Week 02: TCP/IP and Network Architecture

In the News: 

Millions of Hotel Guests Worldwide Caught Up in Mass Data Leak

Due to a cloud misconfiguration users of a popular reservation platform threaten travelers with identity theft, scams, credit-card fraud and vacation-stealing. The misconfigured Amazon Web Services S3 bucket. Revealed the records include sensitive data and credit-card details. The Prestige Software’s “Cloud Hospitality” is used by hotels to integrate their reservation systems with online booking websites like Expedia and Booking.com.

The company was storing years of credit-card data from hotel guests and travel agents without any protection in place, putting millions of people at risk of fraud and online attacks, “The S3 bucket contained over 180,000 records from August 2020 alone. Many of them related to hotel reservations being made on numerous websites, despite global hotel bookings being at an all-time low for this period.”

Week 2: 

Readings: 

The Open Systems Interconnection (OSI) model describes seven layers that computer systems use to communicate over a network. There are 7 layers in the OSI model 

Application Layer

Presentation Layer 

Session Layer 

Transport Layer 

Network Layer 

Data Link Layer 

Physical Layer 

The Application layer is the top most layer of TCP/IP Model that provides the interface between the applications and network. Application layer is used exchange messages. Some of the devices used in Application layer are,

• PC’s (Personal Computer), Phones, Servers
• Gateways and Firewalls

Transport layer is responsible for end-to-end communication (or process-to-process communication). Some of the transport layer devices are, Firewalls and Gateways The network layer is responsible for creating routing table, and based on routing table, forwarding of the input request. Some of the Devices used in Network Layer are, Routers. A router helps you connect multiple devices to the Internet, and connect the devices to each other

 

Data Link layer is responsible to transfer data hop by hop (i.e within the same LAN, from one device to another device) based on the MAC address. Some of the devices used in Data Link layer are, Bridges, Modems and Internet Cards 

Physical layer of TCP/IP model is responsible for physical connectivity of two devices. Some of the devices used in Physical layers are, Cables, Hubs and Repeaters 

………………………………………………………………………………………………………………………………………………………………………………………..

 

 

 

 

 

 

 

. 

 

What will be interesting is to actually discover how the scammers got access to the information of Ritz guest,  the article does not disclose yet as investigations are still ongoing but it is quite interesting to know the outcome and how such personal information was obtained.

Scammers phoned guests to “confirm” their credit card details for reservations.

In a series of messages posted to Twitter dated August 15, the luxury hotel chain said that on August 12, the company was made aware of a “potential data breach within our food and beverage reservation system.”

The scammers phoned Ritz restaurant reservation holders with the “exact” details of their bookings, while requesting the confirmation of their payment card details.

The fraudsters, pretending to be Ritz employees, used call ID spoofing to appear to be from the hotel.

“We immediately launched an investigation to identify the cause of the breach, which is ongoing, to find out what happened, how and to prevent this from happening again,” the hotel chain says.

The UK’s Information Commissioner’s Office (ICO) has been informed of the security incident.

https://www.zdnet.com/article/ritz-london-struck-by-data-breach-fraudsters-pose-as-staff-in-credit-card-data-scam/

Northwestern Memorial HealthCare had notified around 56,000 donors and patients that their personal recorders were being comprised earlier this year (Jimenez, 2020). One of the hospital vendor Blackbaud, had an successful attack on their system earlier this year and as a result unauthorized person was able to access the hospital systems. The hospital has also notified the U.S. Department of Health and Human Services along with the patients those data was being breach. After the investigation, the hospital has confirmed that the data that was being access was only the donor’s or patient’s personal information and not their health information. Hospital has also confirmed that the attack was not on their health care system which those system includes the electronic medical records.  Blackbaud believes that the data that was being compromised that no reason to get misused or made publicly available. They have also said that the intention for the attack was to only disturb the business by encrypting their systems which they company was successful to prevent from happening. Blackbuad has also hired an third-party team to monitor the black web to monitor for any of the data that are being compromised.

 

References:

Jimenez, A. 2020. Northwestern Memorial HealthCare warns 56,000 donors and patients about data breach. Retrieved from: https://www.chicagotribune.com/business/ct-biz-northwestern-medicine-data-breach-56000-individuals-20200904-bvizgdmwcrcuvou7fv3rx4b2au-story.html

 

Intro-to-Ethical-Hacking-Week-2