CASE STUDY: THE OPTUS DATA BREACH

In September $2022,$ Optus, a major Australian telecommunications company,

suffered a significant data breach when an attacker exploited a vulnerability in

their API $($Application Programming Interface$).$ The attacker gained unauthorized

access to customer data, including names, dates of birth, addresses, phone

numbers, and, in some cases, identity document numbers. The breach affected

millions of current and former Optus customers, raising concerns about identity

theft and fraud.

YOUR TASK

You are a cybersecurity consultant specializing in network and application

security. Optus has engaged your services to assess the incident and recommend

improvements to their security posture. Your task is to analyse the data breach

and develop a comprehensive report that addresses the following questions:

$1.$ Evaluate the effectiveness of Optus' existing network security measures,

such as firewalls, intrusion detection$/$prevention systems $($IDS$/$IPS$),$ and

virtual private networks $($VPNs$).$ Could stronger network security controls

have prevented or mitigated the breach?

$2.$ Discuss the importance of network segmentation in protecting sensitive

data. How could Optus have implemented network segmentation to limit

the attacker's access and minimize the impact of the breach?

$3.$ Analyse the Optus data breach in the context of the OWASP Top $10$ web

application security risks. Which of the OWASP Top $10$ vulnerabilities

were most likely exploited in this incident, and what secure coding

practices could have been implemented to prevent such exploitation?

$4.$ Recommend specific network and application security measures that

Optus should implement to prevent future data breaches. Consider both technical controls $($e$.$g$.,$ firewalls, web application firewalls, secure coding

practices$)$ and organizational measures $($e$.$g$.,$ security policies, procedures,

training$).$

WORKSHOP INSTRUCTIONS

$1.$ Thoroughly research the Optus data breach, gathering information from

credible sources such as news articles, official reports, and cybersecurity

analyses.

$2.$ Review the relevant sections of Module $7,$ focusing on network security

fundamentals, firewalls, IDS$/$IPS$,$ VPNs$,$ network segmentation, secure

protocols, web application security $($OWASP Top $10),$ and secure coding

practices.

$7019$ICT Cyber Security Risk Management

$18$

$3.$ Analyse the Optus incident through the lens of network and application

security, identifying the key weaknesses and areas for improvement.

$4.$ Develop a comprehensive report that addresses the questions outlined

above, providing clear explanations, supporting evidence, and actionable

recommendations.

WORKSHOP WRITE$-$UP STRUCTURE

Use the following structure for your report:

Introduction

$$ Briefly summarize the Optus data breach and its impact.Network Security Measures

$$ Evaluate the effectiveness of Optus' existing network security measures.

$$ Recommend stronger network security controls.

Network Segmentation

$$ Discuss the importance of network segmentation in protecting sensitive

data.

$$ Explain how Optus could have implemented network segmentation to

limit the attacker's access.

OWASP Top $10$ Web Application Security Risks

$$ Analyse the breach in the context of the OWASP Top $10$ vulnerabilities.

$$ Identify the most likely exploited vulnerabilities and recommend secure

coding practices to prevent exploitation.

Recommendations

$$ Recommend specific network and application security measures for

Optus.

$$ Include both technical controls and organizational measures.

Conclusion

$$ Summarize your findings and emphasize the importance of robust

network and application security in the telecommunications industry.

Your report should be approximately $600$ words in length and be written in the

workshop template provided on the course website. Support your analysis with

evidence from the case study and your research.