Need help with 12 slides PowerPoint which includes (Narrated Presentation) through given Essay and Lab Report

Want someone to create a Narrated PowerPoint out of my provided research paper and lab report. Please read the given instructions in the (PowerPoint Instruction) folder. Thanks 

Prepare a Narrated Presentation

Now that you have completed your technical report and lab report, you are ready to develop a narrated presentation for the members of the hospital board as well as the CIO and other managers. Your technical report will provide an analysis of the infrastructure and the threats, based on the incident that first brought the organization’s security issues to your team’s attention.

Your findings from the team’s technical and lab reports will now be the basis of a presentation that you will provide for the hospital board. The board will make decisions concerning what actions are taken and how much money will be allocated for cybersecurity. Therefore, you will create a slide deck that captures the salient points of your research, the results of the lab tests of the password-cracking tools, and the team’s proposals to tighten information security practices. Consider the suggestions in the table below to focus your efforts for this presentation.

Topics to Address in the Narrated Presentation

Keep the primary goals of your presentation in mind as you build your presentation to the board: be credible, be clear, and provide reasoned solution recommendations.

1. Present your technical findings succinctly to a non-technical audience. Avoid acronyms or slang; opt for clear language and clear explanations.

2. Provide a high-level summary of the infrastructure, the vulnerabilities that may have enabled the breach, and recommended actions. Explain what happened, the impact on the organization, and your proposed actions with rationale and costs.

3. You are limited to 12 slides, excluding the cover and references slides. You will choose your best narrator to narrate the presentation for wider distribution. The format should be professional and free from typos or grammatical errors. This is the board’s impression of your team’s performance!

Create a power point from this given essay and lab report.

MedStar Medical Vs. Cybercrime

In the health sector, experts “see persistent cyber-attacks as the single greatest threat to the protection of health care data” (Moffith & Steffen, 2017). To the world at large, this is not the most absurd news or revelation. Health care data embodies some of the most marketable information, and for the black market, this is Eldorado – the fictional tale of the city of gold. As such, health care organizations are tasked with fighting this uphill battle of providing the best medical services to their number one stakeholder – patients – while also ensuring that their valuable information is kept safe and secure. In 2016, MedStar Health, a not-for-profit healthcare organization – suffered a data breach that left thousands of residences of the Washington DC and Maryland area distraught. This paper highlights the concerns faced by MedStar Health and the damage caused by these cyber-attacks. Also, based on the various vulnerabilities seen in the healthcare sector, recommendations on how MedStar Health can potentially face these challenges will be provided, highlighting needed comprehensive security perspectives and industry-proven security systems.

 

MedStar Health’s Bio 

MedStar Health is a not-for-profit medical hospital that offers “the highest quality care for people in Maryland, Virginia, and Washington, D.C.” (MedstarHealth, 2021). Under their belt are ten hospitals and twenty-plus health-related businesses, including ambulatory care, urgent care centers, and a research institute across the Washington, DC, and Maryland area. Furthermore, MedStar Health currently has under its employ 30,000 associates, 6,000 affiliated physicians. More so, they have “one of the largest graduate medical education programs in the country, training more than 1,100 medical residents annually, and is the medical education and clinical partner of Georgetown University” (

MedStar Health

, 2021).

The 2016 Breach 

On March 28, 2016, MedStar Health was a victim of a data breach that brought the medical “behemoth” to a standstill (Cox et al., 2016). This attack forced the institution to power down critical infrastructure and processes for several days to slow the virus’s spread. Specifically, the cybercriminals used Ransomware in their assault of MedStar Health, encrypting their data on the infected systems. The Washington Post describes this crime as being “financially motivated, [where] the hackers make demands that put their victims in a difficult spot…, [targeting] critical data — such as patient records — then ask for a ransom” in exchange for decrypting the compromised data (Cox et al., 2016). 

Consequently, as a result of this attack, ten hospitals and over twenty medical centers were pushed back to the primitive means of operation, slowing down overall productivity and affecting thousands of patients. NBC News reported that thousands of MedStar’s patients with appointments were greeted with the voice message, “Our computer systems are still down, so we need you to bring a list of current medications and a list of allergies” (Williams, 2016). 

The 2019 Accidental Data Leak 

On July 22, 2019, MedStar Health’s Privacy Director, Mutanu Mutuvi-Thomas, reported to the Attorney General that their organization experienced an accidental data leak on June 19, 2019, where confidential information was shared. In the email describing the incident, the Privacy Director stated,

We regrettably report that on June 19, 2019, we learned that a MedStar supervisor of our Residency Program, inadvertently sent, via email, a document that included sensitive personal information of residents to a class of new intern physicians. As soon as the error was discovered, the supervisor immediately asked the recipients to securely delete the document from their email, including their document trash receptacle. The recipients have also been asked to sign an attestation confirming deletion of the email and that they have not further disclosed this information (MedStar Health, 2019).

Unfortunately, there were no additional records of this incident, as it was handled internally and discreetly. This incident was found in the 2019 End of Year Data Breach Report by ITRC (Identity Theft Resource Center). In response to the incident, MedStar Health notified the affected residents via email and “offered one year of complimentary credit monitoring and identity theft protection services through Experian” (MedStar Health, 2019).

The Healthcare and Cybersecurity 

Healthcare information, as mentioned earlier, is precious, as it encompasses a holistic view of a person’s health, and more so, the health of the community. This information, in turn, is used to determine medical treatment and policies that ultimately influence the standard of living at large. Not too long-ago medical information was stored as physical files and was accessed through manual processes. This reality, in turn, held its challenges regarding communication, efficiency, accuracy, and security (Touro College Illinois, 2021). 

“Today, healthcare information is widely collected, stored, accessed and transmitted digitally, thanks in part to the Health Information Technology for Economic and Clinical Health (HITECH) Act” (Touro College Illinois, 2021). This act promoted the widespread use of electronic health records (EHR) and health information exchange (HIE) to share and store healthcare information. This shift in handling medical data created, without question, improved overall healthcare, as health records are updated in real-time and patients are treated with more efficiency. “As healthcare information …migrated to the digital environment, it [became] highly valuable and therefore vulnerable to cybercriminals on the dark web” (Touro College Illinois, 2021). Thus, healthcare cybersecurity was introduced, protecting patients’ information while following the guidelines set forth by the Health Insurance Portability and Accountability Act of 1996 (HIPAA). 

Methodology

For this research, a descriptive methodology was used, where available databases were searched using keywords “Healthcare,” “Breach,” “Data Breach,” “Cyber Defense,” “MedStar,” “ePHI,” “PHI,” “IAM,” “Identity Management System,” “CIA Triad” and “Cyber Awareness.” Afterward, the researchers applied a combination of the main keywords to filter results from the various mediums. Subsequently, various news articles, databases, and academic journals were used to understand the multiple data breaches experienced by MedStar Health and their impact. 

More so, the searches conducted were constrained to recent years (2015-present) to provide an accurate representation of the various impacts cyber concerns create in the health sector. Besides, a deep dive was done into this sector – where business databases accessible by UMGC students were explored to gather insight into this field of study and the current cyber defense tool currently being employed. Following the known cases surrounding the data breaches of MedStar Health, academic journals were used to develop sound security system recommendations. Accordingly, the Gale Business Insight, Google Scholar, ProQuest, the Business Source Complete, and Gartner databases were mainly used for this research.  

Findings

In this section, the researchers aim to provide an overview of the health sector’s cyber concerns and the various data breaches experienced by MedStar Health. 

How Serious is the Cyber Concern? 

Between 2009 and 2016, there were 1798 data breaches reported, where health care providers reported 1225. Also, “there were 257 breaches reported by 216 hospitals in the data with at least 33 hospitals involved in more than one breach” (Schmeelk et al., 2021). Within 2010 and 2013, studying a dataset of 949 breaches recorded by the Office of Civil Rights (OCR), there were more than 29 million compromised health records (Schmeelk et al., 2021). Figure 1 below highlights the five categories of breaches recorded by OCR between June 2019 to June 2020: “Hacking/I.T. Incident reports totaling 264 breaches, Improper Disposal totaling 12 breaches, Loss totaling 11 breaches, Theft totaling 27 breaches, and Unauthorized Access/Disclosure totaling 102 breaches” (Schmeelk et al., 2021).

Figure 1. 

Breach Types between June 2019 to June 2020 (Schmeelk et al., 2021).

Furthermore, within the exact timestamp of June 2019 to June 2020, there were three significant data breaches with the health sector. On July 1 of 2019, Optum360 LLC. reported a breach of 11,500,000 individuals due to a Hacking IT Incident of their Network Server. On July 15 of 2019, Clinical Pathology Laboratories Inc. reported a breach of 1,733,836 individuals due to a Hacking IT Incident of their Network Server. On February 5 of 2020, Health Share of Oregon declared a data breach of 654,362 individuals due to a laptop theft (Schmeelk et al., 2021).

This concern’s seriousness is seen in figure 2 that highlights the number of U.S. residents affected by healthcare data breaches between 2014 to 2019. As seen below, 113.2 million U.S. residents were affected by cyberattacks in 2015, in just the health sector. In 2020, surprisingly, only 23.5 million affected U.S. residents were impacted by cybercriminals’ acts, despite the Covid 19 pandemic. 

Figure 2. 

The number of U.S. residents affected by health data breaches from 2014 to 2019, in millions (Johnson, 2021).

MedStar Health’s Data Breaches 

There are three major data breaches and cyber concerns that MedStar Health faced over the last six years. The data breach of 2016 left 10 MedStar Health hospitals and 250 outpatient centers in the Washington DC and the Maryland area at a standstill. Their entire infrastructure was victim to the ransomware attack. According to the Indian Health Services (IHS), 7,500 individuals were affected by this data breach, and the ransom was made at USD 19,000 – which was not paid. The 2019 cyber threat came from an internal error that leaked “sensitive personal information of residents to a class of new intern physicians” (MedStar Health, 2019). This case was handled internally, and there are no reports of any further damage caused by this internal threat. Finally, according to OCR, on September 25, 2020, 668 individuals were affected by a network data breach, categorized as an I.T./ Hacking incident, at MedStar Health. Unfortunately, there was no additional information posted online concerning this breach, as it is currently filed under the OCR section of presently under investigation. 

Discussion

Preparedness is vital when facing the daunting reality of what cybercriminals are capable of doing. MedStar, along with many other medical facilities, learned this truth the hard way with their electronic health records implementation, which came with technological advancement. Craig DeAtley, the organization’s director of emergency management, commented on the need for better preparations in light of the 2016 data breach in an interview. He said, “[w]e were practiced at individual workarounds, but we had never really rehearsed losing everything, much less all at once, … [y]ou need to exceed your comfort level to prepare for a problem this vast” (Hall, 2016). MedStar Health and healthcare providers need to keep up with modern cybersecurity practices, regular cyber awareness training, and up-to-date system infrastructures to embody this readiness. 

In the 2016 cyberattack at MedStar Health, several infrastructure resources were rendered useless because of the virus. The Ransomware that crippled the hospital’s systems restricted access to essential EHR, leaving thousands of patients without sufficient care. In the realm of cybersecurity, the CIA triad are core principles of information security that assist in the discussion and implementation of measures to turn the tides of this uphill battle. In essence, these principles help with the needed preparedness. The CIA triad’s core principles ensure that data remains confidential, maintains its integrity, and access to required information is always available. These principles will guide the proposed recommendations for MedStar Health on ways to improve their I.T. systems. 

Insider Threats 

MedStar Health suffered an external attack in 2016, and the damage was substantial. However, this gateway was made possible by human error, and thus cyber harm can be done from within any organization, whether it is malicious or careless actions. This act is referred to as an Insider Threat. Through these thoughtless or malevolent actions, health records are compromised, and in turn, patients suffer. More so, these actions often, more times than not, expose the vulnerabilities in the CIA triads, endangering “confidentiality, integrity, [and] or availability of the organization’s information or information systems” (Mazzarolo & Jurcut, 2019). In the case of MedStar Health, in 2016, employees’ access to their systems was restricted, removing the availability of needed PHI, and the integrity of the data was potentially compromised. Understanding the seriousness of the insider threat can ultimately help protect MedStar Health against these vulnerabilities. 

Typically, when a breach is revealed on the news or reported to the OCR, it is usually due to an outsider. However, thoughtless action can prove more lethal. The 2019 data leak at MedStar Health of residents’ confidential information is an example of insider threat, as this was a careless act that exposed PHI. “The hazards that originate from inside [an organization are more] difficult to prevent and detect because insiders pose a serious danger as they are familiar with the organization’s… systems…, and policies, and they have access to confidential information” (Mazzarolo & Jurcut, 2019).

Intrusion Motives

At this point, it is understood how valuable medical information is, and not just to healthcare facilities, but more so to the cyber black market. In fighting this unavoidable circumstance, healthcare management needs to understand the driving factors of these cybercriminals. “It is well known that, in other security and protection systems, one of [the] rings of protection is verbalized by “know your enemy” (Pleskonjic et al., 2006). Intrusion motives describe the driving factors behind a cybercriminal’s actions, whether for monetary gain, political exposure and change, ideological activism, disruption of services or access, and or causing physical harm through cyberspace. 

In MedStar Health’s 2016 case, the motive was monetary and to disrupt service and access of their systems. This action, in turn, caused harm to the patients and the care they required. In the article “The Motivations of Cyber Threat Actors and Their Use and Monetization of Stolen Data,” Lillian Ablon describes this type of attacker as a Cybercriminal. “Cybercriminals are motivated by financial gain—they care about making money. They want access to our personal, financial, or health data—in order to monetize them on underground black markets” (Ablon, 2018). The motives behind the breach of 2016 pried on the vulnerability in patient data confidentiality and electronic records’ availability to MedStar Health staff. Thus, understanding the enemy can prove beneficial in MedStar Health’s pursuit of curbing these vulnerabilities. 

Hacker psychology

Like Intrusion Motives, the hacker’s psychology is tied to the cybercriminal’s mindset and begs the question of what ultimately motivates them to hack. This goes for both cybercriminals and cybersecurity professionals. The difference is the motivating factor. As briefly mentioned, some hackers will conduct their actions with the sole purpose of making money, while others perform the same steps because of curiosity. In the case of cybersecurity professionals, these actions are done to protect everyday civilians who cannot defend themselves from cyber-attacks. Understanding the hacker’s psychology will help cyber professionals make better decisions regarding keeping EHR confidential, maintaining all records’ integrity, and ensuring that the data remains accessible to the right employees. “[W]hen analyzing threats and attacks, it is important to focus on the psychological aspect of an intruder, their motives and intentions and their way of thinking, planning and performing attacks” (Pleskonjic, 2006). 

Understanding the fundamentals of insider threats, intrusion motives, and hacker psychology provides an excellent foundation for guiding the conversation surrounding the CIA triad’s principals. This understanding, alongside sound security systems, can aid MedStar Health in its concerns surrounding the confidentiality, integrity, and availability of PHI and ePHI.

Identity Management System 

When it comes to security systems, Identity Management is the friend that MedStar Health needs. This system outlines the process for how users’ identities are defined and managed in an enterprise environment. It encompasses two vital concepts, Access, and User. “Access refers to actions permitted to be done by a user (… view, create, or [edit] a file), [while users refer to] employees, partners, suppliers, contractors, or customers” (De Groot, 2019). More so, an Identity Management System provides the ability to segment employees based on their roles. This system’s importance will ensure that access is given to the proper personnel at MedStar, and access will be managed when those employees transition roles and or leave the company. This type of access management and control aids the fight against cyber concerns and can ultimately help reduce the risks of vulnerabilities in MedStar Health’s framework. 

Furthermore, the Identity Management System is designed to address three critical security tasks: identity, authenticate, and authorize. “Meaning, only the right persons should have access to computers, hardware, software apps, any I.T. resources, or perform specific tasks” (De Groot, 2019). At MedStar Health, as of 2017, OnCore, a clinical management system, was implemented to work in conjunction with PowerTrials, a module within the MedStar electronic medical record (MedStar Health, 2017). OnCore holds records of patient’s progress, and to some degree, billing intimation, while PowerTrials stores these patients’ medical records. “These two systems both serve a different purpose within [MedStar] but work with each other to serve study and subject information to the appropriate users” (MedStar Health, 2017). With a proper Identity Management System, access to these systems will remain secure. The system controls the users’ access (their unique passwords) to each platform, ensuring no unauthorized person gains access to this confidential information. 

In considering an Identity Management System for MedStar Health, the following components are needed: 

a scalable, secure, and standards-compliant directory service for storing and managing user information; a provisioning framework that can either be linked to the enterprise provisioning system, such as a human resources application, or operated in standalone mode; a directory integration platform that enables the enterprise to connect the identity management directory to legacy or application-specific directories; a system to create and manage public key infrastructure (PKI) certificates; a run time model for user authentication; and a delegated administration model and application that enables the administrator of the identity management system to selectively delegate access rights to an administrator of an individual application or directly to a user (Oracle, 2010).

Figure 3.

An Identity Management System Model (Oracle, 2010).

More so, in the realm of Identity Management, there are various ways one may access information and resources, and this system assists in navigating this dialogue of access.  At the basic level of an Identity Management System is Role-Based Access Control (RBAC). “Under this approach, there are predefined job roles with specific sets of access privileges” (De Groot, 2019). For instance, at MedStar Health, there is no reason why a security guard should have the same access as someone on Payroll. Their individual roles separate their access. The second approach is Single Sign On (SSO). In this model of the Identity Management System, users only need to verify themselves once. The user is “given access to all systems without the need to log separately into each system” (De Groot, 2019). Finally, there is the Multi-Factor Authentication (MFA). In this Identity Management approach, the “authentication process combines something the user knows (like a password) with something the user has (like a security token or [One Time Password] OTP) or something that’s part of the user’s body (like biometrics)” (De Groot, 2019). When used independently, these Identity Management approaches are not sufficient to secure an organization compared to the tools currently employed by cybercriminals. However, when these approaches are used simultaneously to managed and control access, passwords, and user identity, there is a greater probability of securing PHI and ePHI.

Example of an Identity Management System at MedStar Health

When attending to patients at the health care facilities, while using a laptop, Doctor X will enter their set login credentials (their username and password). Their identity will then be checked against a database to verify if the correct credentials were entered and match the ones stored. If correct, Doctor X will gain access to the laptop. Once logged in, Doctor X will attempt to visit the needed web service that holds MedStar Health’s PHI. Again, Doctor X will be prompted for their username and password. The system will also check the user’s credentials against their database. However, at this point, there is an additional layer of security requiring another form of authentication for access, an MFA. The website creates a unique authentication key for the user based on their previously entered credentials. This identification key is then sent to Doctor X for confirmation. This MFA may be in the form of an app on a mobile device linked to the doctor’s login credentials. The identification key is generated on Doctor X’s mobile device and prompts for confirmation. Once confirmed, maybe within a set time limit, and both forms of authentication match the database managing credentials, Doctor X will gain access to the database that holds the patient’s health information. 

The example above highlights how a simple Identity Management System may work within MedStar Health, where only specific users in the organization are allowed to access and handle sensitive information. The Identity Management System does a fantastic job at provisioning access across organizations; however, safe computer etiquette needs to complement these systems to address significant vulnerabilities. 

Figure 4.

Example of MFA in the Identity Management System (Papaspirou et al., 2021). 

The importance of safe computer etiquette

In the case of MedStar Health, in the 2016 ransomware attack, if personnel were trained to identify phishing emails or malicious hyperlinks, this incident could have been avoided, and their records could have been protected. The same can be said for the 2019 accident. “IBM’s 2015 Cyber Security Intelligence Index stated that 45 percent of all breaches were due to insiders and that 95 percent of those breaches were due to human error” (Perez, 2016). Subsequently, gathered from the same report, 42.75 percent of all cyberattacks are caused by inadequately or improperly trained staff. Thus, with the proper tools and safe computer etiquette, MedStar and all healthcare providers can better protect their number one stakeholder’s information, their patients. 

In an interview with SCMagazine, a cybersecurity magazine in the UK, Jacob Ginsberg, a senior director at Echoworx, said it best. He compares the basic things an individual learns growing up, not touching a hot oven – to the education needed in the digital workplace. He said, “[there] should probably have similar lessons like that which would educate the digital workforce on the basic things you can do to stay safe at work” (Perez, 2016). This fundamental educational gap must be filled to ensure that the average MedStar employee knows how to protect their data and stop the craftiest of phishing emails and the careless mistakes that were seen in 2019. 

Figure 5.

The frequency of cybersecurity awareness training in the U.S. Healthcare Sector as of 2018 (Stewart, 2019).

Conclusion

More so, the numbers reflected in the chart above should be significantly higher, given that millions of individuals are affected yearly by cyberattacks in healthcare. Overall, the current situation society face is dire. However, the technology and training are available to aid in protecting PHIs and addressing these concerns. “Patient First is the heart of quality care at MedStar Health. Part of “Patient First” is [MedStar Health’s] promise to keep patient information private” (MedStar Health, 2014). Thus, implementing the recommendations highlighted in this paper is critical to MedStar Health’s promise to their patients. With proper cyber awareness training, a robust Identity Management System, a better understanding of insider threats, and the motives and psychological mindset of their potential intruders, MedStar Health is armed with the appropriate tools needed in this uphill fight. This approach ultimately protects their number one stakeholder, their patients. 

References

Ablon, L. (2018, March 15). The Motivations of Cyber Threat Actors and Their Use and Monetization of Stolen Data. The RAND Corp.

https://www.rand.org/content/dam/rand/pubs/testimonies/CT400/CT490/RAND_CT490

 

Cox, J., Turner, K. & Zapotosky, M. (2016, March 28). Virus infects MedStar Health system’s computers, forcing an online shutdown. Washington Post.

https://www.washingtonpost.com/local/virus-infects-medstar-health-systems-computers-hospital-officials-say/2016/03/28/480f7d66-f515-11e5-a3ce-f06b5ba21f33_story.html

De Groot, J. (2019, December 19). What is identity and access management (IAM)? Data Insider.

https://digitalguardian.com/blog/what-identity-and-access-management-iam

 

Hall, S. (2016, June 30). Lessons from the MedStar Health ransomware attack. Fierce Healthcare.

https://www.fiercehealthcare.com/privacy-security/lessons-from-medstar-ransomware-attack

 

Johnson, J. (2021, March 10). Number of U.S. residents affected by health data breaches from 2014 to 2019, in millions. Statista.

https://www-statista-com.lehman.ezproxy.cuny.edu/statistics/798564/number-of-us-residents-affected-by-data-breaches/

 

Mazzarolo, G., & Jurcut, A. D. (2019). Insider threats in Cyber Security: The enemy within the gates.

https://arxiv.org/pdf/1911.09575

 

MedStar Health Inc. (2021). Graduate medical education.

https://www.medstarhealth.org/education/graduate-medical-education/

Moffit, R. & Steffen, B. (2017). Health care data breaches: a changing landscape. Maryland Health Care Commission.

https://mhcc.maryland.gov/mhcc/pages/hit/hit/documents/HIT_DataBreachesBrief_Brf_Rpt_090717

Oracle. (2010, January 2). Identity Management Concepts and Deployment Planning Guide.

https://docs.oracle.com/cd/B14099_19/idmanage.1012/b14084/intro.htm#:~:text=A%20complete%20identity%20management%20system,storing%20and%20managing%20user%20information.&text=A%20system%20to%20create%20and,time%20model%20for%20user%20authentication

. 

Perez, R. (2016). Cyber-security awareness. S.C. Magazine: For I.T. Security Professionals (U.K. Edition), 18–21.

https://eds-a-ebscohost-com.ezproxy.umgc.edu/eds/pdfviewer/pdfviewer?vid=7&sid=d5194e8a-a6ee-4c2c-84e2-c0bb5899bbb7%40sessionmgr4008

 

Pleskonjic, D., Milutinovic, V., Maček, N., Djordjevic, B. & Caric, M. (2006). Psychological profile of network intruder.

https://www.researchgate.net/profile/Dragan-Pleskonjic-2/publication/325810196_Psychological_profile_of_network_intruder/links/5b2648c1458515270fd4a3f6/Psychological-profile-of-network-intruder

 

Power, D., Politou, E., Slaymaker, M., & Simpson, A. (2006). Securing web services for deployment in health grids. Future Generation Computer Systems, 22(5), 547–570.

https://doi.org/10.1016/j.future.2005.09.003

 

Schmeelk, S., Dragos, D. & DeBello, J. (2021). What can we learn about healthcare I.T. risk from HITECH? Risk lessons learned from the US HHS OCR breach portal. Proceedings of the 54th Hawaii International Conference on System Sciences. 3993-3999.

https://scholarspace.manoa.hawaii.edu/bitstream/10125/71101/0393

 

Stewart, C. (2019, May 20). Frequency of security awareness training in healthcare organizations U.S. 2018.

https://www-statista-com.lehman.ezproxy.cuny.edu/statistics/736704/security-awareness-training-frequency-in-healthcare-organization-in-us/

  

Touro College Illinois. (2021, March 4). How is healthcare information kept safe?

https://illinois.touro.edu/news/how-is-healthcare-information-kept-safe.php

 

Tutorials Point. (n.d.). What are web services?

https://www.tutorialspoint.com/webservices/what_are_web_services.htm

 

Williams. P. (2016, March 31). Medstar hospitals recovering after ‘ransomware’ hack. NBC news.

https://www.nbcnews.com/news/us-news/medstar-hospitals-recovering-after-ransomware-hack-n548121

Lab Report

· Which tool was able to recover passwords the quickest? Provide examples of the timing by your experimental observations:

Ophcrack recovered the password the quickest. When using Brute Force, the predefined field and the password length has to be adjusted properly to recover a password in a reasonable time. For example, Apollo password could take 2 years to recover using Brute Force when the predefined field is set on just letters and the length set to a max of 16 characters. With predefined field set to uppercase and lowercase letters and numbers the password was recovered within 10 seconds. Ophcrack recovered the password within 1 second.

 

 

· Compare the amount of time taken for the passwords that you were able to recover: Using Brute Force, Apollo and Batman passwords were recovered within 10 seconds. User Csadmin password was never recovered. Dictionary provides more options to define the password, Apollo and Batman were found in 5 seconds. Csadmin password was never recovered. Lastly, Ophcrack recovered Apollo and Batman passwords immediately. However, Csadmin password was never recovered. 

 

· Compare the complexity of the passwords for those discussed in the previous question. What can you say about recovery time relevant to complexity of these specific accounts?

· What are the four types of character sets generally discussed when forming strong passwords? How many of the four sets should you use, as a minimum? What general rules are typically stated for minimum password length? The four types of character sets are password length, using uppercase and lowercase letters, including numbers and symbols, and creating a unique password. You should use all four types of character sets to create a secure password. The general rule for password lengths are no less than 8 characters.

 

· How often should password policies require users to change their passwords? Password policies should require users to change their password every 90 days. 

 

· Discuss the pros and cons of using the same username accounts and passwords on multiple machines.

· What are the ethical issues of using password cracker and recovery tools? Are there any limitations, policies, or regulations in their use on local machines? Home networks? Small business local networks? Intranets? Internets? Where might customer data be stored? Cracking and recovering password is only a concern when it is used in a malicious way. Organizations IT Security team may use password crackers and recovery tools to test their password requirements to see if they are easy to crack. 

· If you were using these tools for approved penetration testing, how might you get the sponsor to provide guidance and limitations to your test team?

· Discuss any legal issues in using these tools on home networks in states that have antiwiretap communications regulations. Who must know about the tools being used in your household?

· Compare and contrast the results from the two methods used to crack the user accounts: Using Brute Force, Apollo and Batman passwords were recovered within 10 seconds. User Csadmin password was never recovered. Dictionary provides more options to define the password, Apollo and Batman were found in 5 seconds. Csadmin password was never recovered. Lastly, Ophcrack recovered Apollo and Batman passwords immediately. However, Csadmin password was never recovered. 

Ophcrack recovered the password the quickest. When using Brute Force, the predefined field and the password length has to be adjusted properly to recover a password in a reasonable time. For example, Apollo password could take 2 years to recover using Brute Force when the predefined field is set on just letters and the length set to a max of 16 characters. With predefined field set to uppercase and lowercase letters and numbers the password was recovered within 10 seconds. Ophcrack recovered the password within 1 second.
 

· Explain how strong passwords are constructed and your team’s recommendations for the organization: The four types of character sets are password length, using uppercase and lowercase letters, including numbers and symbols, and creating a unique password. You should use all four types of character sets to create a secure password. The general rule for password lengths are no less than 8 characters. Passwords should be reset every 90 days.

· Discuss the benefit of penetration testing: Penetration testing reveals system vulnerabilities, help develop security strategies for a real attack, and expose any poor security practices. Penetration testing can be a learning experiences for the team on different methods hackers use to penetrate a system. The team could also learn how to conduct incident reports and a remediation plan to apply a permanent fix.