Discuss about the Security for Desired Data, Services and Applications.
A security breach can be described as an incident where unauthorized source can get access of their desired data, services, applications and many more. Security breaches occur when an application or an individual tries to enter a confidential IT perimeter illegitimately (Laube and Böhme, 2016). Security breach is the initial stage of security attacks. Sometimes a security breach can be less risky but sometimes it might result to be most dangerous. The details of this topic are discussed further in this report. Asynchronous I/O is a type of input or output processing that lets other processing to go on before the transmission gets over. Operations of input and output can be slow in comparison to the processing of the data (Chinner and Gigante, 2014). Asynchronous I/O activity is a problem with many memory protection schemes, including base/bounds and paging. These problems are mentioned in the discussion part of this report. It further discusses regarding the network outage that had been faced by Play Station in 2011. It gives recommendation that could have been implemented by Sony in order to prevent the attack.
Various deadliest security breaches include WannaCry, Petya, Locky, Cerber, SamSam and many more. The security breach chosen for this report is WannaCry. WannaCry is a specific ransom ware worm that has the ability to spread itself through a wide range of computer network (Scaife, Traynor and Butler, 2017). This ransom ware took place in May 2017. It infects a computer and encrypts files in the hardware of the PC. This makes impossible for the owner of the data to get access to it. The attacker demands some amount of ransom in order to decrypt the data. The attack was highlighted because it struck numerous systems of high profile. This included the National Health Service of Britain.
The WannaCry ransom ware includes many components. It appears in the computer as a dropper. Dropper is a program which is self-contained that extracts the components of other application within itself. These components are a copy of Tor, files that contain encryption keys, an application that encrypts as well as decrypts information. The program code was comparatively easy to analyze (Mohurle and Patil, 2017). After being launched WannaCry accesses hard-coded URL. If it is unable to access it, it searches files and tries to encrypt them in a specific format. It can hack Microsoft office files as well as MKVs and MP3s and leaves them inaccessible to the owner. After that, it displays a notice where it demands a ransom amount in bit coin in order to decrypt files.
WannaCry had the ability to spread itself across huge networks. This is done by exploiting a known bug in the operating system of Microsoft Windows. According to various reports, the attack took place on Friday (Ehrenfeld, 2017). This forced the hospitals in Britain to turn away the patients. It had also stuck various companies in Spain such as Portugal Telecom, Telefonia and FedEx. WannaCry attacked around 40 NHS (National Health Service) of England. Hackers had sent mails containing malicious attachment to the victims. They tricked the victims in opening the mails. They were tricked because the mails appeared to contain job offers, invoice, security warnings and other files. WannaCry locks files in the computers and encrypts them in such a way that the owner or the user is not allowed access to the files. When WannaCry infects an operating system and the user tries to get access to the data infected a pop-up window is appeared. This pop-up provides an explanation of the happenings to the computer, how they can be recovered (Brewer, 2016). It also gives instructions on the ways to pay the ransom amount in bit coin. The pop-up also features a countdown clock, which shows the amount of time left for the payment. If the demanded amount is not paid in time the user would lose the entire data. According to various researchers, a worm spread the infection. Worm is a program that has the ability to spread itself in a network of computers. They do not have to wait for the human action in order to spread it. The attackers assure that they would give back the access to the files after the payment is made, but researchers say that there is no guarantee that the access would be granted after the payment.
The computer networks can be saved from being infected by ransom ware attacks by following various measures. These measures are as follows
A network outage was faced by Play Station in 2011. This took place due to an external intrusion on the network of Play Station. In this data breach data of around 77 million accounts were stolen. This also prevented the users to get access to their accounts. This led in theft of the users’ account details like addresses, name, data regarding credit cards and many more. This was rated as the most harmful and largest Internet Security breaches. Sony realized that the data related to users has been stolen by an external source (Goode, Hoehle and Venkatesh, 2017). This realization took place seven days after the attack was carried out. They had shut down the network immediately. Sony informed the users regarding the attack after few days. Sony informed that the illegal or unauthorized person obtained information regarding the users. This information included their name, email address, address, username, birth dates, passwords, logins and some more. The shut down disabled the users from buying or downloading games. According to some research, the breach has resulted in largest theft of the identity data of the users. This breach had caused a major loss to the electronics maker of Japan. There was no evidence of the theft of credit card numbers. The problem faced by the users was that when a user tries to get access to the site, he gets a message showing Page Not Found (Grieco, Piro and Boggia, 2017). It also said that it is not the user’s fault; it is the internet’s fault. Sony Entertainment Network responded to the attack by posting a tweet saying they know regarding the issues that users are facing while connecting to the network of PlayStation. Under this attack, various attacks took place. They are April 17, Sunday; 25 million customers’ data was exposed. On April 19, Tuesday, Sony realizes that an intrusion took place into the network of PlayStation. On April 21, Thursday Sony started investigating the reason behind the network outage. On April 24, Tuesday 77 million accounts of PlayStation network were compromised. Sony notified the PSN customers regarding security breach after 7 days. On April 28, Thursday, 4.5% of shares owned by Sony in Tokyo closed down. The overall stock fell over 8% in about a week. May 2, Monday, Sony revealed that the network of Sony Online Entertainment had been hacked before 2 weeks. On May 3, Tuesday Sony informs its customers regarding the breach. May 9, Monday, analysts realize the repair bill is around billion-dollar. May 15, Sunday, after the hacking debacle, Sony restarts the internet services (Marshall and Rimini, 2015). May 16, Monday, the servers of Amazon cloud were used in order to hack the PSN. The hacking of the network of PlayStation has affected more than 77 million people. People were denied the access of the site. Users were not able to download or update games. The organization faced a crucial loss. The bill of repairing the issue was more than a billion dollar. The company lost most of its shares in the market.
Due to some security reasons and Sony being a tight-lipped organization on these matters, we have not yet known the exact attacker of PlayStation. Some guesses had been made regarding the process of the attack. The proximity to the recent attacks on anonymous is likely to be related with the database breach. It has been assumed that the attacker might have learned regarding the weakness in the security mechanisms of PSN. Then that data is passed on to a group of hackers. After that if the fault was quite big, the attackers would have stepped into the network with the help of an SQL injection attack (Marshall and Rimini, 2015). One alternative could be the release of custom PlayStation 3 build which is called Rebug. This turns PS3 into a developing unit as well as activates a list of features that are not normally access able by customers. The Rebug firmware gives the user access to the internal developer network of Sony. It has been reported that once someone is in the internal network, a range of new hacks are available. These hacks include the usage of fake details of credit card. With the installation of custom firmware, it is possible to get access of the customer details that has been breached. Along with the hack, the PlayStation network passwords were also exposed (Marshall and Rimini, 2015). It is possible that the passwords were stored in normal readable form and other details regarding the customer like username, address were stored without encrypting them for security. It might be impossible to secure the entire data from unauthorized users but it could be encrypted so that it becomes useless for the upcoming hackers.
It was found out that Sony was lagging behind in many ways, which led a way to the breach. The measures that could be taken in order to prevent the breach are as follows
Conclusion
It can be concluded from the above report that security is the main factor for an organization to stay away from hackers. Various organizations can be attacked by unauthorized users if their security system is not enough secured. This report also discusses regarding WannaCry ransom attack. It describes the damages caused by the attack and the recommendation that can be implemented in order to prevent the attack.
References
Brewer, R. (2016). Ransomware attacks: detection, prevention and cure. Network Security, 2016(9), 5-9.
Chinner, D., & Gigante, M. A. (2014). U.S. Patent No. 8,635,256. Washington, DC: U.S. Patent and Trademark Office.
Chinner, D., & Gigante, M. A. (2014). U.S. Patent No. 8,635,256. Washington, DC: U.S. Patent and Trademark Office.
Ehrenfeld, J. M. (2017). Wannacry, cybersecurity and health information technology: A time to act. Journal of medical systems, 41(7), 104.
Goode, S., Hoehle, H., Venkatesh, V., & Brown, S. A. (2017). USER COMPENSATION AS A DATA BREACH RECOVERY ACTION: AN INVESTIGATION OF THE SONY PLAYSTATION NETWORK BREACH. MIS Quarterly, 41(3).
Grieco, L. A., Piro, G., Boggia, G., & Striccoli, D. (2017). 3 Cooperative Networking. Internet of Things: Challenges, Advances, and Applications, 51.
Laube, S., & Böhme, R. (2016). The economics of mandatory security breach reporting to authorities. Journal of Cybersecurity, 2(1), 29-41.
Marshall, J. P., & da Rimini, F. (2015). Playstation, Demonoid and the orders and disorders of Pirarchy. Krisis: Journal for contemporary philosophy.
Maurya, A. K., Kumar, N., Agrawal, A., & Khan, R. A. (2018). Ransomware: Evolution, Target and Safety Measures.
Mohurle, S., & Patil, M. (2017). A brief study of wannacry threat: Ransomware attack 2017. International Journal of Advanced Research in Computer Science, 8(5).
Natanzon, A., Ayzenbergv, L., Mossel, Y., Singer, I., & Kedem, O. (2017). U.S. Patent No. 9,639,592. Washington, DC: U.S. Patent and Trademark Office.
Scaife, N., Traynor, P., & Butler, K. (2017). Making Sense of the Ransomware Mess (and Planning a Sensible Path Forward). IEEE Potentials, 36(6), 28-31.
Velez-Castrillon, S., & Angert, C. (2015). How Sony Got its Groove Back: A Case Study in Turnaround Management. Business Education Innovation Journal, 7(2).
Veresov, I. (2015). U.S. Patent No. 9,213,562. Washington, DC: U.S. Patent and Trademark Office.
Watkins, N., Jia, Z., Shipman, G., Maltzahn, C., Aiken, A., & McCormick, P. (2015, November). Automatic and transparent I/O optimization with storage integrated application runtime support. In Proceedings of the 10th Parallel Data Storage Workshop (pp. 49-54). ACM.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order formOnce we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignmentAs soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download