.2.2.13515.62247

    CITATIONS READS

    0 83

    1 author:

    Jaswanth Gudibandi
    Vasavi College of Engineering
    3 PUBLICATIONS   0 CITATIONS   

    SEE PROFILE

    Some of the authors of this publication are also working on these related projects:

    Cyber Security Case Studies View project

    All content following this page was uploaded by Jaswanth Gudibandi on 02 September 2020.

    The user has requested enhancement of the downloaded file.


    Attack Case Study
    Marriott Data Breach 2018
    Description of the Attack Category to teach the reviewer
    about the attack.
    Phishing is an attack in which the targets are contacted by an email, phone,
    or a text message. These messages usually ask the target to enter some
    sensitive information such as PII, passwords, and even Credit card details at
    times. Most of the scams usually try to impart a sense of urgency in the
    target so the target can’t think right.
    Attack Phishing is done by copyediting process to make the message look as real as
    Category: possible. Most of the users subjected to phishing attacks won’t realize that it
    was an attack until its too late.

    Possible A statistic about the type of the attack or about the case
    Phishing, PoS study company’s industry.

    Breach After obtaining the necessary credentials, the attackers installed a malware
    at the Point of Sale Cash registers. Most of these attacks happen in the
    restaurant business as in this case. 60% of PoS transactions are made via
    credit card which gives the attacker a critical chance of obtaining a lot of
    credit info.

    A report from 2017 shows that 84% of PoS breaches are in the Hospitality
    industry.
    Company description
    Marriott International is an American hospitality company founded in 1927,
    headquartered in Bethesda, Maryland, US. It is the largest hotel chain in the world
    with a total of 30 brands in 131 countries. With 21 years in the Fortune 500 list,
    Marriott international holds 151 rank in the list as of 2019. Marriott International is
    known widely for its luxurious hotels and rich customers.

    From a root beer stand to the world’s largest hotel chain, Marriott International's
    story is a true inspiration for many entrepreneurs.

    Summary of the security incident and data breach


    After acquiring Starwood Hotels in 2016, Marriott decided to continue the use of the
    previously infected IT system of the Starwood Hotels. After two years of usage, a
    security tool inside Marriott picks up a suspicious event where a user with
    administrative access requested for the guest information. After further research,
    Marriott determined that the account was accessed without the owner’s knowledge.
    Following a brief internal investigation, Marriott announced in November of 2018
    that it has been hacked and a total of 500 million customer data since 2014 may be
    in the hands of the attacker.

    In the investigation, Marriott found a Remote Access Trojan along with MimiKatz, a
    password matching tool in its network. Marriott was charged with 123 million dollars
    fine by the GDPR. A lot of individual law suits are also filed against Marriott
    International. The total cost of the breach may reach up to 1 billion dollars.

    Sources: csoonline.com, Synopsis.com


    Nov 2014: Chinese State Sponsored Attacker’s install a malware to steal debit and
    1 credit card data, PII at PoS cash registers of Starwood Hotels

    Nov 2015: Starwood Hotels report the breach with a total of 50+ hotels impacted by
    2 the breach.

    Sep 2016: Marriott International acquires Starwood Hotels for 13 billion dollars and
    3 maintains the same IT system. But the staff responsible were laid off
    Timeline
    Company Name Attack September 2018: internal security tool flagged as suspicious an attempt to access
    4 the internal guest reservation database for Marriott's Starwood brands. Marriott
    launches an internal investigation
    Nov 2018: Marriott reports the breach with a total loss of 500 million guest records
    5 including Ph numbers, Credit Card data, names, etc.

    Jul 2019: Marriott was fined with 123 million dollars GDPR fine and potentially much
    6 more is expected to be paid.

    February 2020: Marriott reports another breach in tow of its hotels by possible
    7 phishing schemes.
    Overall Summary Vulnerability #1 Vulnerability #2
    Employee Education Log Analysis, Detection
    Marriott International Summary Summary
    reported that it was Employee details were Attackers encrypted the data
    breached in November estimated to be obtained via in Marriott’s servers which
    2018. The breach was phishing. Marriott did not made it harder to detect in
    believed to have begun reveal a lot of details about the logs. Although it was finally
    in 2014 when the hacked attack and this was the picked up, the breach was
    system was a part of deducible conclusion from its already going on for about
    Starwood Hotel’s. CEO’s words four years by the time it came
    Following the merger, to notice.
    Marriott did not
    Vulnerabilities integrate the system to
    a central security system Vulnerability #3 Vulnerability #4
    and rather maintained No centralized Security Absence of Defense In
    the same systems as System Depth
    before. The attackers
    Summary Summary
    used RAT, and MimiKatz
    Even though Marriott was Absence of proper in-depth
    to obtain the guest list
    aware of the previous attacks safety measures allowed the
    along with their travel
    on the system, they decided to attackers to access potentially
    details and credit card
    use the same hotel’s system valuable customer information
    details. The keys to
    instead of making a undetected for many years.
    credit card encryptions
    centralized security system.
    were also believed to be
    This resulted in late detection.
    breached.
    Costs Prevention
    • 123 Million Dollars in GDPR fines • Maintaining and securing the PoS cash registers

    • A total estimate of 1 billion dollars as overall costs • Auditing the Starwood IT system after acquisition

    • Marriot agreed to provide the compensation for a new • Integrating the Starwood IT system with a centralized

    passport along with credit charges if fraud was security system.

    committed. • Better Log analysis and detection principles automated

    Further information to be revealed by the organization. by Artificial intelligence.

    • Regular audits of all the systems involved with industry

    specific requirements.

    • Use of multi-factor authentication to access guest data

    None of the Info was put up for sale on the Dark web
    View publication stats

    Potrebbero piacerti anche