CASE STUDY CHAPTER 8

MWEB BUSINESS HACKED

Q1: What technology issues led to the security breach at MWEB?

The technology issues are protects customers againts junk email and viruses that are sent via email. Despite the multitude of security services offered by MWEB, a number of MWEB business subcibers account details were compromised when their logo and password details were published on the internet hackers. Beside that, technology issues it appears that hackers gained access to the internet solutions' self service management system that MWEB business uses provide and manage business accounts that have not yet been migrated to the MWEB network.

Q2:What the possible business impact of this security breach for both MWEB and its

 customers?

They have to work together with Internet Solution to solve this issue, so it can helps companies integrate existing systems with the Internet so as to close the gap between technology, strategy, and the organization’s bottom line. Besides that, they will lost trust of customers and takes time to gain back their trust and they need to immediately implement proper policies and controls of their systems. So, it can helps to develop, manage and maintain solution that include all aspects of Internet connectivity, Website development and hosting, broadband and wireless applications, e-commerce, and consultancy services.They need to prepare for legal action and financial risks and this is threat to customer retention andreputation. The possible impact for MWEB customer are they need for explanation from MWEB and they need for behaviour recommendations. Besides that, they loss of personal information (privacy ), data lost or inaccurate, and additional compromising of related accounts. Lastly, inconvenience, they have to change password or could not access the service and lost trust in the company.

Q 3:If you were an MWEB customer, would you consider MWEB’s response to the security

 breach to be acceptable? Why or why not?

It is acceptable. Because MWEB responded quickly to the hacking incident. MWEB migrate from the old server which was attacked by hackers to the new server. MWEB also contact those customer whose has been hacked to reset their password as an added security measure. MWEB advise them to take immediate action. General manager of MWEB also ask for apologize for any inconvenience the breach have caused to MWEB’s customer. MWEB also took immediate action to evaluate the extent of the breach and to limit any damage.Lastly, MWEB was working closely to investigate the nature and source of the breach to ensure it does not happen again.

QUESTION 4: What should MWEB do in the future to avoid similar incidents ?

To avoid similar incidents, MWEB should implement up to date security system or device or protocol to their network such as digital certificates, intrusion defection system, Management Information System update and auditing regular and through testing and improvement identity management. Besides that, MWEB should advise their customer to authentication usernames and promised and vigilant regarding customer online data and security. MWEB should work closely with Internet Solutions to investigate the nature and source of the breach to ensure it does not happen again.