Introduction

For every company, it is important to have a strategic plan in case of a crisis. Risks are never predetermined, and the future is always unsure. That is why a healthy organization has a laid-out plan in case of the worst-case scenarios. Even with technology making work easier, cyber crimes have increased, making it a risk to apply. 

Organizations, therefore, set aside a team so that incase of a crisis, they may set aside a predetermined plan and apply it in the most efficient way possible to ensure the strategy they came up with works to minimize losses that the company may experience.

Equifax

Equifax is a private company headquartered in Atlanta, Georgia, in the United States of America. This company has been running for over a hundred years. Equifax Inc started as a retail company and was founded by Cator Woolford and Guy Woolford in 1899. Currently, it has been recorded as one of the big three companies, alongside Experian and TransUnion. Equifax is part of the credit and risk assessment industry. Its main functions include selling credit and demographic data to its consumers (Schwinn, 2011).

Furthermore, consumers are directly offered credit monitoring services as well as fraud prevention services. According to statistical inferences, by 2019, its consumers included over 800 million consumers and 88 million businesses. It is facilitated by the fact that it is a company that offers its services worldwide. Their revenue had been substantial, although it has shown a noticeable decrease in the past years. Equifax is a company that greatly gives back to society as it has offered job opportunities to over 11,000 people.

 

 

Data breaches

The Equifax data breach that occurred in 2017 March is one of the greatest data breaches to have ever been known. According to sources and reports, it was caused by a vulnerability that the company had not detected from previous scans and was therefore left unpatched. The company was initially hacked via a consumer complaint web portal. The attackers used a widely known vulnerability that should have been patched but wasn't due to Equifax's internal processes failures. This vulnerability was present in Apache struts, with the code CVE-2017-5638. 

An attacker took advantage of this vulnerability with the purpose of data theft. After intruding on the system via a customer complaints page, it was easy for attackers to get more access to the database. It was made possible by the absence of adequate segmentation, making access from the web portal to the company's servers quite easy. Furthermore, records and personal information were found recorded in plain text. Consequently, data from Equifax was exfiltrated but undetected for 76 days. 

It led to consumers losing trust in the company since much of their financial health was recorded there. Forty-four million consumers lost their data. Although Equinox observed the dark web for days, nobody sold the data. It was concluded that the Chinese government meant to observe American patterns, and the law convicted Asian foreigners. Accusations were made, and guilty charges were placed on people who worked in Equinox, and their crime was working as inside men and the data extractors. These accusations rose as a result of the high stock sales that were made during the period.

Their slow response was criticized, and their poor security measures, yet data was their source of income. Their carelessness included failure to renew their security certificates, and the evidence of an unmonitored encrypted network was overwhelming. The aftermath showed no promises of a bright future.

Strategies and Management

Being a credit bureau, Equifax is involved in the collection of data, analytics together with technology. It is involved in the generation of credit reports and their borrowers' scores by tracking their credit history. The organization gets its information directly from credit companies. This information is then sold to banks to determine the risk involved in dealing with their customers credit-wise. As it began, the brother's Carter and Guy recorded details of greengrocers and sold the information to merchants offering a ready market for them. It is the business trend that is still to date, only the diversity in the consumer type. The information on Equifax databases is very accurate and up to date. Every transaction is highlighted, including timely payment as well as the late ones. This report may contain bankruptcy details as well.

Since they are a storage of a lot of information, data breaches are their greatest risk.

A consumer involved with Equinox has a lot of exposed information such as their date of birth, social security numbers, and even their location, no matter how discreet they decide to keep it. Large amounts of information for a large population such as this one may attract many people no matter the lump sum they get to pay. A single malfunction could lead to a lot of damage. Even worse, the company is bound to face high losses to reinstate the company. Consumers who get be affected by such an occurrence may withdraw due to a lack of trust and confidence in the company, leading to revenue loss. Picking up traces will be hard, and the company might fall at risk of collapsing totally.

After Equifax discovered data extraction, they invested 1.4 billion dollars in fixing all the security patches. They also invested in the investigation of the previous breach. To recover their consumers, they resolved to use social media activity where they communicated with their customers. They also set up a domain where users could confirm the leak in their information to build their trust. They paid 125 dollars to every affected consumer. They also enrolled affected people in a free Equifax ID. They invested in patching up vulnerabilities to prevent future attacks. They also upgraded and renewed their security gear.

Observing data and monitoring data transfer were also made a priority. Restriction of data to the single machine is a mitigation plan to prevent data access from the web in case of a data breach occurrence from a web vulnerability. Over the years, their financial performance has been rising gradually, but it has shown a reasonable decline after the data breach. Consumers root for the services offered since they have been very effective over the past few decades.

Risk analysis

These are tools and methods that are used to ensure company safety. Political factors are the laws and regulations a company can run on (Clarke, 2018). Equifax was required to give one free credit service to its consumers by the law. After the major data breach, they were asked to pay a fine (Kenny, 2018, p. 13). The numbers of political contributions they are involved in are otherwise very limited and only contribute where the law permits. They were involved in the payment of legislative taxes and were affected by laws such as working hours of the workers, protection of intellectual property, and employee benefits.

Otherwise, the analysis with the most impact on Equifax is legal since the organization deals with private information. Laws such as the anti-trust law in credit services in the credit bureau industry are of great impact. Intellectual properties as they apply people's ideas in their maneuvers are very sensitive. Consumer protection in data breaches was not followed but should have been an influential factor. Data protection laws and health and safety directly affect the company—anti-trust law in the Credit Services industry and overall in the country. Being one of the big three companies, Equifax faces stiff competition from TransUnion. 

Crisis Management Plan

A crisis is an occurrence that is more often than not uncalled. It is mostly an occurrence that requires immediate attention to reduce losses or, in better cases, prevent losses. The purpose of a crisis management plan is to lay down a path to be followed in case a crisis occurs. This path could include a series of steps that need to be followed to survive an organization. If I were a significant head in Equifax, for instance, I would set the purpose of my crisis management plan to ensure consumer trust and confidence no matter the company's crisis.

A committee for a crisis management plan is a team of experts entitled to the responsibilities of coming up with strategies, which involves planning and on-point preparation in case of an emergency. They are also involved in the communication of the procedures involved and the training of the people in the organization on the steps they are supposed to carry out in case a crisis occurs. This committee should be willing to meet as frequently as possible because the future possesses uncertainty. Their main objectives are to protect assets and employees and ensure that no matter the blow the company faces, it can start up again and gradually increase in revenue.

My strategic committee would include a specialist in Information Technology, A white Hat hacker, and people involved in general human safety such as the police and an in-call emergency facility in case of a crisis that involves lives at risk, such as a fire.

A crisis is likely to occur in several forms, all unpredictable. They could occur in the form of natural calamities such as tsunamis and hurricanes that may lead to the destruction of permanent assets or severe weather events such as flooding or drought. Biological hazards may lead to a minimal workforce. The employees may be tired and fail to work efficiently, or a pandemic may lead to the closure of physical offices.

Unanticipated events such as a smoking customer causing an unintended fire is also a crisis. Intentional crisis such as mass destruction of property during a strike or selling data to an adversary by an inside person is also critical. Network issues may exist and cause slack in customer service. In a data-dependent company such as Equifax, all these could cause panic, but the most dent is caused by cyber-attacks and extraction of information. It is impossible to handle all these crises at once unless a strong strategy is put in place.

A crisis management team is more efficient if it has a defined structure, with everyone in the team having a role to play. It is a wise choice to put in members who are already employees in the organization. Human resource managers are beneficial in the team, as well as department heads if the issue involved arises from a department, senior managers to help in instructing the employees on a strategy to be imposed, public relations representatives are an important addition as well (Kendrick, 2017, p. 157-164).

It is advantageous if the consumers are affected to know how bad a situation is, and the company struggles to ensure things go back to normal in the shortest possible time. After all, they are stakeholders in an organization as they bring in revenue. Information Technology gurus should also be present to ensure that it is fixed before the damages are worsened in case of a data breach. The security team should also have representatives, both the network security team and the company's physical security detail. This team should be organized in a chain of command system to ensure respect and that each member knows who to report.

            Each member in this team is supposed to be an active contributor to perfect ideas that may be most effective in managing the crisis at hand and predicting future occurrences and means for handling them. They should also be swift in responding to matters that put the company at risk of collapsing.

Implementation should start immediately after the crisis is spotted. If the crisis were a data breach, the first step would be to ensure no more data is extracted from the organization's database. After this, we would inform the public in the kindest ways possible, expecting the worst, but honesty works out in most cases. Investing in hacking is an important step as it contributes to how the data is meant to be used on the dark web and to ensure consumers are not subjected to crimes such as fraud on the company's account.

The protocol to be followed is the people outside the managing body should not be informed until the root cause is determined and the data breach risk has been verified. After that, mitigation of losses begins, and the risk is controlled, for instance, by stopping the extraction of information. Consumers will only be informed if the damages are large to maintain consumer confidence, but only after the company has tried resuscitation of the situation fast.

Priorities will be placed on the path, the strategic plan that leads to minimal loss while maintaining revenue flow if it involves maintaining secrecy, as long as the company's structure and flow of revenue are maintained. While on it, security breach paths will be in the process of being advanced and upgraded as a reactive risk mitigation structure. After all, a crisis management strategy is supposed to ensure the minimization of losses. 

Conclusion

The most disturbing fact about Equifax after their data breach is how they handled the situation. The delay in relaying information worsened the consumer anxiety about how much damage had been done while they held on to the information (Zoy, 2018, p. 197-216). However, that was the strategy they saw best, and results are often just anticipation. Consumer confidence also dropped due to Negligence, like failure to update systems. A few lessons to be learned include that no matter how encrypted data is, it never hurts if an organization secures its data a notch higher. Data is never secure, and one way or another, loopholes will still be located and taken advantage of. Negligence of employees should not be taken lightly, and data transfer should be frequently monitored to minimize a crisis that takes a long time before it is detected. The ultimate crisis management is to ensure all areas a crisis is likely to occur from are secured prior.

 

Why Prosecuting Cyber Criminals Is Hard

Introduction

Now more than ever, technology is applied in all aspects of human life. Everyone needs to stay digitally updated to survive on this highly techno-oriented planet. While technology makes life easier in business, education, social life, entertainment, and other aspects of our daily lives, how do we maintain safety, security, and confidence in our digital world? According to cybersecurity reports, one cyber attack takes place every second, leading to a total of roughly 2,200 cyberattacks per day (Gartzke, 2017, p. 37-48). Despite the awareness of cybercriminals and security approaches applied by most organizations and individuals, the cybercriminals still get ahead of everyone and attack any internet-connected device and information. So, why is it hard to prosecute cybercriminals?

Challenges in persecuting cybercriminals

Internet criminals target businesses, online learners, social media users, big and small organizations, and anyone surfing the internet (Shulzhenko & Romashkin, 2020, p. 162-172). Anyone is a target, whether you're a know-it-all internet user or amateur in digital-related stuff. Some of the online crimes include;

• Online vehicle sales fraud
• Ransomware
• Bond fraud
• Romance scams
• Sextortion
• Investment fraud
• Illegal sports betting
• Identity theft
• Healthcare fraud
• Business e-mail compromise scam

Though most cases are reported to agencies of cybersecurity, some events are dismissed without being investigated. For cases that are looked into and succeed in getting to court, most criminals are released unexpectedly, and this happens because of;

Lack of cooperation from countries-China, the USA and Russia are the leading countries for cyber criminality. Cyber security is a highly abroad-oriented issue, and these other countries don't take so much consideration in trying to improve the safety of their citizens. The less developed countries technology-wise focus more on other threatening issues like economic and education. They forget that cyber insecurity is one of the main factors that delay the country's development. It'll be a mutual advantage if all governments help each other to reduce cybercrime.

Cybercriminal's smartness-Without a doubt, cybercriminals are intelligent people, and they know how to play their game without getting caught. These ruthless individuals are so good at hiding their real identity and location. They are hidden in a dark web that is difficult to unfold. Even intelligent agencies like the FBI are sometimes unable to uncover these criminals. Online attackers use VPNs and proxies to cover their actual IP address making it highly challenging to trace their location.

Insufficient laws-There are inadequate laws that support the latest technology. Attackers can easily win a case in a court through an appeal because the reported crime does not fit the law applied in the persecution process.

Inadequate reporting- According to General Data Protection Regulation, companies should report cyber criminality as soon as possible. Most firms are not ready to admit they're hacked because of the fear that customers will consider them not secured enough. Because of this, authorities are not notified to investigate such cases, and persecution of the attackers remains non-existent.

My Personal experience

Due to the pandemic, e-learning has become our way of learning. Sadly, this has made me a victim of ransomware, and I'm sure other scholars have experienced the same too. I received a phishing spam attachment in my g-mail which appeared as a file I could trust. After downloading and opening it, it tricked me into accessing some unknown administrative access. Therefore, this gave the attackers a chance to encrypt my important school's files. I received a message stating that my documents will remain inaccessible until I send an untraceable ransom to them in the form of bitcoin payment.

Outside source for cyber criminality

According to the article on security and emergency by Grispos (2019), the primary digital crimes include phishing, Ad clicking, hacking, keylogging, hijacking, cyberbullying, and denial of services. These issues are the main concern for the international cyber security council.

The article also claims that the best way to handle digital criminals is by maximizing national law and agencies working together abilities, combining and updating related laws, and improving the investigation process. Doing so is effective, which will lead to great results. My argument is that the focus should be on educating individuals on avoiding the attackers and what to do when the damage has already occurred. Without a doubt, this will be more effective, and all individuals will have fewer chances of being cyber-crime victims.

 

 

Conclusion

Digital criminals will continue to attack internet users. Unless quick and effective action is made, people will continue being attacked, and cybercriminals will remain conquerors. All individuals should get educated on online attacks. Persecuting cybercriminals won't be a difficult thing if each person takes the initiative of helping cyber security agencies in putting an end to cyber insecurity!

Norsk Hydro Company

Introduction

When it comes to cyber-attacks, you may think that individuals and small businesses are the only victims. That's not always the case. Even big companies have been preyed on by cyber attackers. It's only that big organizations are usually quick to act on their recovery plan (Singh 2020). In some cases, the incident may remain unknown forever because of how good organizations hide their weaknesses. 

Norsk Hydro Company is a popular company that has successfully met individual's essentials like materials, energy, and food. It has focused on light metals, agricultural chemicals, oil and fuel. Despite having well-maintained security, it still became a victim of digital crime. 

Disaster experienced by Norsk Hydro

Being a hydroelectric company, Norsk integrates technology and adapts digital styles to effectively provide satisfying services and products to its customers. It has 35000 employees in about 40 countries. It's a globally-operation based company, and it has lots of followers, making it a target for cybercriminals.

In March, this well-performing company faced a negative turnover (Leppanen 2019). One of its employees noticed an abnormal behavior in their computer software. Suddenly, the screens turned off in stations of all the countries the company operates in. After all the systems went off, a ransom notification was sent, and this the staff knew something was not right. What this organization feared the most had happened. The events took place during the late-night hours, and by 5 am the next morning, the company's main associates were informed, and quick decisions were made to handle the situation. Afterwards, the shareholders and media were called.

Quick action was needed at that particular time to avoid more damage. All the computers and servers were completely shut down and disconnected from each other. Being a large, established company, it approached experts from IBM and Microsoft. No employee was allowed to connect with their network. The whole company's activities were stopped, and only manual processes were used. Communication between the company and its clients was completely disrupted. The feedback route remained active as Facebook and employees used their phones to reach out to the outside world. A temporary website was set up, and hydro's URL was reconnected to it. Through it, clients globally were notified that the firm was attacked digitally and was offered more information to stay updated (Leppanen 2019)

What caused the cyber attack?

Norsk Hydro was affected by LockerGoga. This virus operated by suspiciously gaining access to a system and disrupting the user's password, disconnecting them out, and denying them access to the system. In addition, it locked specific stored data in laptops, desktops, and servers associated with the network. Once it accomplishes all these unpleasant activities, it'll leave a ransom notification before finally disconnecting all the access in the company's system.

How did Norsk hydro recover?

The fact that Norsk managed to recover quickly from the attack is not surprising. Their fast response in alerting relevant persons about the attack and their openness from the beginning till the end helped them maintain their good image. At all means, they remained in touch with the clients and the shareholders. They made good use of Facebook and webcasts to assure the company would recover as soon as possible. Having alternatives ready and being quick at using these options and employee's togetherness and positive attitude is generally the reason for the company's fast recovery.

Without a doubt, Norsk's way of handling the situation was the best. They applied the right approach in the personal, security, and technical areas. The attacker had attacked the access points in the networks, making the entire operation infected. This lockerGoga was intentionally planted in the crucial sectors of the company's systems. Still, the experiences helped the company take precautions and introduce more security in their networks, especially the endpoints of the network.

My argument is that high-profile attacks will continue to occur if no better strategies are put into place. Norsk might have successfully protected themselves from further damage because of their preparedness. But next time, they may not succeed to do the same. The best solution will be for the security sector to work together. System vendors should implement detection systems in the networks to alert the users anytime an unusual operation is being carried out in the accessibility points of networks.

My personal experience

Months below the line, I also experienced a ransomware attack. I received an email that seemed to be from a natural source. Once I clicked the attachment, a malicious program got downloaded on its own and snatched some of my stored files. I could not access important data, and the attackers threatened to block accessibility until I paid the ransom they were asking for. This attack was a great disaster because I needed the locked files for my classwork. Fortunately, I did not have to pay the ransom those attackers wanted. I had backed up all my files the previous day, so I only lost productivity on that particular day. The backup helped me to experience only an inconvenience and not a disaster of losing my entire data.

 

 

The recovery process from a digital crime disaster

1. Layout the company's objectives and choose the solutions you'll use. This stage involves planning and designing the relevant governance strategies, risk management solutions, asset control, risk assessment, and business environment.
2. Implementing isolation and replication technologies by having controlled access, spreading awareness and training, enabling data security, adapting protective technology, and using safe processes and procedures to protect your data.
3. Carry out analysis of data- look at the engines, detection systems, abnormal events, and understand the behavior of the systems.
4. Establish restoration and recovery plan- it involves responding to the planning made in the first step, using communications, analysis, mitigations, and making improvements where necessary.

Conclusion

Cyber attacks can largely affect the company's productivity and cause a great loss which will take time to recover (Pl?ta, 2020). A firm that is prepared in advance will have reduced inconveniences or may not even experience disastrous events. For firms with no plan, it may take a long time before recovering. What remains the sure thing is that having a well-created recovery process will always protect companies from experience adverse disasters.

Prosecuting Cyber Criminals Is Hard Outlines

Thesis statement: Despite the awareness of cybercriminals and security approaches applied by most organizations and individuals, the cybercriminals still get ahead of everyone and attack any internet-connected device and information.

1. Introduction
   1. Technology is applied in all aspects of human life.
   2. According to cybersecurity reports, one cyber attack takes place every second, leading to a total of roughly 2,200 cyberattacks per day.
2. Challenges in persecuting cybercriminals

1. Lack of cooperation from countries
2. Cybercriminal’s smartness
3. Insufficient laws
4. Inadequate reporting

3. My personal experience

A victim of ransomware

4. An outside source of cyber criminality

The primary digital crimes include phishing, Ad clicking, hacking, keylogging, hijacking, cyberbullying, and denial of services.

5. Conclusion

Digital criminals will continue to attack internet users. Unless quick and effective action is made, people will continue being attacked, and cybercriminals will remain conquerors.

OUTLINE FOR RECOVERY PROCESS AFTER A DISASTER

Thesis statement: Norsk Hydro is a popular company that has successfully met individuals' essentials like materials, energy, and food. It has focused on light metals, agricultural chemicals, oil, and energy. Despite having well-maintained security, it still became a victim of digital crime.

1. Introduction

1. Cyber attacks do not affect individuals and small businesses only.
2. Even big companies have been preyed on by cyber attackers. It's only that big organizations are usually quick to act on their recovery plan.

2. Disaster experienced by Norsk Hydro

1. Abnormal behavior in their computer software.
2. Screens turned off in stations of all the countries the company operates in.
3. A ransomware notification was sent.

3. What caused the cyber attack

Norsk Hydro was affected by LockerGoga. It gained access to the system and disrupted users' passwords, disconnecting them and denying them access to the system.

4. How did Norsk Hydro recover?

1. Fast response in alerting relevant persons about the attack
2. They made good use of Facebook and webcasts
3. Their openness of the situation from the beginning

5. My personal experience

I experienced a ransomware attack

6. The recovery process from a digital crime disaster

1. Layout the company's objectives and choose the solutions you'll use
2. Implementing isolation and replication technologies
3. Carry out analysis of data
4. Establish restoration and recovery plan

7. Conclusion

Having a well-created recovery process will always protect companies from experiencing adverse disasters.

Crisis Management Plan Outline

Thesis statement: Organizations, therefore, set aside a team so that Incase of a crisis, they may set aside a plan that was predetermined and apply it in the most efficient way possible to ensure the strategy they came up with works to minimize losses that the company may experience.

1. Introduction
   1. For every company, it is important to have a strategic plan in case of the occurrence of a crisis. 
   2. Even with technology making work easier, cyber crimes have increased, making it a risk to apply. 
   3. Organizations, therefore, set aside a team so that Incase of a crisis, they may set aside a predetermined plan and apply it in the most efficient way possible to ensure the strategy they came up with works to minimize losses that the company may experience.
2. Equifax

1. Equifax is a private company headquartered in Atlanta, Georgia, in the United States of America. 
2. Equifax Inc started as a retail company and was founded by Cator Woolford and Guy Woolford in 1899. 
3. Equifax is part of the credit and risk assessment industry. Its main functions include selling credit and demographic data to its consumers ( Schwinn, 2011). 
4. Their revenue had been substantial, although it has shown a noticeable decrease in the past years. 

3. Data breaches

1. The Equifax data breach that occurred in 2017 March is one of the greatest data breaches to have ever been known. 
2. The company was initially hacked via a consumer complaint web portal. The attackers used a widely known vulnerability that should have been patched but weren't due to failures in Equifax's internal processes.
3. After intruding on the system via a customer complaints page, it was easy for attackers to get more access to the database. 
4. Consequently, data from Equifax was exfiltrated but undetected for 76 days. 
5. Accusations were made, and guilty charges were placed on people who worked in Equinox, and their crime was working as inside men and the data extractors. 
6. Their slow response was criticized, and their poor security measures, yet data was their source of income. 

4. Strategies and Management
   1. It is involved in the generation of credit reports and their borrowers' scores by tracking their credit history. 
   2. Since they are a storage of a lot of information, data breaches are their greatest risk. 
   3. After Equifax discovered data extraction, they invested 1.4 billion dollars in fixing all the security patches. 
   4. Restriction of data to the single machine is a mitigation plan to prevent data access from the web In case of a data breach occurrence from a web vulnerability.
   5. Over the years, their financial performance has been rising gradually, but it has shown a reasonable decline after the data breach. 
5. Risk analysis
   1. These are tools and methods that are used to ensure company safety.
   2. Political factors are the laws and regulations a company can run on ( Clarke, 2018).
   3. The number of political contributions they are involved in is otherwise very limited and only contribute where the law permits. 
   4. Laws such as the anti-trust law in credit services in the credit bureau industry are of great impact. 
   5. Consumer protection in data breaches was not followed but should have been an affected factor.
   6. Being one of the big three companies, Equifax faces stiff competition from TransUnion. 
6. Crisis Management Plan
   1. A crisis is an occurrence that is more often than not uncalled for. It is mostly an occurrence that requires immediate attention to reduce losses or, in better cases, prevent losses. 
   2. The purpose of a crisis management plan is to lay down a path to be followed in case a crisis occurs.
   3. A committee for a crisis management plan is a team of experts entitled to the responsibilities of coming up with strategies, which involves planning and on-point preparation in case of an emergency. 
   4. Their main objectives are to protect assets and employees and ensure that no matter the blow the company faces, it can start up again and gradually increase in revenue. 
   5. A crisis is likely to occur in several forms, all unpredictable. 
   6. In a data-dependent company such as Equifax, all these could cause panic, but the most dent is caused by cyber-attacks and extraction of information. 
   7. A crisis management team is more efficient if it has a defined structure, with everyone in the group having a role to play.
   8. It is a wise choice to put in members who are already employees in the organization. 
   1. This team should be organized in a chain of command system to ensure respect is maintained, and each member knows who to report to.
   10. Each member in this team is supposed to be an active contributor to excellent ideas that may be most effective in managing the crisis at hand and predicting future occurrences and means for handling them. 
   11. Implementation should start immediately after the crisis is spotted. 
   50. The protocol to be followed is the people outside the managing body should not be informed until the root cause is determined and the data breac