Introduction to Cybersecurity

This course provides an overview of the field of cybersecurity. It covers core cybersecurity topics including computer system architectures, critical infrastructures, cyber threats and vulnerabilities, cryptography, information assurance, network security, and risk assessment and management. Students are expected to become familiar with fundamental security concepts, technologies, and practices. This course provides a foundation for further study in cybersecurity.

Research Paper – Anthem Data Breach

In 2015 Anthem experienced a data breach, resulting in almost 80 million people’s personally identifiable information being stolen. The information taken was, names, dates of birth, medical identifications, and SSNs, all this information could be used for identity theft and could plague the victims for the rest of their lives. According to the California Dept of Insurance, Anthem is unaware if credit card information was stolen.

The attack was executed by a hacker, whose identity has not been revealed, who used a phishing email and got login credentials through an employee of Anthem’s subsidiary. This gave the hacker remote access to the employee’s computer and according to Bank Information Security, remote to the network which the hacker proceed to move laterally across the network and hopping and using multiple accounts, to finally gain access to the enterprise data warehouse and get access to the consumer personally identifiable information. One preventative measure Anthem could have taken is to encrypt its consumer’s personal information on its own servers, adding another layer of security to the data, but it this case it came down to user error. Anthem should have been more open and more informative to all their respected employees about cybersecurity and how to be protected.

Repercussions following the breach, Anthem received no legal action other than a civil class action lawsuit which anthem settled for over 100 million dollars. In the settlement, the investigators hired by anthem and others by the California Dept of Insurance concluded that anthems security was up-to-date and similar to other companies. It also concluded that anthem’s response to the incident was adequate, and had cut the hacker’s access off three days after the incident has been discovered.

Anthem has been somewhat committed to its customers offering help with no need to sign up for any one of the customers in the event they get into trouble with identity theft. There is a program free, for two years, where they monitor your credit card information and you have access to a million-dollar identity theft insurance policy. This also gives active monitoring of the customer’s identity situation. However, this is only free for the first 2 years, after that it’s 24 dollars a year, which is still cheap, but information from children was stolen, so their identity is highly at risk of being stolen for the rest of their lives.

Anthem Insurance Company, CA Dept of Insurance, & various states dept of insurances. (n.d.). Anthems Agreement .https://insurance.mo.gov/Contribute%20Documents/AnthemInsAgreement.pdf

Dept. of Insurance. (n.d.). Anthem Data Breach. CA Department of Insurance. Retrieved January 22, 2023, from https://www.insurance.ca.gov/0400-news/0100-press-releases/anthemcyberattack.cfm

McGee, M. K., & Ross, R. (n.d.). A new in-depth analysis of Anthem Breach. Bank Information Security. Retrieved January 22, 2023, from https://www.bankinfosecurity.com/new-in-depth-analysis-anthem-breach-a-9627