Equifax: A Case Study

184 views 2 pages ~ 347 words Print

The Equifax Case and Web Application Vulnerabilities

The Equifax case is one of the most significant hacking incidents in the recent past with various underlying issues including those of ethics on the part of the company. The case involved the hackers gaining personal information for millions of the company's customers in the US. Aside from that, the incident demonstrated various vulnerabilities in numerous web applications. Web applications are vulnerable to multiple attacks from hackers which might lead to an eventuality similar to that of Equifax. Some of the most significant web vulnerabilities include Cross-site scripting, SQL injection, and XSS vulnerabilities. In most servers that store data from web applications, the programming language used for communication of the data is SQL programming language (Robinson). Therefore, the programming language is susceptible to threats such as SQL injection where the criminals place their commands into the system that allow them to, among other things, steal, delete or edit data stored in the databases.

Exploiting Apache Struts Software: CVE-2017-5638

While this is the case, Equifax hackers exploited the vulnerabilities in the Apache Struts software which is the open-source server software used by Equifax. The most probable vulnerability utilized by the hackers was the CVE-2017-5638, which represented a well-known and easy to exploit vulnerability in the expression language. The hackers used the code execution bug to exploit the system (Robinson). Among other issues regarding the incident is the lack of patching in the Strut. Additionally, the patch was quickly developed and tested making it susceptible to further vulnerabilities in the future. The implications of the breach are more significant than most other high profile breaches in history owing to the sensitivity of information contained in the databases and the number of people potentially affected by the breach. Also, the period they took before informing the customers also added to the adverse impact of the violation on both the company and the customers.

Work Cited

Robinson, Teri. "Apache Struts Vulnerability Likely Behind Equifax Breach, Congress Launches Probes | SC Media." SC Media, 2017, https://www.scmagazine.com/home/security-news/data-breach/apache-struts-vulnerability-likely-behind-equifax-breach-congress-launches-probes/. Accessed 2 Nov 2018.

September 04, 2023
Subcategory:

Corporations

Subject area:

Company

Number of pages

2

Number of words

347

Downloads:

31

Writer #

Rate:

4.8

Expertise Company
Verified writer

I enjoyed every bit of working with Krypto for three business tasks that I needed to complete. Zero plagiarism and great sources that are always fresh. My professor loves the job! Recommended if you need to keep things unique!

Hire Writer

Use this essay example as a template for assignments, a source of information, and to borrow arguments and ideas for your paper. Remember, it is publicly available to other students and search engines, so direct copying may result in plagiarism.

Eliminate the stress of research and writing!

Hire one of our experts to create a completely original paper even in 3 hours!

Hire a Pro

Similar Categories