Monday, September 9, 2019
Computer Security, 2 actual examples of where Security has failed Research Paper
Computer Security, 2 actual examples of where Security has failed (detailed description below) - Research Paper Example Such two instances have been discussed in the paper, along with the probable reasons of the security breach and preventive measures that should be taken for such matters in the future. 2. Sony PS3 Security Breach Sony Online Entertainment (PlayStation Network) is one of the market leaders in providing online games to its users around the world. Many users subscribe to the service to purchase games and online activities. In April 2011, the company faced a major setback regarding their service and data assets. The impact was so massive that they failed to offer their services even after two weeks of the incident. 2.1 Nature of the Attack Sony PlayStation network experienced denial of service attacks from one or more cybercriminals in April, 2011. According to Stuart and Arthur (2011a); the extravagance of the denial-of-service attacks occupied the company to such a great extent that another on-going attack went unnoticed by the authorities, i.e. cybercriminals were also trying to attem pt the intrusion attack around that same time. Another aspect that seems evident from the data theft activities is that the sophistication and extensive planning of the attack made it undetectable. Two weeks later, the company realized that their data assets had also been stolen from Sony Entertainment Online multiplayer domain. The intruders gained access to $77 million records of the customers of the company that had their names, postal addresses, email addresses, credit card information and birthdates. Later, the company admitted that more than $25 million had also been stolen from an outdated database of 2007 that contained data of similar nature. The massive theft of credit card information and personal information are feared to result in catastrophic instances of identity thefts and other misuse of data for a long period of time. Arthur (2011) provided the information that the data server, that contained information from the year 2007, was known to constitute of records of int ernational users from Austria, Germany and few other countries. Therefore, this attack has not only threatened the image of Sony in the local markets, but also internationally. 2.2 Causes of the Attack Batty (2011) reported the information that an unknown file named ââ¬ËAnonymousââ¬â¢ was found on one of their servers that had a message to warn the authorities about more attacks. This proves that the intruders had successfully gained access of their servers and systems and therefore managed to copy millions of data records for their use. The means of gaining access or intrusion in the systems can be based on multiple factors. Some of the most probable ones have been discussed below: Some employees might not be aware of the security policies that are supposed to be followed to safeguard the security of the data assets of the company; hence their negligence caused the exposure of sensitive login information. Hackers may have targeted some employeesââ¬â¢ systems and sent them spam, phishing emails or advertisement links on social networks to lead the employees to a compromised source. Upon the download of any malicious attachments or entry at unauthentic websites, the malicious software is automatically transferred to the system of the user (with or without the knowledge of the user). This software can perform automated malicious
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.