Posted: September 10th, 2022

The Marriott International Cyberattack 2020

Information Security Management

Prepare a 4 – 5 page paper which is validated by at least 2 outside references. Reference the Format Guidelines document as you prepare your paper.

FOCUS: If you can focus this paper around the Marriott International Hotel Chain data breach that recently occurred that would be amazing.

TEXTBOOK: Management of Information Security – 9781305501256 – Michael E. Whitman, Herbert J. Mattord – Cengage Learning – 2106-03-22

This paper is writer’s choice. However, it needs to be a recent information systems security topic. I would like 5 references used in APA formating. My cell service is not the greatest right now, but I can access Wi-Fi, so I can be contacted through this website. Let me know if you need any assistance. Thanks! Hope your family and friends are doing well through this COVID-19 situation.

The Marriott International Cyberattack 2020
Mass theft of consumer information and data in the Marriott International Hotel chain can be associated with cyber criminals that get these data and information to attempt to use the stolen credit card numbers. The company has revealed that the cyber attack started in mid-January and extended for one month and a half. From a previous attack in 2018 on the organization, unnamed sources of the government accused hacker working for intelligence services from china. A deeper investigation showed that the code and attack patterns were associated with attack techniques of state-sponsored Chinese hackers. The attackers allegedly used cloud-hosting space that was most frequently used by Chinese hackers. The investigation pointed out that the attack was government motivated as opposed to the ordinary cybercriminals since the stolen records in millions were never sold on the dark web; proving to be a mere plunder raid.
Speculation through government sources about the data breach has made the sense that it was a broad Chinese effort to acquire massive data and information on the government employee and intelligence officers of America. Marriott is the highest hotel provider for most of the military and government sectors. The information stolen could help in tracking the movements of their military and intelligence officers from America. Speculation states strongly that the greater goal is to make a collection of data and information about the American government and their agencies for analysis.
Marriott International Cybersecurity Protocols
Marriott international hotel chain had cybersecurity protocols that were meant to offer information security and management. Marriott international become aware of the hacking activity after a security tool identified an unusual database query. The security tool was run and monitored by Accenture which was previously responsible for the management of IT and information security activities before the merger and was mandated to continue its information security functions. The database query was tailored in a way that the user details used had administrator privileges during the hack. The security protocols analysis immediately revealed that the owner of the account assigned was not responsible for the query that had been made, therefore someone else had managed to have access and control of the account activities.
Further investigation in the security systems showed the presence of malware in the system memory that was especially identified as RAT, Remote Access Trojan, which is mostly associated with the function of attempting to get passwords and username combinations in the system memory. The system was also infested with MimiKatz which with the integration of Remote Access Trojan is also a malware that can give the attacker the ability to control the administrator account.
The Impact of The Cyber Breach Attack
The cyberattack was fueled by business and cultural factors that were prevailing in the organization then. As it is believed it is almost impossible to protect the information system from all attackers. However, Starwood a major division of Marriott did not uphold the best security culture and this contributed to attack being undetected for four years before its acquisition by Marriott International Hotel chain. Starwood employees reported that they had faced a lot of difficulties to secure the reservation system and had faced attackers for eight months undetected. After the merger, most of the corporate staff of Starwood who were involved with the management of information technology and security were fired. Marriott International took over Starwood for their old in-house reservation system that was still infected with malware and capable of breach by hackers which resulted from lack of continued care.
In regards to the victims of the cyberattacks, the information stolen ranged from names, addresses, emails, phone numbers and birthdays. More important data stolen were the loyalty account details and information such as room preferences of high profile individuals. The investigation by Marriott proved that the theft did not manage to get the credit card numbers, passport information, and driver’s license information. This information leak affected the hotel guest records of approximately 383 million guests and a passport number of about 5 million hotel users. The hotel management, Marriott International has offered through emails to all guests impacted by the latest breach to continuously monitor the personal information for over a year free of charge.
The Counteraction Measure and Incident Response
The company upon discovery at the end of February disabled the compromised logins and began an investigation. Among the steps were to notify the hotel guest and is currently continuing to end emails to the guest this week. The company has also imposed a mandatory password reset for all Bonvoy loyalty Club member and must enable the advancements of multi-factor authentication on their Loyalty accounts.
Marriott international must have a response that involves critical steps that involved counteraction measures after the breach. Their timeline must involve mobilizing of the incident response team, secure information systems to ensure business continuity, conducting a thorough investigation, and address legal and regulatory requirements as well as evaluate and incur the liability of the cyber-security breach. Marriott international must have formed an incident response team that includes all relevant stakeholders of the hotel chain that has the task of investigating the breach. The next step in their timeline must be the securing of the information systems from a technical perspective. These efforts are aimed at securing the IT systems that work to contain the breach and prevent further risk of a breach. The investigation must identify clearly when and how the breach was detected and whether there is any other system that has been compromised.
The breach of Marriott international involves the employee and the efforts of counteraction must include the appropriate Human Resource representative. The Marriott international counteraction plan involves giving feedback about the conclusions of the investigations which must be incorporated into policies and procedures of the incident response plan. The company through the incident response plan must evaluate and incur the liability of the data breach in its capacity. The Marriott international has been involved in reducing any damage to customer relationships. Marriott International is, therefore, offering free personal data monitoring for a year for the affected hotel guests and their loyal customers.
Conclusion
In conclusion, the Marriott International Hotel chain faces the compromise of its information system and must act accordingly and keenly to keep out the cyber threats. It is rather a hard time of the year with the COVID-19 pandemic that has restricted business activities and collective work of the organization. This pandemic will cause delays and issues in the resolution of the data breach. Marriott International must create a comprehensive action plan that will repair and restore the status of its public relations in the global markets. The findings and feedback of the incident response plan must be incorporated in the information security policy and must foster change in organizational culture and information security that is much stronger to reduced and notice cyberattacks in the future of the organization.

References
Chopra, A., & Chaudhary, M. (2020). The Need for Information Security. In Implementing an Information Security Management System (pp. 1-20). Apress, Berkeley, CA.
Clark, M., Espinosa, J., & Delone, W. (2020, January). Defending Organizational Assets: A Preliminary Framework for Cybersecurity Success and Knowledge Alignment. In Proceedings of the 53rd Hawaii International Conference on System Sciences.
Fielding, J. (2020). The people problem: how cyber security’s weakest link can become a formidable asset. Computer Fraud & Security, 2020(1), 6-9.
Hammouchia, H., Cherqia, O., Mezzoura, G., Ghoghoa, M., & El Koutbib, M. (2019). Digging Deeper into Data Breaches: An Exploratory Data Analysis of Hacking Breaches Over Time. Procedia Computer Science, 151, 1004-1009.
Mercer, S. T. (2020). The Limitations of European Data Protection As A Model for Global Privacy Regulation. AJIL Unbound, 114, 20-25.

Check Price Discount

Study Notes, Research Topics & Assignment Examples: Rules of Drafting Investment Contracts »Standard Social Science Methodologies