Running head: DIGITAL FORENSIC PLAN IN WALMART COMPANY Digital Forensic Plan in Walmart Company Name Institutional Affiliation 1 DIGITAL FORENSIC PLAN IN WALMART COMPANY 2 Company Overview Apart from being the biggest retail company globally, Walmart is labeled as the largest corporation by revenue. The company also has approximately 2.2 million associates making it to be the largest employer company across the world. It has a culture that stems from four values including respect for the customer, service to the customer, acts with integrity, and strive to excel. It nourishes environmental and social sustainability and it practices corporate social responsibility through its Walmart Foundation. The size of the company suggests the need to acknowledge a digital forensic plan that is critical to protecting the company data by restricting hackers from hacking that would hence jeopardize the company operations. The company embraced this idea by partnering with Sensormatic that provides its surveillance services. However, the company is still prone to various security vulnerabilities and threats suggesting the need to integrate. DIGITAL FORENSIC PLAN IN WALMART COMPANY 3 Abstract Walmart is a giant retail company both in the U.S and globally. Having approximately 2.2 million associates and reflecting on the substantial revenue it generates suggest why the company is also the biggest when compared to companies from all sectors worldwide. Walmart is like any other company when it comes to exposure to security threats and vulnerabilities. Walmart alongside other companies across the globe has been committed to protecting their data by installing updated security data tools, yet the cyber attackers have also been working tirelessly by figuring out how to hack such tools. This leaves companies with no option other than to update their security tools often. Some security vulnerabilities and threats that jeopardize the security systems of organizations, businesses, and companies are malware, hidden backdoor programs, phishing attacks, and company employees. Despite the efforts of the hackers to tamper with the security systems of Walmart, the company gets rid of them by installing some digital forensic events. For example, the company has technological sits that have been created in a way that analysts put unique passwords after scanning their hands. It would be possible to contain the damage by encouraging employees to utilize more than one password to make it hard for cyber attackers to guess their logins. Some examples of risk mitigation techniques are prioritizing data protection and being thorough. DIGITAL FORENSIC PLAN IN WALMART COMPANY 4 Table of Contents Table of Contents Company Overview …………………………………………………………………………………………………………………… 2 Abstract…………………………………………………………………………………………………………………………………….. 3 Table of Contents ………………………………………………………………………………………………………………………. 4 Analysis …………………………………………………………………………………………………………………………………….. 5 Threats and Vulnerabilities…………………………………………………………………………………………………….. 5 Computer System Incidents ………………………………………………………………………………………………….. 11 Network and Internet Incidents…………………………………………………………………………………………….. 15 Conclusion ………………………………………………………………………………………………………………………………. 16 APPENDIX A: Risk Mitigation Techniques and Plans ………………………………………………………………. 17 References ……………………………………………………………………………………………………………………………….. 18 DIGITAL FORENSIC PLAN IN WALMART COMPANY 5 Analysis Threats and Vulnerabilities Just like any other business, Walmart is still under unending security threats from compound sources. While companies may be committed to protecting their data by installing newer and updated security software, hackers have been working out how to tamper with this software so that they can breach the data of these companies. The vulnerabilities and threats Walmart is experiencing are the same evident in other companies. These issues are discussed below in relation to how they affect the company. Malware Hackers create new malware all the time, and this is evident by looking at the number of malware created daily. Statistics reveal that companies suffer approximately 360,000 new malware, and Walmart is not an exception. Most of the new malware rehash the older malware programs that have been altered by antivirus programs, hence making them unrecognizable. Walmart’s security system might be vulnerable to various malware sorts like ransomware. This sort of malware is known as malicious software that encrypts the data of the data storage drives of the victim in a way that they become inaccessible to the owner (Gunawan & Yazid, 2020). The hackers then threaten the owner of the drive by demanding some payments in order to get the encrypted key in return. This software is malicious to the company data in the sense that the company might be vulnerable to lose its data if the company management fails to come into an agreement with the hacker. Trojans are another kind of malware that functions by masquerading as an authentic program to hoax victims into integrating it into their systems. The impact of such malware on the system is devastating because they normally target the outmost network security defenses by DIGITAL FORENSIC PLAN IN WALMART COMPANY 6 posing to be harmless, yet they contain serious threats inside them. Walmart might be vulnerable to this malware threat as some employees might be tempted to install some programs over the net following how harmless they seem to be, yet risk the overall security of the company by installing Trojan programs without their consent. Worms are also classified as malware threats as they function by risking the security of the victim (Gunawan & Yazid, 2020). Worms entail programs that replicate by themselves and spread through various programs like emails. Worms usually strive to access the contact database of the victim and send itself as an attached file. A worm that appears as an email form appears like it was sent from another person, specifically from a compromised computer. Overall, most malware programs focus on accessing the critical data, copy it, and send it to a certain server that the attacker utilizes to steal information. Unpatched Security Vulnerabilities Countless threats are developed daily, yet most of them are workable by relying on the old security vulnerabilities. Walmart security can be vulnerable if it fails to patch the vulnerabilities after discovering them bearing in mind that most malware looks for the same old vulnerabilities over time. It is common for the company or the employees to rely on the company network to pursue their organizational roles, yet they are reluctant to update their organizational systems regularly. This majorly happens when such employees are not willing to lose a few minutes that account for their productivity at the workplace (Makura et al., 2021). The reason behind this is that such employees feel that updating the system is a nuisance to them, yet acknowledging the idea could save the company from losing a lot of money and time. A simple fix to fix entails maintaining a weekly update schedule whereby the company could challenge the employees to update the workplace systems regularly to avoid being predisposed to such vulnerabilities. The company can also be relying on its Information technology (IT) team that DIGITAL FORENSIC PLAN IN WALMART COMPANY 7 could be checking the trending security patches for the software of the organization and ensure that they are applicable to all systems integrated into the company. Hidden Backdoor Programs Hidden backdoor programs are the purposely-developed computer security vulnerability. The backdoor is when the manufacturer of computer software, components, or the entire computer installs a program intended to enable the computer to be accessed remotely. Installing the backdoor into the computer without informing the user is labeled as a hidden backdoor program and this poses serious vulnerability to the computer as it allows the one who is versed in the backdoor to access the affected computer system illegally. Such a person may also access the network connected to the system which is inadvisable. It is necessary for Walmart to learn from the case involving Bloomberg where a backdoor was left in the routers of the manufacturer. The case specifically occurred when the biggest phone company in Europe identified a backdoor in the software that could allow Huawei to access the fixed-line network in Italy illegally. The system was known to deliver both home and business internet to millions of users across the country. Vodafone requested Huawei to disregard in-home internet backdoors routers to safeguard the internet users from the vulnerabilities (Makura et al., 2021). The software vulnerability evident in the case is a serious issue because malicious actors who could be using the internet could access millions of networks directly. Admin Account Privileges Restricting the access freedoms of software users features among the core tenets of managing system vulnerabilities. The less information a user accesses in the system suggests lesser damage experienced on the user account in the event of any damage. Nevertheless, most organizations have been reluctant to restrict access to user account privileges, thus allowing DIGITAL FORENSIC PLAN IN WALMART COMPANY 8 nearly every virtual user in the network by guaranteeing them to be administrator-level access. Various security configurations are tampered with to an extent that it becomes even possible for the unprivileged users to develop admin-level user accounts. Approving that the accessibility of the user account is limited to what the user needs to perform his or her job is critical to addressing computer security vulnerabilities (Mackie, Taramonli, & Bird, 2017). This also suggests the need of the Walmart Company to ensure that the newly-created account is restricted from having admin-level access which is critical to restricting the less-privileged users from establishing more privileged accounts. Anonymous Security Bugs in Programming interfaces Computer software is extremely complicated, especially when more than one program is designed in a way that they interface with each other. The core issue with this is that a single software may experience programming issues and conflicts that prompt vulnerabilities in the software. Programing bugs alongside unexpected code interaction feature among the common security vulnerabilities. This normally serves to be an opportunity to the attackers as they are always enthusiastic about discovering them and abuse them (Mackie, Taramonli, & Bird, 2017). Predicting the establishment of such vulnerabilities is barely possible because there are virtually no restrictions to the integrations of software that might be traced on a computer. Phishing Attacks A phishing attack is a situation when the cyber attacker hoax an employee in a victim company into presenting him or her with account credentials and sensitive data associated with the company. The attacker may even hoax the employee into downloading malware that jeopardizes the security system of the organization. This may allow the attacker to access the data of the company with fewer constraints and encrypt the sensitive data of the company and DIGITAL FORENSIC PLAN IN WALMART COMPANY 9 force payment from the company before handing in the encryption key. Such an attack majorly comes in the form of emails that mimic the identity of one of the vendors of the company to be someone who has potential authority in the company. In the illustration, the attacker may say, “This is Thomas from IT, a suspicious activity is seen happening in your user account, clicking on this link will be impactful in resetting and securing your password.” Clicking such links will leave the system to be vulnerable in that it will lead to a website that downloads malware into the system of the user, eventually compromising the system (Englbrecht, Meier, & Pernul, 2020). Other associated attacks may request users to permit the attacker to access their user accounts by presenting them with the account credentials as he or she would masquerade to be solving the issue. The core goal of such a strategy encompasses exploiting the employees of the organization to bypass security layers to allow them access to data with ease. Despite the efforts of the attackers, it would be possible to do away with the attacks by first installing email virus detection tools that help to check malware in email attachments to restrict it from harming the network of the system. Companies should also contend with engaging multifactor authentication (MFA) to allow users to access the system networks while restricting the attackers from accessing such networks. Walmart being a giant in the retail industry should also contend with the idea of training its employees on matters pertaining to cybersecurity (Englbrecht, Meier, & Pernul, 2020). It would be less possible for an educated employee to become a victim of phishing schemes. The reason behind is that training that reflects on cybersecurity topic will inflict the employees with the basic knowledge that would enable them to identify and disengage themselves from phishing attacks. DIGITAL FORENSIC PLAN IN WALMART COMPANY 10 IoT Devices The Internet of Things (IoT) institutes various smart devices like Wi-Fi, manufacturing robots, and printers alongside other machines. A concern based on these devices is that attackers may hijack them to compose slaved networks of compromised devices to pursue their attacking operations. The issue may be worse if the business is not aware of the IoT devices attached to its networks, and this suggests that such business has unprotected vulnerabilities, yet it is still unaware of the issue. The cyber attackers would use these anonymous devices as an opportunity for them to attack the security system of the business. The seriousness of this concern suggests the need to perform a security audit to reduce the risk from the IoT devices. This is because the audit will identify the disparate assets attached to the network not forgetting the operating systems running on the network. This solution can be impactful if the company commits itself to perform periodic audits to ensure that new devices are accounted for suppose they are added to the network. Company Employees Employees are thought to be the most serious security threat in any company, implying that this issue also applies in Walmart. This is because most data breaches in any organization are usually traced back to the employee attached to the organization that suffered the breach without considering whether it was because of purposeful malfeasance or an accident. For instance, some employees may consider abusing their access freedoms following their selfinterests. In some instances, the employee may unintentionally click on a wrong click in an email thus ending up downloading a wrong file from an online site or even allow an unauthorized person to access the user account credentials that then allows them to attack the company systems with fewer constraints (Sadi 2021). Despite the magnitude of the attack, the DIGITAL FORENSIC PLAN IN WALMART COMPANY 11 company can contain this concern by installing anti-phishing bullets into its systems to restrict data breaches. For instance, employing a policy of least privileges restricts users from access too much data at the same time, making it impossible for them to steal information. The company can also commit itself to educate its employees about the importance of cybersecurity who will then consider various measures that restrict the chances of allowing the attackers from accessing sensitive information associated with the company. Computer System Incidents Related Digital Forensic Events Walmart has a highly secured digital-forensics laboratory sits that helps in performing various digital forensic events. The sits have been designed in a way that analysts are always required to scan their hands and put in a unique password. They then comb through videosurveillance records and fetch out data from devices that have seen better days. For instance, they may fetch data from a crashed hard disk which may be as a result of being dropped from a tall structure or has been crushed by a hammer. While the nature of these jobs seems to be sensitive, the company contends using its employees to perform the job rather than relying on foreign spies and FBI agents. The company features among the six corporations in the U.S that run digital forensic facilities certified by the U.S Crime Laboratory Society Directors (Sadi 2021). These companies including Walmart have digital forensic capabilities that abide by law enforcement. They contain tools that help to assess theft cases and online fraud practices. These tools are also meaningful in tracking the source of data breach and the breach itself. These tools function by retrieving information from a dysfunctional computer drive or a locked encrypted android device. The tools also have the capabilities of evaluating activities happening on a network to identify the employee that is siphoning off critical data to vend it on the black market. DIGITAL FORENSIC PLAN IN WALMART COMPANY 12 Forensic and Incident Responses to be provided An incident response plan encompasses six phases that when put into consideration, guarantee the security of a system by restricting the chances of a data breach. Companies with IT units are encouraged to challenge the members of the IT team to learn about these phases to deal with cybersecurity threats accordingly. Developing and managing the incident response thoughtfully requires regular updates and requisite training. Below is an explanation of the forensic and incident response phases. Preparation Preparation is the first phase of the plan that is critical to protecting the business. The phase encompasses various practices like training the employees accordingly where the training should relate the incidence response responsibilities and roles amid data breach. Secondly, it is appropriate to plot incident response drill situations and execute regular mock data breaches to examine the effectiveness of the response plan. Thirdly, it is necessary to ensure that all elements of the response plan are ratified and funded on time. The plan should be detailed thoughtfully in a way that highlights the roles and responsibilities of the stakeholders of the response plan.it would then be appropriate to examine the plan to determine if the IT team members are versed with the plan (Sadi 2021). This is because it is hard to find an employee committing a mistake in an area where he or she is highly informed. The questions to address when pursuing the first phase are listed below: • Is everyone versed with security policies? • Does the response team understand its roles and the required notifications? • Have all members of the response team participated in the mock drills? DIGITAL FORENSIC PLAN IN WALMART COM …
Purchase answer to see full attachment
Are you busy and do not have time to handle your assignment? Are you scared that your paper will not make the grade? Do you have responsibilities that may hinder you from turning in your assignment on time? Are you tired and can barely handle your assignment? Are your grades inconsistent?
Whichever your reason is, it is valid! You can get professional academic help from our service at affordable rates. We have a team of professional academic writers who can handle all your assignments.
Students barely have time to read. We got you! Have your literature essay or book review written without having the hassle of reading the book. You can get your literature paper custom-written for you by our literature specialists.
Do you struggle with finance? No need to torture yourself if finance is not your cup of tea. You can order your finance paper from our academic writing service and get 100% original work from competent finance experts.
While psychology may be an interesting subject, you may lack sufficient time to handle your assignments. Don’t despair; by using our academic writing service, you can be assured of perfect grades. Moreover, your grades will be consistent.
Engineering is quite a demanding subject. Students face a lot of pressure and barely have enough time to do what they love to do. Our academic writing service got you covered! Our engineering specialists follow the paper instructions and ensure timely delivery of the paper.
In the nursing course, you may have difficulties with literature reviews, annotated bibliographies, critical essays, and other assignments. Our nursing assignment writers will offer you professional nursing paper help at low prices.
Truth be told, sociology papers can be quite exhausting. Our academic writing service relieves you of fatigue, pressure, and stress. You can relax and have peace of mind as our academic writers handle your sociology assignment.
We take pride in having some of the best business writers in the industry. Our business writers have a lot of experience in the field. They are reliable, and you can be assured of a high-grade paper. They are able to handle business papers of any subject, length, deadline, and difficulty!
We boast of having some of the most experienced statistics experts in the industry. Our statistics experts have diverse skills, expertise, and knowledge to handle any kind of assignment. They have access to all kinds of software to get your assignment done.
Writing a law essay may prove to be an insurmountable obstacle, especially when you need to know the peculiarities of the legislative framework. Take advantage of our top-notch law specialists and get superb grades and 100% satisfaction.
We have highlighted some of the most popular subjects we handle above. Those are just a tip of the iceberg. We deal in all academic disciplines since our writers are as diverse. They have been drawn from across all disciplines, and orders are assigned to those writers believed to be the best in the field. In a nutshell, there is no task we cannot handle; all you need to do is place your order with us. As long as your instructions are clear, just trust we shall deliver irrespective of the discipline.
Our essay writers are graduates with bachelor's, masters, Ph.D., and doctorate degrees in various subjects. The minimum requirement to be an essay writer with our essay writing service is to have a college degree. All our academic writers have a minimum of two years of academic writing. We have a stringent recruitment process to ensure that we get only the most competent essay writers in the industry. We also ensure that the writers are handsomely compensated for their value. The majority of our writers are native English speakers. As such, the fluency of language and grammar is impeccable.
There is a very low likelihood that you won’t like the paper.
Not at all. All papers are written from scratch. There is no way your tutor or instructor will realize that you did not write the paper yourself. In fact, we recommend using our assignment help services for consistent results.
We check all papers for plagiarism before we submit them. We use powerful plagiarism checking software such as SafeAssign, LopesWrite, and Turnitin. We also upload the plagiarism report so that you can review it. We understand that plagiarism is academic suicide. We would not take the risk of submitting plagiarized work and jeopardize your academic journey. Furthermore, we do not sell or use prewritten papers, and each paper is written from scratch.
You determine when you get the paper by setting the deadline when placing the order. All papers are delivered within the deadline. We are well aware that we operate in a time-sensitive industry. As such, we have laid out strategies to ensure that the client receives the paper on time and they never miss the deadline. We understand that papers that are submitted late have some points deducted. We do not want you to miss any points due to late submission. We work on beating deadlines by huge margins in order to ensure that you have ample time to review the paper before you submit it.
We have a privacy and confidentiality policy that guides our work. We NEVER share any customer information with third parties. Noone will ever know that you used our assignment help services. It’s only between you and us. We are bound by our policies to protect the customer’s identity and information. All your information, such as your names, phone number, email, order information, and so on, are protected. We have robust security systems that ensure that your data is protected. Hacking our systems is close to impossible, and it has never happened.
You fill all the paper instructions in the order form. Make sure you include all the helpful materials so that our academic writers can deliver the perfect paper. It will also help to eliminate unnecessary revisions.
Proceed to pay for the paper so that it can be assigned to one of our expert academic writers. The paper subject is matched with the writer’s area of specialization.
You communicate with the writer and know about the progress of the paper. The client can ask the writer for drafts of the paper. The client can upload extra material and include additional instructions from the lecturer. Receive a paper.
The paper is sent to your email and uploaded to your personal account. You also get a plagiarism report attached to your paper.
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.Read more
Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.Read more
Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.Read more
By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.Read more