0% found this document useful (0 votes)
109 views8 pages

CSC 433 Project: The Anthem Data Breach

A paper written by myself, Brody Bond and Tyler Yates discussing the Anthem data hack of 2015 and its effects on privacy

Uploaded by

Nicole Worth
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
109 views8 pages

CSC 433 Project: The Anthem Data Breach

A paper written by myself, Brody Bond and Tyler Yates discussing the Anthem data hack of 2015 and its effects on privacy

Uploaded by

Nicole Worth
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

Analysis and Proposed Resolutions of the

Anthem Data Breach


Brody Bond Nicole Worth Tyler Yates
North Carolina State University North Carolina State University North Carolina State University
Raleigh, North Carolina, USA Raleigh, North Carolina, USA Raleigh, North Carolina, USA
[email protected] [email protected] [email protected]
ABSTRACT ACM Reference Format:
In February 2015, Anthem announced that their sys- Brody Bond, Nicole Worth, and Tyler Yates. 2018. Analysis
and Proposed Resolutions of the Anthem Data Breach. J.
tems, including their data warehouse, had been compro-
ACM 37, 4, Article 111 (August 2018), 8 pages. https://doi.
mised, resulting in the leak of up to 80 million people’s
org/XXXXXXX.XXXXXXX
information. Given the scope of the breach, there are
quite a few news and governmental reports covering
the subject, yet there is a significant lack of analysis
1 INTRODUCTION
and proposed preventions in direct response. Here we In 2015, Anthem Inc., an insurance provider serving
examine the facts surrounding the breach, evaluate the businesses in eighteen states, announced that hackers
methods which the attackers used to conduct the breach, had breached their systems, notably their data ware-
and propose means to minimize the success of future house, and stolen the personal information of up to 80
attacks. million people. At the time, the attack was the largest
perpetrated on the healthcare industry [16]. This pa-
per studies information about the attackers, the attack-
CCS CONCEPTS ers’ methods, the failures of Anthem, and Anthem’s
• Security and privacy → Database and storage secu- response to the attacks in order to
rity; Database activity monitoring. • understand security breaches
• learn how bad actors operate
KEYWORDS • inform companies how to protect company and
Anthem, database, breach, phishing, social engineering, user data
link-scanning, data security • combat attackers’ methods, notably social engi-
neering ones
Authors’ addresses: Brody Bond, North Carolina State University, Additionally, future work is proposed in order to com-
Raleigh, North Carolina, USA, [email protected]; Nicole Worth, bat the issues that caused the Anthem data breach and
North Carolina State University, Raleigh, North Carolina, USA, to propose new solutions to increase the effectiveness
[email protected]; Tyler Yates, North Carolina State University, of phishing attack mitigation strategies.
Raleigh, North Carolina, USA, [email protected].
2 BACKGROUND
Permission to make digital or hard copies of all or part of this
According to the California Department of Insurance’s
work for personal or classroom use is granted without fee provided
that copies are not made or distributed for profit or commercial examination team, the data breach started when an
advantage and that copies bear this notice and the full citation employee of an Anthem subsidiary company opened a
on the first page. Copyrights for components of this work owned phishing email. Using this computer as a starting point,
by others than ACM must be honored. Abstracting with credit is the attackers were able to gain access to an increasing
permitted. To copy otherwise, or republish, to post on servers or to number of systems throughout Anthem’s and their sub-
redistribute to lists, requires prior specific permission and/or a fee.
Request permissions from [email protected].
sidiaries’ network [9]. Over eleven months after the
© 2018 Association for Computing Machinery. initial system compromise, the breach was detected by
0004-5411/2018/8-ART111 $15.00 an employee who noted his credentials had been used
https://doi.org/XXXXXXX.XXXXXXX to make requests which he hadn’t made to an Anthem
Figure 1: Condensed timeline of the Anthem data breach.

database [13, 14]. On February 4, 2014, Anthem dis- 2.2 Attackers’ Actions
closed the data breach to the public, stating that up On February 18, 2014, the attackers sent spear phish-
to 80 million members had their personal information ing emails to employees of multiple companies. On
stolen. This information included that same day, an employee of an Anthem subsidiary
• names clicked a link contained in the spear phishing email
• social security numbers (i.e., a personalized phishing email designed to mimic
• dates of birth an authentic one), causing a malicious program to be in-
• email addresses stalled on their computer. This program created a back
• billing addresses door for the attackers to use, permitting them remote
Notably, billing information was not compromised [13, access to the employee’s computer.
16]. "After Defendants [attackers] had obtained the ability
to remotely access a computer system on a Victim’s
[Anthem’s] network, they then sought to move laterally
across the Victim’s computer network and escalate their
2.1 Attackers privileges on the network (i.e., gain increasingly greater
According to a statement released by the U.S. Depart- ability to access information and make changes in the
ment of Justice ’s Office of Public Affairs and a related, Victim’s network environment). Defendants sometimes
unsealed indictment, the attack on Anthem was carried patiently waited months before taking further action,
out by two Chinese hackers, Fujie Wang and John Doe, quietly maintaining access to the Victim’s network".
the latter a man with many aliases whose name is not ul- Between May and November 2014, the attackers in-
timately known. The Department of Justice also stated stalled and utilized back doors and credential harvest-
that the two attackers were members of an "extremely ing tools on Anthem’s systems. The attackers also used
sophisticated hacking group..." . Beyond this however, this time to survey Anthem’s systems and establish
more information about the individuals is unknown, servers for storing collected information. Between De-
including the name of the hacking group [6]. In May cember 2014 and January 2015, the attackers queried
2019, Wang and Doe were charged with one count of information from Anthem’s data warehouse, encrypted
conspiracy to commit fraud, one count of conspiracy the data, transferred it to servers they owned, and even-
to commit wire fraud, and two counts of intentional tually transferred the data to computers in China. On
damage to a protected computer [19].
January 31, two days after the attackers were discov- industry [20]. This is because encrypted data takes time,
ered, their connections to Anthem’s systems were shut which companies often feel they don’t have, to decrypt.
down [6]. In total, up to 80 million people had their After the data breach, Anthem made three changes
information stolen from Anthem, at least 90 distinct to their security. The first change, a proactive secu-
systems in Anthem’s overarching system were compro- rity improvement, was the addition of two-factor au-
mised, and at least 50 accounts of Anthem or Anthem thentication to validate the authenticity of employees
subsidiary employees were compromised [9]. accessing Anthem’s system. While this would have
helped prevent the attackers from using credentials
they stole, it may not have stopped them from access-
2.3 Anthem’s Actions ing Anthem’s systems via back doors they installed. The
The attackers’ actions remained unnoticed until Jan- second change, also proactive, was to strengthen their
uary 29, 2015 when an Anthem employee, a database privileged account management system to better con-
admin, spotted his credentials had been used for data trol and watch users’ actions. This would have stopped
queries that he hadn’t made [13]. The FBI was immedi- the data breach as the hackers would not have been
ately notified, and all access to Anthem’s databases was able to escalate their own permission levels and gain
terminated. Per standard procedure, all employees reset access to more of Anthem’s systems. The third change,
their passwords in the event their accounts had been a reactive security modification, was to improve log-
compromised. There is a small amount of discrepancy ging capabilities. Better logging capabilities would have
in between sources, but at most two days later the at- made it easier for employees to catch unauthorized ac-
tackers were completely shut out of Anthem’s systems. tions in the system, leading to a quicker expulsion of
In addition to a public disclosure on February 4, 2015 the attackers from it [9].
[16], Anthem also sent emails to all impacted customers.
Since personally identifiable information was included 3 PHISHING
in the data stolen, Anthem provided multiple services
As mentioned in the background of this paper, the ini-
including credit monitoring, credit repair, child identity
tial mode of attack was a form of phishing called spear
protection, and identity theft insurance, free of charge
phishing. The act of phishing is a form of cyber attack
to all customers [13]. In 2017, as the result of over 100
whereby attackers craft communications that appear
lawsuits by people affected by the data breach, Anthem
to be from a legitimate source with the intention of
reached a settlement of $115 million [15].
gaining private data from or internal access to a tar-
get. These communications can range from generic to
2.4 Anthem’s Security Measures highly researched, detailed approaches that fool even
cybersecurity experts. Spear phishing is a targeted form
Prior to the data breach, Anthem did not encrypt infor-
of phishing attack, in which the target is a specific user
mation stored in its database, but did for information it
or group within a company.
sent and received [20]. Per [12], encryption of informa-
tion stored in a database is not required if a company
can implement an equivalent level of security and pro- 3.1 Effectiveness
vide the reasoning for their decision to not encrypt Part of what makes phishing attacks so dangerous and
their data. According to a spokesperson for Anthem, effective is how they are designed. Attackers craft emails
"We use other measures, including elevated user cre- and other messages that evoke strong emotions that
dentials, to limit access to the data when it is residing override a target’s logic, such as fear, curiosity, urgency,
in a database" [20]. Thus, Anthem was in compliance or greed [2]. Some messages are designed to look like
with HIPAA regulations. While an encrypted database official government missives asking recipients to verify
would have slowed the attackers by forcing them to personal details, while others are composed like inter-
decrypt the data before reading it as cleartext, it would nal memos asking employees to download software or
not have prevented them from stealing the information. perform other routine company operations [18]. These
According to the same spokesperson, not encrypting messages contain corrupted links or attachments that,
data while it is in storage is common for the insurance when the user opens or uses them, allow the attacker
access to the computer and its data. In the case of An- However, a system like this raises the question of how
them’s data hack, the emails that were sent to employ- much power and trust should be given to automation
ees contained a hyperlink that housed the malicious to determine what qualifies as a phishing attack and
program [19]. prevent it from occurring. A machine is not susceptible
The more sophisticated cybercriminals employ social to the same pathos as human users are, but may not
engineering tactics; they research the company or indi- be able to recognize the context of a given message.
vidual to see what real messages they send and receive, More on this subject can be found in the Future Work
purchases they make, websites they visit frequently, – Machine Learning section of this paper.
etc, in order to make their attacks as realistic as pos- Another question raised by considering the human
sible. This is the case with spear phishing – instead factor of cybersecurity is how the prevention software
of sending a widespread, generic email to all company works in tandem with the human element. Cybersecu-
employees attackers select a few individuals to research rity teams want to implement the most effective protec-
specifically, increasing the likelihood that they can fool tion for the system, but if that protection is too imposing
that particular individual. or disruptive to the system’s users is it really effective?
Another reason that phishing attacks are danger- The more complex or unwieldy a system is, the more
ous is their continually evolving nature. Attackers are likely a user is to try and find a way to make it easier
constantly refining their attacks based on which ap- for themselves, thus circumventing the exact measures
proaches are successful, and coming up with innova- put in place to protect it. A simple example of this is in
tive ways to trick recipients. It only takes one person passwords – many places want users to use complex,
to fall prey to a particularly convincing message for a multi-character passwords but if the password isn’t one
company to be compromised. that a user will readily remember, the odds are strong
that the user will write it down and keep it in their desk.
4 DISCUSSION All a malicious entity has to do then is find the written
down password to access the system. It is important for
Phishing attacks have been, and continue to be a danger
data security that any implementation walks the line
to individuals and companies in the online world. In
between being secure and user-friendly.
this particular case, even though Anthem was quick
in their handling of the breach once made aware of it,
provided services to protect users’ whose information
was stolen, and strengthened their existing security, 4.2 Data Loss Effects
there are interesting areas to think about related to the
The loss of data in this attack on Anthem was stagger-
incident.
ing; the personal information of 80 million people is
a huge data mine. Once an individual’s data is stolen,
4.1 Data Security they can face the effects of the loss for years. With the
Cases like this one where data security is impacted kind of personal information that was taken, criminals
raise some important questions about how data is pro- can impersonate the victims to commit different kinds
tected, and the strongest ways to do so. In researching of fraud, or execute individual phishing attacks to steal
the method of attack and how it was carried out in account information for their jobs, banks or other sites
this instance, it is clear that the vulnerability that was [4]. It is also possible that they would sell the informa-
exploited was not the system, but the users within it. tion on the dark web at any point, making it harder for
“Humans are the weakest link” remains an adage of the victims to recover and for investigators to prosecute.
cybersecurity world because no matter how secure your There are also other effects on the individuals including
system is, if your employees are not properly trained emotional damage, loss of social life, and even physical
or do not follow the policies within it, attackers can symptoms. Emotionally, identity theft is quite literally
still penetrate it [17]. The ideal secure system would the loss of identity, which can lead to feeling helpless,
be one that essentially removes the human element, angry, stressed, or afraid [8]. Affected individuals may
a black box that requires no human interaction and suffer a loss in their social life from these feelings, and
contains no interface for accessing its inner elements. from any damage the attackers cause to their social
media accounts. In extreme situations, physical symp- and surveillance are two of many harmful purposes that
toms like pain, loss of sleep, etc. can occur [7]. All of the collected personal information could be used for,
these effects show just how important it is that compa- and with the amount of people whose data was stolen it
nies secure their data, and individuals pay attention to is a sobering situation. The Anthem data hack is an ex-
any strange communications they receive, to prevent ample of how, as the world progresses further into the
phishing attacks from being successful. digital age, information security must be a priority for
governments to protect their citizens from malicious
4.3 Follow-Up Attacks entities.
In looking into the aftermath of the Anthem hack, a
worrying side effect of informing the public of the 5 FUTURE WORK
attack was the occurrence of secondary phishing at- The challenges with combating phishing attacks can
tacks on individuals whose data was stolen. These in- be broken down into two categories: the challenge
dividuals, both past and present Anthem customers associated with preventing phishing attacks and the
at the time, were sent scam emails in the weeks after challenge of detecting successful phishing attacks. An-
the initial attack occurred. These emails supposedly them’s changes to their security measures following
were from Anthem and contained a link to a credit- the attack focused on both proactive and reactive secu-
monitoring service [11]. While Anthem was providing rity measures, ensuring future attacks would be more
credit-monitoring services to affected customers, they difficult and, if they were successful, more easily de-
were doing so through the postal service [4]. Thus these tected. However, as the technological landscape is al-
emails were not from the company, but from cyber crim- ways changing, so to are the threats professionals must
inals looking to take advantage of scared victims. An prepare for. The following addresses the prevention
attack veiled under the guise of providing assistance is of phishing attacks through education, the limitations
particularly dangerous because people are more likely associated with combating phishing, proposals on how
to be susceptible when they ordinarily would not click to deal with these challenges in future work, and also
a suspicious email. This is something that in the fu- discuss newer mitigation techniques.
ture affected individuals should be wary of, and both
the affected companies and law enforcement should be 5.1 Limitations of Prevention:
very clear on how information on the attack will be Phishing Education
dispersed. In doing so, it makes it harder for criminals
Phishing education entails educating employees on how
to abuse the flow of information to re-victimize anyone
to spot and avoid phishing attacks. There were a re-
involved.
ported 400,000 phishing sites detected per month in
2016 [1]. The likelihood of every person that received
4.4 Foreign Entities one of these 400,000 links having the proper knowledge
Another aspect of this case that should be discussed of phishing attacks is low. Companies educating em-
is the foreign entities involved. The insurance com- ployees on how to spot phishing attacks and not to click
missioners and investigation teams that examined the links from unknown sources seems like a good way to
attack determined that it was within reason that the prevent phishing attacks, but has been proven unsuc-
attackers were working under the direction of a foreign cessful. Attackers often have the time and resources to
government [9]. While many sources were reluctant make their links look very convincing and legitimate.
to outright place blame, China appears as the culprit Per [1], there are three main reasons phishing education
in most eyes. This would be a reasonable conclusion, is unreliable on its own: distraction, spear phishing, and
considering that “China has a vibrant biotechnology [in- curiosity. When completing their daily tasks, people be-
dustry] where healthcare information could be compet- come easily distracted, with a mindset of going through
itively relevant to them” [9] and there have been other the motions in order to complete their work, employees
instances where the country has had state-sponsored are more likely to not be paying enough attention and
hacking [10]. The thought of a foreign government col- click a malicious link. Spear phishing is a type of phish-
lecting data on US citizens is not comforting. Blackmail ing where the attacker makes the email appear to be
coming from an internal source, a company executive models have shown 96% accuracy in detecting malicious
for example. Spear phishing has become so realistic that links. However, many of these models are unready for
many employees, even those who have gone through implementation due to network delays caused by fea-
phishing education, can be easily tricked into supplying ture extraction [21]. Machine learning has potential to
sensitive information to attackers. A study conducted be a successful mitigation strategy for phishing attacks,
by FAU concluded that 56% of recipients clicked a link but more development needs to be done before it can
claiming to contain images from a party. A follow-up be put to use.
questionnaire determined that the link was clicked due
to curiosity of seeing the images or determining the 5.4 Proposed Work
identity of the sender, even though 78% also reported The above highlights key issues with phishing pre-
knowing the risks of unknown-links [3]. While phish- vention techniques. Evidence suggests that more work
ing education should be a part of phishing mitigation, needs to be done in order to reliably combat phishing
these factors and studies prove that it is not effective attacks. Machine learning has proven to be a poten-
enough to rely on. tial mitigation strategy, but more work needs to be
conducted in order to find better feature extraction
5.2 Limitations of Prevention: techniques. While improvements in link-scanning have
Link-Scanning been made by examining domain traffic and recording
Link-scanning is the process of software examining new domains, there is a lot left to be done, especially in
link’s for malicious content and notifying users of pos- relation to zero-day phishing attacks. We recommend
sible malicious intent. Link-scanning does not prevent future work be done in order to detect spear phishing
users from clicking the link out of curiosity, although specifically, since it is currently the most sophisticated
some email servers may prevent emails with possible and hard to detect phishing strategy. Phishing educa-
malicious links from being received by the recipient. tion should remain a mitigation strategy, however the
The main limitation with link scanning is that it re- education needs to be more robust and convey the dam-
lies on the link having an established reputation as age that phishing attacks can cause to ensure people
malicious. A link gains negative reputation by being act on their education.
reported to specific websites which maintain databases
of malicious or suspicious links. [5]. ’Zero-day URLs’ 6 CONCLUSION
refers to a link that has recently been created. There- Through an analysis of the Anthem security breach, we
fore, zero-day links will not be flagged as malicious can better better understand attacks carried out through
by link-scanning software because the link has not yet phishing, how bad actors operate, and discuss ways to
been marked malicious and included in these databases. combat these offenses. Phishing attacks occur when
For this reason, link-scanning to prevent phishing at- a malicious link is opened, allowing the attackers to
tacks can be problematic. In an analysis of Google Safe infiltrate the victim’s network. This allows attackers
Browsing, "the gold standard database for malicious to obtain more secure data which, in the case of An-
links", only 14% of emails containing malicious links them, included personally identifiable information. Our
were blocked; the other 86% contained zero-day links analysis focused on ways to prevent such attacks from
[5]. Link-scanning is a successful mitigation technique occurring, namely phishing education, link-scanning,
when links have been established as malicious, however and machine learning. In addition, we analyzed road-
zero-day links prove that link-scanning is not a fool blocks to future work in these fields. As "humans are
proof method for preventing phishing attacks. the weakest link", and until improvements can be made
to anti-phishing software, human education is the best
5.3 Machine Learning means to ensure system security.
Machine learning to detect malicious links is a new con-
cept in phishing mitigation. Preliminary experiments
show that machine learning can be a valuable tool in
preventing phishing attacks. Some machine learning
REFERENCES settlement/anthem-to-pay-record-115-million-to-settle-u-s-
[1] Eyal Benishti. 2017. The Limitations Of Phishing Educa- lawsuits-over-data-breach-idUSKBN19E2ML
tion. DARKReading. https://www.darkreading.com/threat- [16] Adam Rubenfire. 2015. Hackers breach Anthem; 80M exposed.
intelligence/the-limitations-of-phishing-education Modern Healthcare. https://www.modernhealthcare.com/
[2] Cisco. 2022. What Is Phishing? Cisco. https: article/20150204/NEWS/302049928/hackers-breach-anthem-
//www.cisco.com/c/en/us/products/security/email- 80m-exposed
security/what-is-phishing.html#~how-phishing-works [17] SHRM. 2021. The Weakest Link in Cybersecurity.
[3] Friedrich-Alexander-Universität Erlangen-Nürnberg. SHRM. https://www.shrm.org/hr-today/news/all-things-
2016. The Limitations Of Phishing Education. work/pages/the-weakest-link-in-cybersecurity.aspx
Friedrich-Alexander-Universität Erlangen-Nürnberg. [18] Terranova. 2021. 19 Examples of Common Phishing Emails.
https://www.fau.eu/2016/08/25/news/research/one-in-two- Terranova. https://terranovasecurity.com/top-examples-of-
users-click-on-links-from-unknown-senders/ phishing-emails/
[4] Kelli B. Grant. 2015. Anthem victims’ first hack symptom: [19] Office of Public Affairs United States Department of Justice.
Phishing scams. CNBC. https://www.cnbc.com/2015/02/06/ 2019. Member of Sophisticated China-Based Hacking Group
anthem-victims-first-hack-symptom-phishing-scams.html Indicted for Series of Computer Intrusions, Including 2015
[5] Reece Guida. 2018. Why Does Link Scanning Miss so Many Data Breach of Health Insurer Anthem Inc. Affecting Over 78
Phishing Attacks? Avanan. https://www.avanan.com/blog/ Million People. https://www.justice.gov/opa/pr/member-
does-link-scanning-prevent-phishing sophisticated-china-based-hacking-group-indicted-series-
[6] UNITED STATES DISTRICT COURT SOUTHERN DIS- computer-intrusions-including
TRICT OF INDIANA. 2019. USA vs WANG et al. Case [20] Danny Yadron and Melinda Beck. 2015. Health Insurer
1:19-cr-00153-JRS-MJD. https://www.justice.gov/opa/press- Anthem Didn’t Encrypt Data in Theft. Wall Street Jour-
release/file/1161466/download nal. https://www.wsj.com/articles/investigators-eye-china-
[7] Alison Grace Johansen. 2021. 4 Lasting Effects of Identity in-anthem-hack-1423167560
Theft. LifeLock. https://www.lifelock.com/learn/identity- [21] Abdelhakim Hannousse & Salima Yahiouche. 2021 [Online].
theft-resources/lasting-effects-of-identity-theft doi: https://doi.org/10.1016/j.engappai.2021.104347. Towards
[8] Ben Luthi. 2019. What to Know About the Effects of Iden- benchmark datasets for machine learning based website phish-
tity Theft. Experian. https://www.experian.com/blogs/ask- ing detection: An experimental study. Engineering Applica-
experian/how-long-can-the-effects-of-identity-theft-last/ tions of Artificial Intelligence 104 (June 6 2021 [Online]. doi:
[9] Marianne Kolbasuk McGee. 2017. A New In-Depth https://doi.org/10.1016/j.engappai.2021.104347).
Analysis of Anthem Breach. Bank Info Security.
https://www.bankinfosecurity.com/new-in-depth-analysis- A INDIVIDUAL CONTRIBUTIONS
anthem-breach-a-9627#:~:text=The%20investigation%20by%
20the%20insurance,phishing%20email%20containing% A.1 Brody Bond
20malicious%20content
[10] Lily Hay Newman. 2019. Anthem Warns Cus- • .tex setup
tomers About ’Phishing’ Email Scam. Wired. • Introduction
https://www.wired.com/story/anthem-hack-indictment- • Abstract
china/#:~:text=The%20US%20government%20accused%2032, • Timeline Graphic
responsible%20for%20three%20other%20large • Background
[11] NBC News. 2015. Anthem Warns Customers About ’Phishing’
Email Scam. NBC News. https://www.nbcnews.com/business/
• Background - Attackers
consumer/anthem-warns-customers-about-phishing-email- • Background - Attackers’ Actions
scam-n301701 • Background - Anthem’s Actions
[12] U.S. Department of Health & Human Services. 2013. Is the • Background - Anthem’s Security Measures
use of encryption mandatory in the Security Rule? https: • Citations
//www.hhs.gov/hipaa/for-professionals/faq/2001/is-the-use-
• Editor: Future Work
of-encryption-mandatory-in-the-security-rule/index.html
[13] California Department of Insurance. 2015. Anthem Data • Editor: Future Work - Limitations of Prevention:
Breach. https://www.insurance.ca.gov/0400-news/0100-press- Link-Scanning
releases/anthemcyberattack.cfm • Editor: Future Work - Proposed Work
[14] Connecticut Office of the State Comptroller. 2015. Alert: An- • Editor: Conclusion
them Data Breach. https://www.osc.ct.gov/anthembreach.
html
[15] Brendan Pierson. 2017. Anthem to pay record $115 mil-
A.2 Nicole Worth
lion to settle U.S. lawsuits over data breach. Reuters. • Phishing
https://www.reuters.com/article/us-anthem-cyber- • Phishing - Effectiveness
• Discussion A.3 Tyler Yates
• Discussion - Data Security • Future Work
• Discussion - Data Loss Effects • Limitations of Prevention: Phishing Education
• Discussion - Follow Up Attacks • Limitations of Prevention: Link-Scanning
• Discussion - Foreign Entities • Proposed Work
• Editor: Future Work • Conclusion
• Editor: Limitations of Prevention: Phishing Edu- • Editor: Introduction
cation • Editor: Background - Attackers
• Editor: Limitations of Prevention: Link-Scanning • Editor: Background - Attackers’ Actions
• Editor: Proposed Work • Editor: Background - Anthem’s Actions
• Editor: Background - Anthem’s Security Measures

You might also like