Business Case: Lax Security at LinkedIn Exposed

Business Case: Lax Security at LinkedIn Exposed
Student’s Name:
Institution:
Professor:
Unit Name & Number:
Date of Submission
 
 
 
 
 
 
 
 
Business Case: Lax Security at LinkedIn Exposed
 1. The Reasons why profit-seeking hackers are interested in stealing stored data from LinkedIn and which data is most interesting in accessing.
LinkedIn does not gather credit cards or banking information, but hackers are still interested in those because it is useful to them in other areas. The following are the reasons:
* To obtain credentials of members working on LinkedIn. Those credentials will help them log on to LinkedIn staff accounts and get vital information about the company (Paul, 2012). They will take control of the data and files obtained and demand a ransom payment to unlock them.
* To obtain users' usernames, emails, and passwords. Most users use similar email addresses, usernames, and even passwords in all other online accounts. Therefore, obtaining that crucial information will allow hackers to gain access to other online accounts (Von Rosen, 2012). They may succeed in transferring their funds if similar credentials are attached to their online payments’ platforms.
* Not to be easily noticed. A hacker will use the credentials obtained to log in as a member and penetrate to company's accounts, reducing the risks of being detected, unlike when they use pseudo accounts (Paul, 2012).
* To obtain other corporate’s emails. If the emails obtained are corporate accounts, the hacker will know where the employee is working and his login account and passwords if it's the same (Paul, 2012).
Hackers are mostly interested in obtaining corporate’s data files to obtain ransom and individual login credentials to break into other accounts.
 
2. Effects of LinkedIn s failure to self-detect its massive data breach on its popularity and credibility
* Decrease membership growth and active users. Several users were shocked by how their credentials were stolen and placed on underground sites; hence some members deleted their accounts (Von Rosen, 2012). Those who had not joined, on the other hand, fear registering due to perceived data loss.
* Damage to reputation. LinkedIn's violation of data security laws affected its member loyalty. Therefore, they changed their views regarding the company, hence tarnishing its brand (Basil, 2012).
* Perceived weakness: Users viewed the company as weak due to its failure to employ stringent data security measures, affecting its credibility (Von Rosen, 2012).
* Loss of confidence. Members lost their trust in the company due to their negligence that resulted in a data privacy breach (Clark, 2012).
3. The reason why IT security experts and not LinkedIn discovered the data breach
* The data breach may have resulted from an inside job whereby LinkedIn staff conspired with Hackers. Unhappy employees or those lured with monetary gains may decide to harm the company by giving hackers vital information to access their data (Clark, 2012). They will not detect the data breach because third parties and IT experts catch them.<...