Report Writing - Incident Report PDF

Title	Report Writing - Incident Report
Author	Wardina Haidi Jauhari
Course	Information system interaction and consultation
Institution	Universiti Teknologi MARA
Pages	12
File Size	438.9 KB
File Type	PDF
Total Downloads	757
Total Views	843

Preview

CLICK TO PREVIEW PDF

Summary

Description

FACULTY OF INFORMATION MANAGEMENT

BACHELOR OF INFORMATION SCIENCE (HONS.) LIBRARY MANAGEMENT (IM244)

INFORMATION SYSTEMS INTERACTION AND CONSULTATION (IMS556)

INDIVIDUAL ASSIGNMENT: INCIDENT REPORT

PREPARED FOR: MADAM HAZILA BINTI TIMAN

PREPARED BY: WARDINA HAIDI BINTI JAUHARI 2021101129

GROUP: IM2443A

SUMBISSION DATE: 23RD MAY 2021

ACKNOWLEDGEMENT

Praises to Allah AlMighty, I am able to complete this assignment with no further complication. I thank Him for the peace He gave me while completing this assignment as I thank Him for the inspiration and the ideas that seem to rain on me while writing this assignment.

I would also like to thank our lecturer, Madam Hazila for all the guidance she gave while I was struggling to finish this assignment. I will forever be in debt of all the teachings and knowledge that she passes on to me and our classmates. Her wisdom and advice are what keeps me going with this assignment.

I would also like to thank my beloved classmates of IM2443A for the support and help that I received whenever Madam is not around. With the help of all these individuals, I was able to fully complete my assignment and for that, I am forever grateful.

Finally, I would love to show my gratification towards my parents, who had not been for their constant prayers and support, I would not even be here today. With that, I hoped that all the individuals mentioned here would have a blissful day.

TABLE OF CONTENT

NO.

CONTENT

PAGE

1.

Overview Purpose Summary of the incident Action taken When/where/who Contents of the report

1 1 1 1 1–2 2

2.

Recommendation to the management Findings/results Implications Recommendations Rationale Costs and benefits

3.

Incident Description Immediate action taken

3–4 4 4

4.

The incident investigation Methods of investigation Analyse causes Constraints Assumptions

5 5 5 5 5–6

5.

Follow-up actions Actions taken Next steps

6 6 6–7

6.

References and attachments

7–8

7.

Document control information

8–9

2 2 2 3 3 3

1

Overview Purpose The purpose of the study is to determine mishap faced by Malaysian Airlines which is an information and data security breach. It is considered as the largest security breach that impacted the organization with the breach of personal data of the employees and members present in the organization. Summary of the incident The incident surrounds the data security incident which is breached with the inclusion of thirdparty services. The software implemented by the company was of Singtel and it was illegally attacked by the unidentified hackers that were determined in the chosen case incident. The telecommunication giant was also impacted by the standalone system which was implemented by the company to share the information internally as well as the external stakeholders are seen to be also impacted. This incident leads to the establishment of impact on the business processes as the internal information breach is determined in this situation. Accellion also advised that the former part of the breach is seen to be raised due to the inappropriate monitoring of the software and the actions that are feasible for the hackers to access the files. As a result of this, it impacted Malaysian Airlines and also lead to the establishment of a breach environment for the organization (Alsmadi, 2018). Action taken As per the actions taken, it clearly reflects that the monitoring of the data recovery process is integrated to recover the lost data and also Malaysian Airlines aims to improve the IT infrastructure present in the company. The alerting environment is created so that the breaching can be easily prohibited or can be stopped during the intrusion of hackers. When /where /who The CEO of Malaysian Airlines and Singtel were involved in the execution of action taking process to strengthen the security environment. It simply reflects that as a similar attack was made between 2010 to 2019, the companies did not take any kind of strict actions to strengthen the data security. Due to this reason, it is establishing impact on both the organizations as well as the trust of the customers is breached. Now, they are concerned related to strengthen security

2

and also they aim to improve data safety with the integration of advanced information technologies (Chaturvedi, Chaturvedi & Agarwal, 2015). Contents of the report The contents of the report surround the representation of the overview of the incident, recommendation to management, incident analysis and investigation, follow-up actions, references including attachment and document control information. The overview of the incident is consisting of purpose, a summary of the incident, actions taken, and when/where/how. The recommendation to management is consisting of findings/results, implications, recommendations, rationale, and cost and benefits analysis. The incident analysis and investigation consist of a description of the incident, immediate action is taken, methods of investigation, analysing the cause, constraints, and assumptions. The follow-up actions include the actions taken and the next steps that should be undertaken by the company to make growth in the security (Gomer & Simperl, 2020). The references and attachment is take account of and the document control information is consisting of revision history including prepared, reviewed and approved by the Singtel board of executives.

Recommendation to the management Findings/results According to the incident, it illustrates that the inappropriate security of data is maintained by Malaysian Airlines and also in Singtel. As Malaysia Airlines was using third-party data security services from Singtel, due to this reason, both the organizations are facing the impact. As a result of this, it leads to the establishment of impact on both the organization's data present in the company. The personal data of Malaysia Airlines are seen to be misused which heavily impacted the operational processes conducted by the company. As a result of this, the impact is created on the IT infrastructure and the security present with the company. Implications The implications reflect the severity of the incident faced by Malaysia Airlines. It not only impacted the IT infrastructure of the organization Malaysia Airlines but also it impacted the relationship present between Singtel and Malaysia Airlines. The company Singtel should focus to improve IT security to strengthen the relationship present between both the organizations. The incident also impacted the IT infrastructure of Singtel and also the misuse of data is

3

conducted. The internal information is also impacted that are present with the organization (Kendrick, 2010).

Recommendations It is recommended that the company should focus to strengthen firewalls implemented in the Singtel company as well as on Malaysia Airlines. The strengthening of firewalls will be helping the organizations to strengthen the data security as well as the intruders or the hackers will be facing difficulties to enter into the database of the system. As a result of this, an increase in data security will be made, and also the unique authentication system should be integrated to increase the data flow processes. Thus, it also helps to strengthen the business environment and also will be enabling the company to improve the structural environment present with the company. Rationale The rationale of this situation reflects that the system file-sharing should be strengthened as the sophisticated cyberattack is conducted by hackers. The strengthening of the file-sharing process should be made with the inclusion of a strong database security structure. Malaysia Airlines lacks the strengthening of third party service provision process which leads to the breaching of data. For this reason, the data security should be improved as per the recommendations provided above. Costs and benefits The costs that can be integrated into this situation are seen to be of a huge amount as the safeguarding of the security of the data is considered. Strong IT development should be made so that the safeguarding of the data can be properly made by the company. It not only aims to increase the business processes but also helps to make growth in the information security environment. It will be establishing a beneficial environment as it will enable the organization to gain the attention of the stakeholders and customers (Malone, 2020).

Incident Description The personal data of the human assets have been hacked by the hackers of Malaysia Airlines. The management team of the organization previously argued that confidential information has

4

been attacked by any entities. But, the management team is agreed that the used software in the organization has been attacked by unidentified hackers. The organization is using the software of Singtel. In this case, the software service provider also agreed that the application for the organization has been hacked by illegal hackers. This type of issue has started in the year 2010. Personal data such as member names, date of birth, gender and contact details, frequent flyer numbers, status, and tier level information have been hacked by hackers.

However, the

incident did not affect itineraries, reservations, ticketing, ID card, and payment card information-related aspects of the customers. The overall activities of the organizational management team have not been affected by the unethical hacking activities of the hackers. But, the organizational management team is not been able to ensure the vital stakeholders regarding the security of the vital information of them. The organizational management team has notified the customers regarding the information leakage. However, this type of unethical hacking can create a negative impact on the activities of the organization. The organizational management team has assured the important stakeholders that the core activities of the organization have been affected (Henderson, 2021). Immediate action taken The organization has taken a significant step to minimize the impact of unethical hackers. The organization is monitoring the data management activities to eliminate the risk factors. The organization will be able to know about the hacking process through the alerting system. In this case, the organizational management team will be able to get alert of any unwanted activities of the thirds parties. This type of activity helps the organization to manage the data management process very effectively. The effective monitoring process of the organizational management team helps them to create significant opportunities. In this case, the organization can understand the activities of the third parties regarding hacking. Through the effective monitoring process of the organizational management team members, they are been able to detect the associate problems. This type of activity helps the organization to maintain the data management-related activities very effectively. It is very important for the organizational management team to maintain the IT infrastructure-related aspects very effectively. The useful monitoring of the organizational confidential data helps to manage the effective data. In this case, the important stakeholders will be able to get assurance from the organization regarding their confidential data. Moreover, the user monitoring activities help the organization to get effective notifications regarding the data management process. The organization is facing file transfer-related issues. In this case, the notification-related aspects can be maintained the data

5

management process of the organization. The organization is intending to fix the IT performance. The effective approach of the organizational management team can help them to maintain the IT infrastructure and eliminate any kind of issues that are associated with the data breaching activities (Nasir, Ahmad & Barkat, 2017).

The incident investigation Methods of investigation The investigation is conducted from the root source which includes the data logs, test data, reports, and emails. This is conducted by the identification of each of the IT security members present in the organization who should be involved in the presentation of the data building process. It involves the gathering of the possible risks that are raised due to the breaching of data. As a result of this, the proper sharing of the data should be appropriately made to strengthen the system security. Analyse causes The causes of the data breach are the weak information security present with the company. The weak information security is raised due to the lack of weak firewall implementation for data sharing and securitizing. This establishes an impact on the protection process and also leads to the development of a potential risk environment for the company. The weak monitoring of data security is maintained which leads the organization to face this issue. Due to this reason, the hackers are facilitated to smoothly hack the required data from the database, and also they can be easily able to access the data present in the database. Apart from this, the service monitoring is also conducted from public websites and non-public places on the internet. This leads to the breaching of data and also it impacted the stakeholders present in the company (Pavle Gladovic, 2012). Constraints The constraints that are present in this incident are the lack of security maintenance made by the IT team present with the organization Malaysian Airlines. The operation of the activities is seen to be not appropriately conducted and also the impact is created on the personal information present with the company. These constraints identified established impact on the organizational stakeholders and also the stakeholders are losing faith in the organization Malaysia Airlines.

6

Assumptions The assumptions made that the breaching process is conducted from a non-public place and through the network of Singtel. As the core access was present with Singtel for the purpose of providing security services, due to this reason, the core network is hacked by the hackers to access the data of Malaysia Airlines. As a result of this reason, the notification of unusual activities alert was not gained by Malaysia Airlines and also by Singtel. This resulted in the data breach which was faced by Malaysia Airlines and also it impacted the stakeholders present with the company (Rosnan & Mahmod, 2012).

Follow-up actions Actions taken The organization has taken significant actions to minimize the negative effects of the data breaching elated activities. The useful monitoring approach helps the organizational management team to understand the actual access to the data. In this case, the organizational management team has intended to implement a notification-related approach for a better understanding of the data accessing process. Notification is an alarming option that the organization has been used to know the data breaching relate activities of the hackers. The organization is intended to maintain the aspects of stakeholders regarding data. For this reason, the organization has taken an adequate approach for the enhancement of the data management process. Next steps The organization has to follow some steps to maintain the data management process. One of the most significant steps is associated with passwords. The organization has the responsibility to recreate the passwords at regular intervals. In this case, the hackers may face significant difficulties to hack the important data of the organization. Moreover, the organization has to limit access to valuable data. The third-party vendors have the responsibility to provide adequate services to the organization. If the organization has found that the third party is not providing significant software, then the entity may exclude the services of the third party. Moreover, the organization has to update the software at regular intervals. The significant approach of the organizational management team regarding software updates can create a positive impact on the organizational important stakeholders. Moreover, the organization has to provide significant assistance to the shareholders regarding the data management process. If

7

the organization will be able to provide significant training to the responsible person who is associated with the data management process, then the entity will be able to manage the data very effectively (Warikoo, 2021). The development of a cyber-breach response plan is also a very effective activity that the organization can undertake for the betterment of the data management process. In this case, the organizational management team has to provide adequate assurance to the stakeholders regarding the data breaching-related negative issues. The organizational management team has to create such passwords that cannot be accessed by unethical hackers. The continuous changes in the password can secure the data of the organization. In this case, the organization will be able to manage the data very effectively. The organization has to secure the passwords very confidentially. Through this way, the organization will be able to maintain the data management process for long-term purposes. It will be very difficult for the organization to reach the hackers. So the organization has to take significant action to prevent the hackingrelated activities of the hackers. The current initiatives of the organization may not provide significant assistance to it regarding the data breaching. The organization needs to provide effective focus on the password and update related aspects of the computerized system. The data management process of the organization will be significantly influenced through the effective approach of the organizational management team.

References Alsmadi, I. (2018). The NICE Cyber Security Framework. Chaturvedi, G., Chaturvedi, S., & Agarwal, M. (2015). Forestalling Against Data Breaching. International Journal Of Engineering And Computer Science. doi: 10.18535/ijecs/v4i8.08 Gomer, R., & Simperl, E. (2020). Trusts, co-ops, and crowd workers: Could we include crowd data workers as stakeholders in data trust design?.

Data & Policy, 2. doi:

10.1017/dap.2020.21 Henderson, J. (2021). Malaysia Airlines hit by ‘data security incident’ via third-party IT service provider.

Retrieved

23

May

from https://www.channelasia.tech/article/686637/malaysia-airlines-hit-by-datasecurity-incident-via-third-party-it-service-provider/

2021,

8

Kendrick, R. (2010). Cyber Risks for Business Professionals. Ely: IT Governance Pub. Malone, K. (2020). When Translation Problems Arise Between Data Scientists and Business Stakeholders, Revisit Your Metrics. 2.1. doi: 10.1162/99608f92.c2fc310d Nasir, A., Ahmad, A., & Barkat, W. (2017). Operational performance and financial performance

of

Malaysia

Airlines. Paradigms, 11(1),

34-40.

doi:

10.24312/paradigms110106 Pavle Gladovic. (2012). Quantification of airlines business efficiency using data envelopment analysis (DEA). AFRICAN JOURNAL OF BUSINESS MANAGEMENT, 6(25). doi: 10.5897/ajbm11.1713 Rosnan, H., & Mahmod, R. (2012). Business Turnaround Plan: The Experience of Malaysia Airlines. South Asian Journal Of Business And Management Cases, 1(2), 211-221. doi: 10.1177/2277977912459444 Warikoo, A. (2021). The Triangle Model for Cyber Threat Attribution. Journal Of Cyber Security Technology, 1-18. doi: 10.1080/23742917.2021.1895532

Document control information NO. 1.<...