CS 405 5-1 Case Study Triple A and Defense in Depth

docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

405

Subject

Computer Science

Date

Apr 3, 2024

Type

docx

Pages

3

Uploaded by BailiffSpider1312

Report
Koehler Radder 05-31-2023 CS 405 5-1 Case Study: Triple A and Defense in Depth The case study I decided to write about is the T-Mobile hack that happened this past January in 2023.( https://techcrunch.com/2023/01/19/t-mobile-data-breach/ ). It made the news because this isn’t the first time T-Mobile has been hacked 8 times since 2018 and it is a large and well known company. I chose to write about this particular hack because I have been a T-Mobile user for the past few years and had know idea that this is a recurring thing. As a customer, I need to know that my data is protected. The breach actually happened in November of 2022, but T-Mobile didn’t even notice the breach until January 5 th . “The telecom giant said that the “bad actor” started stealing the data, which includes name, billing address, email, phone number, date of birth, T-Mobile account number and information such as the number of lines on the account and plan features.”( Franceschi-Bicchierai, 2023). This was a combination of a security and data breach, the hacker used an exploit an application programming interface or API. Based on my findings, its seems that T-Mobile keeps getting targeted because for whatever reason the company lacks efficient security measures set in place. The most immediate threat is the breach of the customers personal information, the hacker had over a month to gather as much information as they could before the problem was noticed and fixed. The potential threats if the vulnerability goes unresolved would be personal payment information and identity theft. The information given to a phone company by the customer is
enough to steal a persons identity with little effort. If this happened, the company would be on the hook for millions if not more in damages. The developer could have done a few different things that would have prevented this breach but without constant updates and maintenance, whatever the developer could have done most likely would have been in vain. If this was the first time for this company, then I could see the developer implementing policies to prevent future attacks. Since this is the 8 th time in the past 6 years, it seems that the company needs to re-evaluate its security protocols and put more manpower on actively searching for vulnerabilities and exploits. In summary, the role of best practices, Triple A and defense in depth in preventing future attacks is crucial for large companies like this. By utilizing Triple A and DiD, future hackers will be hard pressed to get through. Having multiple redundant layers of security prevents anyone getting access to sensitive information. While having the three As, Authentication so you know who is accessing the network. Authorization to make sure whoever is accessing the network is authorized to do so. Accounting to know exactly what the user did at what time, with what commands, and what resources were accessed. All this is nothing unless best practices is utilized every step of the way.
References: Franceschi-Bicchierai, L. (2023, January 19). T-Mobile says hacker accessed personal data of 37 million customers. TechCrunch. https://techcrunch.com/2023/01/19/t-mobile-data-breach/
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

CIS 105 Assignment Schedule.xlsx
LAB 3 INSTRUCTIONS.pdf
CPSC_1160_Practice_Final_Exam.docx
CS-230 memory and storage.docx
CS230 module 4 journal entry.docx
CS 405 5-3 Activity Static Code Analysis(revised).docx
CS 405 2-1 Journal Defense in Depth (DiD).docx
Quiz7.docx
Quiz6.docx
CiS120-PJ 2-QBE.docx
CiS120-PJ1-report-my-name.docx).docx
Aviation Assignment.pdf
Recommended textbooks for you
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Microsoft Windows 10 Comprehensive 2019
Computer Science
ISBN:9780357392607
Author:FREUND
Publisher:Cengage
Text book image
MIS
Computer Science
ISBN:9781337681919
Author:BIDGOLI
Publisher:Cengage
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781305082168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
SEE MORE TEXTBOOKS
Recommended textbooks for you
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Microsoft Windows 10 Comprehensive 2019
Computer Science
ISBN:9780357392607
Author:FREUND
Publisher:Cengage
Text book image
MIS
Computer Science
ISBN:9781337681919
Author:BIDGOLI
Publisher:Cengage
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781305082168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
SEE MORE TEXTBOOKS