C843 Report A SUCCESS OF ATTACK C843 Report A SUCCESS OF ATTACK The cyberattack against

C843 Report A SUCCESS OF ATTACK  C843 Report A SUCCESS OF ATTACK  The cyberattack against Azumer Water was very successful due to administrative and technical shortcomings in the companys information security management implementation. One major factor was a lack of user security awareness training. John Smith, the volunteer coordinator for Azumer Water, carelessly clicked on a link in an email that should have easily been identified as a phishing email.  As a result, his account was compromised which led to the database containing the personally identifying information of 1,073 volunteers being compromised as well. Once the attackers gained access to the database, they were able to send out phishing emails to all the volunteers before subsequently deleting the database entirely.   The lack of security awareness training highlights a scary trend in cybersecurity. According to a 2015 study by McAfee, an American global computer security software company, 97 percent of end users were unable to properly identify phishing emails. (Cook, 2018) The study showed that even if consumers were aware of what phishing was, they were generally bad at avoiding them or properly handling them. Given Johns important position within the company and given his access to a database containing sensitive information, he should have received proper training on identifying and properly handling suspicious emails.  Although Azumer Water did have a password policy in place that addressed the issue of password maintenance, the policy wa