Friday, 17 May 2019

Computer Virus and Prentice Hall Essay

Reports of computer security failures appear frequently in the daily new. Cite a reported failure that exemplified one (or more) of the principles listed in the chapter easiest penetration, adequate protection, durability, weakest link.There has been a lot of reports of security breaches in the news, for example the Sony Playstation Network, RSA Lockheed Martin compromise, Hyundai and so on, these shoot been of recent and these all show how vulnerable we are to security threats go forth there on the world wide web which has very little to do with borders of the country or state. The Internet is a gateway of instruction all over the word where people are committed and providing and absorbing information. Many of the security restrictions that apply in a physical sense do not in the cyber world.I have picked the Sony Playstation Network (PSN) compromise as my topic of discussion to show the areas cover in chapter one that talk about penetration, protection, effectiveness, weakest l ink. A productive penetration into the PSN by the barrageer, has compromised peoples credit control board information, birthdates, addresses, phone numbers and more. The successful penetration was delivered disguised in the form of a purchase as stated by Sony Chief Information Officer Shinji Hajesima (Ogg, 2011).The systems were unable to detect the attack going by as it went through has a purchase transaction. This show lack of adequate protection, in the article it to a fault mentions that the vulnerability that was exploited by the hacker was also cognize. This shows that it is absolutely important to make sure that the patches for known vulnerabilities are deployed and the systems are patched accordingly, though one may argue if the patching introduces other forms of vulnerability.The successful exploitation of the system led to the loss of personal details of up to 70 million (Schreier, 2011) customers, this information could be used for identity theft, credit card theft, and besides that the down time for customers who are victimisation the system that they have paid for. The effectiveness of this attack is shown by the shutdown of the PSN for a number of days. This shows that the effectiveness of the protection on this system was lacking, the inability to pickup on the intrusion as it happened and thus display us a weak link in the system security.The article shows us the combination of things that have come into play that have led to the successful compromise of the PSN network. Starting with the vulnerability that was known by Sony with the systems and left unattended, secondly the inability of the intrusion detection system to pick up the actual attack or the delivery of the malformed data that exploited the vulnerability to permit access to the attacker, lastly the entrepot of data in an unencrypted but hashed form which is reversible to obtain the credentials and personal details of the PSN users or customers.

No comments:

Post a Comment