Posted: September 15th, 2022

Access, Privacy, and Security Issues with WLAN

Access, Privacy, and Security Issues with WLAN
The data breach faced by Marriott Internationals is the most recent large scale data breach, which involved its Starwood division hotels. The international hotel acknowledged the reservation systems’ compromises, where customer information included passport numbers and credit cards. The breach was flagged by an internal security tool, which reported an unauthorized attempt to access the internal guest reservation database for the Starwood brands for Marriott International. It was reported after the forensic process that the reservation system had been comprised early in 2014 before the acquisition by the Hotel brand, Marriott International. The Starwood was acquired by Marriott, the reservation system used by the former Starwood hotels did not migrate toward the Marriot’s own reservation system and still utilized the infrastructure from the former Starwood hotel.
Before the company acquisition, Starwood IT and Infosecurity were run and monitored by Accenture noticed an unusual database query. The database query was made by a user with administrator privileges. However, on quick evaluation, it was noticed that the person assigned to the account did not make the query; hence someone else had gain control of the account. From the investigation conducted, it was found that data was encrypted and removed from the Starwood systems. More analysis also indicated that the attackers were able to decrypt the data, which included information on over 500 million guest records. Most of the records were described to have extremely sensitive information like credit card and passport numbers. From the investigation, Remote Access Trojan was used in conjunction with MimiKatz that sniffs out the username and the password combinations in system memory. The two tools are speculated to have given the attackers control of the administrator account.

The mistakes of Starwood and Marriott involve the failure of basic security where there was a lack of in-depth defense, which allowed attackers to stay in the system for years. Marriott was compromised due to its failure to follow an important cybersecurity rule that strengthens security by implementing the principle of assumes the company is compromised and acting accordingly. There are several deidentification methods that would have been applied by the company, which include differential privacy, pseudonymization, tokenization, and data masking.
The company should have ensured proper security assessment every year through a third-party vendor, which requires the company to meet compliance requirements. Proper tests would have uncovered and make an indication for the compromise. In the situation of a company acquisition, cybersecurity assessment should involve risk and vulnerability assessment, penetration test, and overall security controls assessment for the merging company. Another way would involve the frequent and monitoring of cloud access, which must identify those who log into the network and how much data they are moving and accessing. It is from cloud monitoring where suspicious log-in location and large data transfer are identified and stopped. It is key to encrypt data within the company, but it is more important where and how you store the encryption keys. It is important that the encryption keys be stored correctly. There should be efforts to strike a balance between cybersecurity and business operations. Cybersecurity must be made a priority for local and international businesses as breaches can adversely affect the daily operations. In conclusion, businesses and companies should focus on performing proper security assessments and, most importantly, the proper vetting of databases before the merging of the company acquired.

References
Marriott could have prevented privacy data breach with Tokenization. (2019, March 20). Security Boulevard. Retrieved from https://securityboulevard.com/2019/03/marriott-could-have-prevented-privacy-data-breach-with-tokenization/
Gaglione Jr, G. S. (2019). The Equifax Data Breach: An Opportunity to Improve Consumer Protection and Cybersecurity Efforts in America. Buff. L. Rev., 67, 1133.

Order | Check Discount

Tags: Access, and Security Issues with WLAN, Privacy