country
$20 Bonus + 25% OFF
Securing Higher Grades Costing Your Pocket? Book Your Assignment at The Lowest Price Now!

Computer Security Breaches VTech

tag 0 Download8 Pages / 1,948 Words tag Add in library Click this icon and make it bookmark in your library to refer it later. GOT IT

Questions:

1.Search the web for news on computer security breaches that occurred during September-December 2015. Research one such reported incident. Prepare a report focusing on what the problem was, how and why it occurred and what are the possible solutions?
 
2.Research about hack case on the web which happened between 2012 and 2016 (For example, one very popular hack case is JPMorgan chase hack case (2015)) and prepare a report focusing on What was the problem,Who were affected and how and  How was the attack carried out?
 
 

Answers:

1.Computer Security Breach

VTech is a company that is based out of china and provides its customers with the electronic toys. It manufactures and produces these products. The company had to experience security breach in November’ 2015 and in this attack, a lot of customer information was hacked by the security attackers. 

Description of the Problem

VTech had to face a severe breach of its information security in 2015 that led to the unauthorized acquiring of 4.8 million records associated with its customers. The records that were hacked belonged to the information of the parents and the children with their details such as login information, parent names, children names, respective email addresses, account security questions and likewise. However, the hackers failed to get their hands on the credit card and payment information of the users (Carolina, 2015).

Mode of Attack

There are numerous security attacks that have been created that lead to the risk to the information and data. In case of VTech, attackers acquired the organization records by making use of SQL injection as the attack type. SQL injection is an information security attack that is performed with the aid of malevolent SQL queries and statements. These statements are written in such a manner that they lead to the extraction of information from a particular database on which these are targeted. The attackers used this attack to extract the information of the records of the parents and the children that had their accounts on the database of VTech. There are numerous operations that can be executed on the database with the help of a query language such as SQL.

SQL injection attack that could successfully be executed violated the confidentiality and integrity of the information that was present in the database of VTech. There are various reasons that are associated with the successful execution of any of the security attacks. One of the major reasons that is normally observed is the presence of loopholes in the security infrastructure of the organization. Due to the inadequate security measures that were associated with VTech, the attackers could succeed in obtaining the unauthorized entry in to the company’s database.

 

Proposed Solutions

With the invention of numerous security risks, there are various countermeasures that have also been developed in order to put a check on these risks. The case is the same with SQL injection attacks as well as these can also be detected, prevented and controlled with the use of adequate measures.  

It is necessary to enhance the basic security of the organization before moving on to the advanced security measures. Some of the basic security measures that could have prevented the attack on VTech include the access control management along with the multi-step authentication. Increased authentication would have led to the verification of the identity of the user at various steps which could have prevented the illegal entry to the database. Dynamic SQL statements also increase the risk of SQL injection attacks and should be avoided to prevent the same. It should be made sure that the queries are often parameterized in nature and there is an increase use of stored procedures (Tajpour, Ibrahim, & Masrom, 2011). Some of the SQL injection attacks can only be applied to certain versions and releases. These specific attacks can be prevented with the use of patches and upgrades. Database administrators should therefore ascertain that timely patching is done to avoid the attacks associated with specific versions. Another significant step that should have been taken is the definition of user roles, user privileges and user access. The database of a particular company is accessible to huge number of users. It is not recommended to make a generalized access for all the users. However, user types shall be defined and the access and privileges should be provided as per the type of the user. Many of the security threats and risks will be avoided with this practice including SQL injection attacks. It is also observed that the employees of an organization pass on the information to the other parties which use the information in an incorrect manner which may cause severe adverse impacts. Defining the user roles will also reduce the frequency of the insider attacks. Another major step that may be taken is reducing the attack window and the attack surface to not leave any scope for the security attack to take place (Dehariya, Kumar, & Ahirwar, 2016). Firewalls can also be installed to avoid the entry of the malicious SQL statements in the database. Installation of firewalls is one of the basic security steps that shall be taken by every organization (Kolhe & Adhikari, 2015).

There are various tools that have been developed by the technocrats to monitor the networks and carry out reviews and audits in an automated manner. These tools record all the activities that take place over the database or a network. The records and the logs can be reviewed by the database administrators and experts to get an idea of the malevolent activities (Zhang, 2011).

 

2. JPMorgan Chase Hack Case

Hack cases are common in the world of technology and there have been numerous such cases in history. JPMorgan case is one such case that had an impact on the bank itself along with a total of eleven other entities comprising other American banks and financial corporations. The case took place in 2014 and went on till 2015 and has been recorded as one of the most severe cases in the past.

Definition of the Problem

The hack case that took place at JPMorgan happened in 2014 which had an impact on over 83 million records. These records covered 73 million households along with 8 million small-scale businesses. The case took place in 2014 and went on till 2015 and has been recorded as one of the most severe cases in the past. The information that was hacked comprised of the name of the customers, email addresses of the customers, phone numbers of the customers and many other details. The hackers could not succeed in acquiring login details associated with the users (Leyden, 2014).

Parties that were affected

The hack case that took place at JPMorgan has an impact on the bank along with eleven other U.S. banks and financial organizations. The information that was hacked comprised of the name of the customers, email addresses of the customers, phone numbers of the customers and many other details. Some of the organizations and parties that were affected included Fidelity Investments group, Citigroup, Regions Financial Corporations, HSBC Holdings and many more (Kitten, 2015).

These parties had many projects and dealings with JPMorgan and there were various information sharing activities that continued between these parties and JPMorgan. Personal details and information of millions of users was impacted in a negative manner because of the hack case that took place.

 

Mode of Attack

Multi-step authentication is a necessary step to make sure that the security of the system is maintained. JPMorgan also attempted to enhance their security framework by incorporating multi-step authentication in their security mechanisms. There were certain errors that were associated with the step as the network engineers failed to complete the process and left an open-ended server. It led to the enhancement of security vulnerabilities and acted as a threat agent for the attack. The attackers took advantage of the security loophole and did not go through the latest authentication system that was installed at the organization.

Possible Countermeasures

With the invention of numerous security risks, there are various countermeasures that have also been developed in order to put a check on these risks. The case is the same with hack case at JPMorgan as it could also have been detected, prevented and controlled with the use of adequate measures.  

The primary cause behind the security attack that took place at JPMorgan was the carelessness and operational error made by the networking team of the project. It should have been made mandatory at the organization to include the auditing processes, review sessions and testing activities in order to validate and verify the errors in the project activities. The network server that was left open-ended by the networking team then would have been identified by the review team and the error in the network server would have been rectified in a timely manner.

 


It is extremely important to control the user access and privileges that are associated with a particular system. It is not recommended to make a generalized access for all the users. However, user types shall be defined and the access and privileges should be provided as per the type of the user. Many of the security threats and risks will be avoided with this practice including the one that took place at JPMorgan. Firewalls should have also been installed to avoid the entry of the malicious entities in the system of the organization. Installation of firewalls is one of the basic security steps that shall be taken by every organization (Bella, & Bistarelli, 2005).

There are various tools that have been developed by the technocrats to monitor the networks and carry out reviews and audits in an automated manner. These tools record all the activities that take place over the database or a network. The records and the logs can be reviewed by the database administrators and experts to get an idea of the malevolent activities. These network monitoring tools along with Intrusion detection and prevention systems should have been used at JPMorgan as they would have created alerts for the system experts and would have provided them with an idea of the deviations the attackers had attempted on the system to acquire information.

Security of the system along with the associated components such as front end and back end is extremely important. The information that is present in the system of the organization is critical in nature and its exposure to the unauthorized entities can be extremely negative for the organization. Every organization should therefore make sure that the steps are taken to avoid the security risks by enhancing their security architecture.

 

References

Bella, G., & Bistarelli, S. (2005). Information Assurance for security protocols. Computers & Security, 24(4), 322-333. https://dx.doi.org/10.1016/j.cose.2004.10.004

Carolina,. (2015). Hackers Steal Parents, Kids Data in a Massive Data Breach on Toy Manufacture. HackRead. Retrieved 03 April 2017, from https://www.hackread.com/hackers-steal-toy-store-parents-kids-data/

Dehariya, H., Kumar, P., & Ahirwar, M. (2016). A Survey on Detection and Prevention Techniques of SQL Injection Attacks. International Journal Of Computer Applications, 137(5), 9-15. https://dx.doi.org/10.5120/ijca2016908672

Kitten, T. (2015). Charges Announced in JPMorgan Chase Hack. Bankinfosecurity.com. Retrieved 03 April 2017, from https://www.bankinfosecurity.com/chase-hackers-indicted-a-8673

Kolhe, A., & Adhikari, P. (2014). Injection, Detection, Prevention of SQL Injection Attacks. International Journal Of Computer Applications, 87(7), 40-43. https://dx.doi.org/10.5120/15224-3739

Leyden, J. (2014). JPMorgan Chase mega-hack was a simple two-factor auth fail. Theregister.co.uk. Retrieved 03 April 2017, from https://www.theregister.co.uk/2014/12/23/jpmorgan_breach_probe_latest/

Tajpour, A., Ibrahim, S., & Masrom, M. (2011). SQL Injection Detection and Prevention Techniques. International Journal Of Advancements In Computing Technology, 3(7), 82-91. https://dx.doi.org/10.4156/ijact.vol3.issue7.11

Zhang, X. (2011). Discussion on the Detection and Prevention of SQL Injection. Advanced Materials Research, 287-290, 3047-3050. https://dx.doi.org/10.4028/www.scientific.net/amr.287-290.3047

Download Sample

Get 100% money back after download, simply upload your unique content* of similar no. of pages or more. We verify your content and once successfully verified 100% value credited to your wallet within 7 days.

Upload Unique Document

Document Under Evaluation

Get Credits into Your Wallet

*The content must not be available online or in our existing Database to qualify as unique.

Cite This Work

To export a reference to this article please select a referencing stye below:

My Assignment Help. (2018). Computer Security Breaches VTech. Retrieved from https://myassignmenthelp.com/free-samples/computer-security-breaches-vtech.

"Computer Security Breaches VTech." My Assignment Help, 2018, https://myassignmenthelp.com/free-samples/computer-security-breaches-vtech.

My Assignment Help (2018) Computer Security Breaches VTech [Online]. Available from: https://myassignmenthelp.com/free-samples/computer-security-breaches-vtech
[Accessed 02 July 2020].

My Assignment Help. 'Computer Security Breaches VTech' (My Assignment Help, 2018) <https://myassignmenthelp.com/free-samples/computer-security-breaches-vtech> accessed 02 July 2020.

My Assignment Help. Computer Security Breaches VTech [Internet]. My Assignment Help. 2018 [cited 02 July 2020]. Available from: https://myassignmenthelp.com/free-samples/computer-security-breaches-vtech.


MyAssignmenthelp.com strives towards providing exceptional essay help at an affordable price. Students, from various parts of Australia, prefer our servicers because we provide high-quality essay assistance at a pocket-friendly price. We receive numerous requests 'help me do my essay' or 'can someone write my essay' from students every day. We efficiently fulfill those requests and provide students needed essay writing help art an affordable price.

Latest It Write Up Samples

ITECH7401 Leadership In IT Project Management

Download : 0 | Pages : 3
  • Course Code: ITECH7401
  • University: Federation University
  • Country: Australia

Answer: Budget Estimate and Financial Analysis The Return on Investment (ROI) is 125.10%, which is higher than the required ROI of twenty-five per cent. Thus, the report concludes that this project will be beneficial Port Fairy Caravan and Camping Park Pty Ltd. Year 0 1 2 3 Total Inflows (Income) 0 90000 130000 150000 370000 Outflows (Expenses) -90000 -2000...

Read More arrow Tags: Australia Riverwood 7 Leadership in IT Project Management Federation University 

MAN6910 Business Process Management

Download : 0 | Pages : 5
  • Course Code: MAN6910
  • University: Edith Cowan University
  • Country: Australia

Answer: Issue register Name of issue Patient waiting too long to register Priority 2 Description When the patients visits the hospital, the new patients are required to be registered first for gaining the treatment in the hospital. Data and assumption Over 20% of the patients who are visiting the hospital are raising the issue of extensive waiting time and longer duration for which treatmen...

Read More arrow Tags: Australia Ashgrove 7 business process management Edith Cowan University 

ITC563 IT Management Issues

Download : 0 | Pages : 10
  • Course Code: ITC563
  • University: Charles Sturt University
  • Country: Australia

Answer: Introduction: In the current aspect the Globex Corporation is a big organization in Australia which has been formed due to the merging of two large regional business which are B T & Sons Farming Equipment and Riverina Precision Farming. Currently, the Globex Corporation is located in three different locations, which are the Albury, Wagga Wagga and Griffith. The Globex Corporation currently handles two types of businesses which are...

Read More arrow Tags: Australia 7 it management issues Charles Sturt University 

ENS2108 Mechanical Science

Download : 0 | Pages : 2
  • Course Code: ENS2108
  • University: Edith Cowan University
  • Country: Australia

Answer: Internet Invention to be commercialized for bringing to the Market Internet is considered as one of the biggest boons of technology and it provides knowledge of technological advancements to its users.  Internet is responsible for providing the most advanced and updated technological products and services to their users. This invention can be commercialized for bringing it to the market by inclusion of different products. One ...

Read More arrow Tags: Australia 7 Mechanical Science Edith Cowan University 

C000105 Bachelor Of Information Technology

Download : 0 | Pages : 12
  • Course Code: C000105
  • University: Macquarie University
  • Country: Australia

Answer: Dark Net The term Dark Net refers to the computing network that uses a unique customized interaction protocol in order to manage the confidentiality of sensitive data. The key concept of Dark Net is to deliver a secure communication network to the companies so that the communication gaps and security problems can be managed. In this era, the rate of cyber-crime is growing quickly and most of the communities worldwide are suffering fro...

Read More arrow Tags: Australia Sydney 7 Bachelor of Information Technology Macquarie University 
Next
watch

Save Time & improve Grade

Just share Requriment and get customize Solution.

question
We will use e-mail only for:

arrow Communication regarding your orders

arrow To send you invoices, and other billing info

arrow To provide you with information of offers and other benefits

1,354,168

Orders

4.9/5

Overall Rating

5,080

Experts

Our Amazing Features

delivery

On Time Delivery

Our writers make sure that all orders are submitted, prior to the deadline.

work

Plagiarism Free Work

Using reliable plagiarism detection software, Turnitin.com.We only provide customized 100 percent original papers.

time

24 X 7 Live Help

Feel free to contact our assignment writing services any time via phone, email or live chat.

subject

Services For All Subjects

Our writers can provide you professional writing assistance on any subject at any level.

price

Best Price Guarantee

Our best price guarantee ensures that the features we offer cannot be matched by any of the competitors.

Our Experts

Assignment writing guide
student rating student rating student rating student rating student rating 5/5

2109 Order Completed

99% Response Time

Emma Zhong

Ph.D in Project Management with Specialization in Project Communications Management

Singapore, Singapore

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 4/5

2594 Order Completed

95% Response Time

Michael Johnson

Masters of MSc in Economics

Washington, United States

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

647 Order Completed

98% Response Time

Adlina Han

Masters in Marketing with Specialization in Branding

Singapore, Singapore

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

610 Order Completed

100% Response Time

Cheryl Zhao

PhD in Statistics

Singapore, Singapore

Hire Me

FREE Tools

plagiarism

Plagiarism Checker

Get all your documents checked for plagiarism or duplicacy with us.

essay

Essay Typer

Get different kinds of essays typed in minutes with clicks.

edit

GPA Calculator

Calculate your semester grades and cumulative GPa with our GPA Calculator.

referencing

Chemical Equation Balancer

Balance any chemical equation in minutes just by entering the formula.

calculator

Word Counter & Page Calculator

Calculate the number of words and number of pages of all your academic documents.

Refer Just 5 Friends to Earn More than $2000

Check your estimated earning as per your ability

1

1

1

Your Approx Earning

Live Review

Our Mission Client Satisfaction

Work clearly captured the differences and benefits of various forecasting methods. I made the right decision for help!

flag

User Id: 383727 - 02 Jul 2020

Australia

student rating student rating student rating student rating student rating

at first i got the assignment in different company's name which was supposed to be Bearena pty ltd...i told them about this one and today i have received the same assignment, they have just change the company's name..rest is same...not a even single ...

flag

User Id: 410147 - 02 Jul 2020

Australia

student rating student rating student rating student rating student rating

Great work, I appreciate such an excellent work. Great APA format and references. I will recommend you to my friends.

flag

User Id: 400631 - 02 Jul 2020

Australia

student rating student rating student rating student rating student rating

Was on time .save by the bell.thank you so much.all exams was done. You guys are the best

flag

User Id: 260883 - 02 Jul 2020

Australia

student rating student rating student rating student rating student rating
callback request mobile
Have any Query?