MSIT 3150 -Assignment 1

docx

School

Clark University *

*We aren’t endorsed by this school

Course

3150

Subject

Computer Science

Date

Jan 9, 2024

Type

docx

Pages

Uploaded by PrivateMorning9896

Assignment 1 Assignment 1 School of Professional Studies, Clark University MSIT3150-01-F23 : Security Architecture & Design Professor Peter Sullivan September 5, 2023 The Dropbox breach in 2012 (Human Error) 1

Assignment 1 The 2012 Dropbox breach was a cybersecurity event in which hackers obtained unauthorized access to a Dropbox employee's account, exposing the email addresses of millions of Dropbox customers. The employee's behavior of reusing passwords across several internet accounts was the primary human mistake in this hack. The first breach appears to be the consequence of a Dropbox employee reusing a password previously used on LinkedIn, the professional social network that suffered a breach that disclosed the password and allowed the hackers to join Dropbox's corporate network. This hack emphasizes the vital need of excellent password hygiene and not reusing passwords across many accounts. It's a harsh reminder of how a single flaw in an individual's online security procedures may have far-reaching effects, affecting not just their personal accounts but also the security of the companies for which they work and the privacy of their users or customers. Individuals and organizations must advocate strong password rules, encourage the use of unique and difficult passwords, and use multi-factor authentication to offer an extra layer of protection in the event that passwords are hacked to reduce such risks. Verizon Data Breach (Misconfiguration) According to the Verizon Data Breach of 2017, a misconfiguration of a third-party vendor's platform, Nice Systems, resulted in the exposing of millions of user details. Nice Systems is a firm that provides customer support solutions, and it was a provider for Verizon. The error happened on an Amazon Web Services (AWS) S3 storage bucket managed by Nice Systems, where Verizon had stored data from customer care calls and records. Because of this error, the S3 bucket was left open to the public without adequate authentication or security procedures in place. 2

Assignment 1 As a consequence, sensitive client data such as names, phone numbers, and account PINs were available to anybody with access to the internet. This event underscored the significance of external vendor security and the necessity for firms like Verizon to perform rigorous evaluations of their contractors' security policies, especially the processing of customer data. It also addressed the need of properly setting cloud storage systems to keep sensitive information safe and secure. Verizon responded immediately to the hack and strengthened its data security processes to prevent such breaches in the future. Sony PlayStation Network (Development process) The Sony PlayStation Network (PSN) breach in 2011 was a serious cybersecurity event that resulted in the theft of sensitive personal and financial information of millions of PSN members. Hackers gained unauthorized access to user accounts after exploiting weaknesses in Sony's online gaming and entertainment network. While the exact facts of the breach's origins are still being contested, it highlighted significant shortcomings in Sony's development process and overall security posture. The fundamental fault in the development process was the use of obsolete and unpatched software on the PSN servers, which made it vulnerable to known security vulnerabilities. This incident underlined the crucial need of comprehensive security measures throughout the software development lifecycle, such as frequent updates, vulnerability management, best encryption practices, and quick reaction processes in the case of a security breach. WannaCry Ransomware Attack (vulnerability) The 2017 WannaCry Ransomware Attack was a large-scale cyberattack that caused considerable disruption and financial losses throughout the world. The assault took use of a flaw 3

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help

Assignment 1 in Microsoft's Windows operating system, namely the Server Message Block (SMB) protocol this vulnerability known as EternalBlue. EternalBlue enabled the malware to spread quickly over networks, probing for and infecting more susceptible PCs. WannaCry encrypted the user's data and demanded a Bitcoin payment for the decryption key once inside the system. It impacted several organizations, including healthcare facilities, government entities, and corporations. The magnitude and scope of the attack sparked immediate responses from cybersecurity professionals and government agencies throughout the world. To minimize the vulnerability, Microsoft offered emergency updates for unsupported versions of Windows, emphasizing the crucial need of keeping software up to date as well as the need for effective cybersecurity policies to prevent such situations in the future. References Guardian News and Media. (2016, August 31). Dropbox hack leads to leaking of 68m user passwords on the internet . The Guardian. https://www.theguardian.com/technology/2016/aug/31/dropbox-hack-passwords-68m-data- breach Deahl, D. (2017, July 12). Verizon Partner Data Breach exposes millions of customer records . The Verge. https://www.theverge.com/2017/7/12/15962520/verizon-nice-systems-data- breach-exposes-millions-customer-records Garcia, D. M. (n.d.). The 2011 PlayStation Network Hack – what actually happened? . WestSide Story. https://wsswired.com/4837/entertainment-3/the-2011-playstation-network-hack- what-actually-happened/ The heartbleed bug: How a flaw in openssl caused a security crisis . CSO Online. (2022, September 6). https://www.csoonline.com/article/562859/the-heartbleed-bug-how-a-flaw- in-openssl-caused-a-security-crisis.html 4

Related Documents

McCurley-Shimer_Assignment #2.docx

Lab 5 - Stego.docx

McCurley-Shimer_Assignment #3.docx

McCurley-Shimer_Assignment #1.docx

McCurley-Shimer_Assignment #6.docx

MSIT 3150-Assignment 4.docx

T09.pdf

Salesforce Platform Developer I Certification Practice Questions and Answers.docx

2.3.11.pdf

Previous Resource 7.3.5 Compare an MD5 Hash.pdf

TPC3DQ1.docx

Recommended textbooks for you

Fundamentals of Information Systems

Computer Science

ISBN:9781337097536

Author:Ralph Stair, George Reynolds

Publisher:Cengage Learning

Principles of Information Systems (MindTap Course...

Computer Science

ISBN:9781305971776

Author:Ralph Stair, George Reynolds

Publisher:Cengage Learning

Principles of Information Security (MindTap Cours...

Computer Science

ISBN:9781337102063

Author:Michael E. Whitman, Herbert J. Mattord

Publisher:Cengage Learning

Fundamentals of Information Systems

Computer Science

ISBN:9781305082168

Author:Ralph Stair, George Reynolds

Publisher:Cengage Learning

Management Of Information Security

Computer Science

ISBN:9781337405713

Author:WHITMAN, Michael.

Publisher:Cengage Learning,

Principles of Information Systems (MindTap Course...

Computer Science

ISBN:9781285867168

Author:Ralph Stair, George Reynolds

Publisher:Cengage Learning

SEE MORE TEXTBOOKS

Recommended textbooks for you

Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
Fundamentals of Information Systems
Computer Science
ISBN:9781305082168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning