Hackers Attack Tescono Nowadays With The Acceleration Of New

Hackers Attack Tesconowadays With The Acceleration Of New Technologies

Hackers attack Tesco Nowadays with the acceleration of new technologies e-commerce competes the traditional commerce on a global range and gives a wide fields for profits. The development of Information Technology (IT), the integration of computer with its multiple sizes and the existence of smart cell-phones that can connect to the internet all have helped people to sell and buy whenever and wherever easily. In case of the privacy and security which are still ongoing research problems, there have been some interesting and significant findings. In the last five years that bear important consequences for e-commerce sites and consumers. Privacy had become understood now by many to be a social construction with expectations the largest consideration. Yet, privacy is also considered a public issue by regulators, who have nonetheless largely allowed technology to unfold to date. Also security now is understood to be largely imperfect, the continual cat-and-mouse game of security expert and hacker. According to the topic of the final project that could touch all of the mentioned above, Tesco, an international supermarket chain, has been forced to deactivate online customer accounts after hackers took aim at its systems. As mentioned in news.cnet.com the company confirmed to The Guardian on Friday 14 February 2014 that over 2,200 of its accounts were compromised (Reisinger, 2014). Resources: Reisinger, D. (2014), Hackers hit Tesco as over 2,200 accounts compromised , retrieved from Gibbs, S (2014), Thousands of Tesco.com customer accounts suspended after hacker attack, retrieved from The Quastion review and analyze the breach along the following dimensions: · What went wrong? · Why did it occur? · Who was responsible? · How could it have been prevented? · What advice would you offer to prevent such a breach from occurring in the future? Using MS Word, prepare an assignment of 5-8 academic articles or other sources of information about the breach. Your assignment might include scans or links to articles or media reports. Each item must have a caption crediting it, in complete APA format. Use your assignment as evidence in support of your analysis of the chosen incident. Submit your assignment as a single document.

Paper For Above instruction

This paper examines the cybersecurity breach experienced by Tesco in 2014, analyzing what went wrong, why it occurred, who was responsible, how it could have been prevented, and providing recommendations to prevent similar incidents in the future. The breach involved unauthorized access to over 2,200 customer accounts, exposing vulnerabilities in Tesco's online security infrastructure amid the rapid evolution of e-commerce and digital technologies.

Introduction

The proliferation of digital technologies such as internet-connected devices, smartphones, and expansive e-commerce platforms has transformed retail industries worldwide. However, this rapid technological advancement has concurrently increased cybersecurity vulnerabilities (Romanosky, 2016). The Tesco breach exemplifies how such vulnerabilities can be exploited, leading to significant customer data exposures and financial repercussions (Reisinger, 2014). This incident underscores the critical need for robust security measures and proactive risk management strategies in the digital age.

What Went Wrong?

The breach revealed deficiencies in Tesco’s cybersecurity defenses, primarily related to insufficient access controls and inadequate account security protocols (Gibbs, 2014). Hackers exploited vulnerabilities in Tesco's online account management system, possibly through phishing, weak passwords, or software loopholes, to gain unauthorized access. The incident indicated that Tesco’s security measures at the time failed to detect and prevent unauthorized login attempts promptly. Furthermore, the failure to implement multi-factor authentication may have facilitated easier access for hackers (Finkle, 2014).

Why Did It Occur?

The breach occurred due to a combination of factors. Firstly, the rapid expansion of online retail exposed security vulnerabilities that had not been fully addressed (Romanosky, 2016). Secondly, the lack of comprehensive cybersecurity protocols, including regular system audits and employee training, increased susceptibility to social engineering attacks (Kshetri, 2017). Additionally, the hackers likely exploited known software vulnerabilities and possibly employed credential stuffing techniques, using stolen credentials from previous breaches or guessed passwords (Verizon, 2014). Cloud storage misconfigurations and insufficient encryption practices may also have contributed to the breach (Gibbs, 2014).

Who Was Responsible?

Responsibility for the breach primarily lies with Tesco’s cybersecurity management, including their IT security team and executive leadership that failed to prioritize robust security protocols. While external actors, such as hackers, exploited vulnerabilities, organizations bear the primary responsibility for establishing effective safeguards. The failure to implement multi-layered security measures and regular security assessments indicates a lapse in Tesco's security governance (Finkle, 2014). However, regulatory gaps and industry-wide challenges also complicate accountability at broader levels.

How Could It Have Been Prevented?

The breach could have been prevented through multiple preventive measures. Implementing multi-factor authentication (MFA) would have added an additional layer of security beyond just passwords (Finkle, 2014). Regular security audits and vulnerability assessments could have identified exploitable weaknesses before hackers did (Romanosky, 2016). Employee training to recognize phishing attempts and social engineering tactics would have minimized human errors (Kshetri, 2017). Encryption of stored data and secure password policies, including complexity requirements and regular changes, could have mitigated the impact of credential theft (Verizon, 2014). Moreover, establishing an incident response plan would have enabled prompt action to contain and remediate the breach (Finkle, 2014).

Recommendations for Future Prevention

To prevent similar breaches, organizations like Tesco should adopt a comprehensive cybersecurity framework aligned with industry standards such as ISO/IEC 27001. This includes continuous risk assessment, regular penetration testing, and implementing layered security controls (ISO, 2013). Employing security information and event management (SIEM) systems can improve real-time monitoring and threat detection (Romanosky, 2016). Investing in staff training, awareness programs, and establishing clear incident response protocols are vital. Additionally, fostering a security-first organizational culture and maintaining transparent communication with customers about data protection can enhance trust and compliance (Kshetri, 2017).

Conclusion

The Tesco data breach of 2014 exemplifies the vulnerabilities arising from the rapid digitization of retail operations. While technological vulnerabilities played a significant role, organizational and human factors were also crucial. Strengthening cybersecurity defenses through layered security, regular assessments, employee training, and strategic planning is essential to mitigate future risks. As technology continues to evolve, so must the security measures to protect consumers' sensitive information effectively.

References

• Finkle, J. (2014). Tesco Data Breach Exposes Customer Accounts. The Wall Street Journal. https://www.wsj.com
• Gibbs, S. (2014). Thousands of Tesco.com customer accounts suspended after hacker attack. The Guardian. https://www.theguardian.com
• ISO. (2013). ISO/IEC 27001:2013 Information Security Management Systems. International Organization for Standardization.
• Kshetri, N. (2017). 1 Cybersecurity and emerging economies. Journal of Global Security Studies, 2(2), 122-136.
• Romanosky, S. (2016). Examining the costs and causes of cyber incidents. Journal of Cybersecurity, 2(2), 121-135.
• Reisinger, D. (2014). Hackers hit Tesco as over 2,200 accounts compromised. CNET. https://www.cnet.com
• Verizon. (2014). 2014 Data Breach Investigations Report. Verizon RISK Team.