country
$20 Bonus + 25% OFF
Securing Higher Grades Costing Your Pocket? Book Your Assignment at The Lowest Price Now!

MITS5004 It Security Assignment

tag 0 Download12 Pages / 2,783 Words tag Add in library Click this icon and make it bookmark in your library to refer it later. GOT IT
  • Course Code: MITS 5004
  • University: Victorian Institute Of Technology
  • Country: Australia

Question:

Research the 2011 Sony PlayStation Network outage case on the web and prepare a report focusing on the following questions:

• What was the problem?
• Who were affected and how?
• How was the attack carried out?
• What could have been done to prevent the attack?

Rationale

This assessment task is based on the following topics discussed in the subject: the overview of  Information security fundamentals, security threats, cryptography, malicious software and its countermeasures, operating system security and software security . The assessment task is aligned with the following learning outcomes of the subject:

On successful completion of this subject, students will

• be able to justify security goals and the importance of maintaining the secure computing environment against digital threats;
• be able to explain the fundamental concepts of cryptographic algorithms;
• be able to examine malicious activities that may affect the security of a computer program and justify the choice of various controls to mitigate threats.
• be able to compare and contrast the security mechanisms of a trusted operating system with those used in a general purpose operating system;
 

Answer:

Introduction

This report is divided into two sections. The first part of report covers the discussion of a recent security breach that occurred. The attack that is selected and discussed in this report is Wannacry that took place in April 2017. The problem faced due to this attack along with its solutions is discussed. The second part of the report covers a detail decision about the sonly PlayStation network case. It is one of the biggest security breaches in the history. The important components of the attack along with the protections measures have been discussed.

 

Computer security breaches that occurred recently

There are many computer security breaches that occurred during April-August 2015-2018. In this section the attack that would be considered is WannaCry attack, it is a cyber-attack that targets operating system. This attack has become viral in 2017 and the only motive is to get unauthorised access so that they can earn money in the form of bit coin.

The problem faced due to this attack is it speeded at very high speed and is easily transferrable from one computer to another. This attack hits the computer through emails and downloads as viruses capture the system through theses means (Mattei, 2017). This attack allowed access of information to unauthorised users. This attack occurred in May 2017 and targeted computers to read the information and in return ask for money to release the information.

This attack came with the motive to capture all the confidential data and could be used in unauthentic ways. WannaCry attack captured data of many healthcare services and in return asked for money at time of realising the information. This attack transferred from one computer to another in a short span of time (Lallie, Debattista & Bal, 2018). This has degraded brand image and broke the trust of customers. This attack unknowingly entered the system and then denied the access of valid user by asking payment from them to get the access. This attack spread over the network by phishing attacks thus it is important to keep all the files encrypted so that even if the file is accessed by unauthorised user the information is not leaked. Some of the security tools like firewalls and software’s should be downloaded so that information is not leaked.

This attack was first reported in Window system in Europe that outbreaks the information of the system and has affected large number of organisations all over the world. This attack mostly victim healthcare industry by delaying the operations and keeping the patients wait for a longer time. Future, they earn money while re-establishing the information (Mattei, 2017). Mostly the older based window systems are affected by the WannaCry attack.

This attack targets the sensitive file by encrypting them so that even authorised user don’t get access to it. They target many file types like database, achieve files and other documents s that valid user don’t get access to it (Lallie, Debattista & Bal, 2018). In return they demand for bit coin from the victim to release the file. This causes a loss to an organisation as these files future gets deleted.

 


This attack directly affects the computer by causing security flaws. It breaks the trust and loyalty among customers due to loss of confidentiality and integrity. The unpatched computers are easily affected by this attack thus it is suggested that various security measures should be taken to secure the system.

The solution to overcome this issue is using strong firewalls and antiviruses so that bugs are detected easily. This can be achieved by taking backups regularly so that system doesn’t stop working. Apart from that, it is suggested that fake decryption file should be used to claim the original files.

WannaCry is an attack that have captured many computer networks in May 2017, all the files on the computer is encrypted by making impossible for use to access the information. This attack causes vulnerabilities in operating system and Windows that causes network communication error (Clarke & Youngstein, 2017). It is a dangerous attack as it keeps the entire data encrypted from authenticated user.

The protection from this attack can be gained by taking backups so that even if the information is hacked the functions are not stopped and they work continuously (Jenic, 2016). The backups can be taken through automatic means so that time is also saved.

Some of the steps that need to be taken to reduce the risk of WannaCry attack are keeping the system updated with virtual patching solution. By enabling firewalls and using intrusion prevention system also helps in keeping the system secure. Apart from that, it is important to proactively monitor the traffic of the network by implementing security mechanism. It is also suggested that downloads should be performed through certified website and some emails should be blocked (Clarke & Youngstein, 2017). The network segmentation should be performed so that exposure of data can be controlled.

Patching is a way through which this threat could be mitigated. The data need to be categorized so that at time of attack the data could be recovered easily. The unneeded services should be avoided as it gives ways for the hackers to enter in the system (Jenic, 2016). It is suggested that red flags should be identified on social platforms like spam emails that contain system exploiting viruses. Thus, the IT expert should deploy security mechanism to protect the system from such viruses. These attacks can be reduced by keep a track from where the information is downloaded as viruses enter the system through these means. Thus, it is recommended to encrypt all the information so that confidentiality is maintained. Apart from that antivirus software should be used to monitor the viruses.

 

Asynchronous I/O activity

As the word say asynchrony input output activity allows the process to continue before the transmission of previous process has occurred. It improves the turnaround time and latency but it can cause a problem of multiple transmissions. Asynchronous data transfer is done using read and write operations it contains the value of transfer statement. The wait operation is used when other process occurs between data transfer (Kuperman,  Moscovici, Nider,  Ladelsky, Gordon & Tsafrir, 2016). The wait time is used to make the other process wait for the execution process. Input output operations slow down the processing of data as it incorporates the access and wait time (Treviño, 2016).

Asynchronous I/O with base bound and paging provides the ability to relocate the memory, there are two separate user address. One is base address that is offered in starting if user needs to exceed the limit they can make use of bound register. They maintain integrity of data by protecting the information from other users too (Kuperman,  Moscovici, Nider,  Ladelsky, Gordon & Tsafrir, 2016). Paging divides the program into equal pieces and also divides the memory into page frames. In case of memory asynchronous I/O there exist a problem as file sends the request to kernel. Kernel accepts the request so that continuous processing takes place of other process. It can be a problematic situation as it increases time to take backups and access the information (Goode, Hoehle, Venkatesh & Bro, 2017).   Asynchronous is a most commonly used in real time application as it allows users to collect data from multiple channels. The problem faced by asynchronous I/O is compression of data that do not offer access to files (Chinner & Gigante, 2016). If the files are decrypted it will not offer synchronous. In case of paging one root object is created at boot time and other is created at time of pre-processor. This problem affects the operating system interface by submitting blocking operations to pool the threads. These I/O operations affect the main memory by offering different access method which causes issue in terms of efficiency. Memory-mapped I/O is suitable for devices that move to large quantities so that data can be accessed quickly (Miller,  Reed,  Smith & Yee, 2016).

Solution to the problem

The solution to this problem is interrupting the flags at time of data arrival. If the transfer takes place in an asynchronous way then the status should be initiated. If the status is initiated about the transfer then new data should be time stamped so that no interruption takes place.  It is a way that offers online experience to employees so that they can have complete control over the activities (Jeong,  Lee & Kim, 2015). This causes lack of personal interaction and lack of feedback that causes an issue to run real time activities. Many operating system functions exist to implement asynchronous I/O at many levels. The main function of all operating systems is to perform at least some form of basic asynchronous I/O so that it do not apparent user programmer (Craddock,  Klein, Lais & Yudenfriend, 2018).

2011 Sony PlayStation Network outage case

This case was a result of external intrusion in this personal information was prevented to access. This attack occurred on 17th and 19th April. It was one of the largest security breach that affected many customers. The company tries to offer online service for their customers but has stuck in a security patch (Ricks, Thuraisingham & Tague, 2018). Thus it is important for user to maintain string passwords and change them regularly.

The problem faced by this attack was play station network was taken offline. The company said that this was down voluntarily but it is an external intrusion. The system remained unavailable for next five days after the attack (Kokas, Tryon, Gusterson & Braun, 2016). The users were not able to connect to the services which broke the trust and loyalty among customers. The problem of this attack was anonymous denial of services (Ricks, Thuraisingham & Tague, 2018). This did not allowed valid user to access the service and this outage affected many other services running over the network. This attack gave the access to illegal and unauthorised access to people which brought up many security concerns. Sony had control over many credit card companies like amazon, eBay, PayPal and others. This attack allowed hackers to access theses confidential data. Thus, many credit card number and other details were stolen (Kokas, Tryon, Gusterson & Braun, 2016).  

The corporate network of Sony was hacked and this gave access of data to private data. The original companies were deleted from computers and the left over messages were threat for the organisation. This attack was a huge loss for the customers who relied for their data over the company (Bronte, Shahriar & Haddad, 2017). The network of Sony was down for few days that caused loss in term of reputation as well as financial barrier. The loss of this attack was for the customers whose confidential information got leaked in the public place. The thousands of documents were leaked that stored personal as well as sensitive information about the company (Horton & DeSimone, 2018). The documents contain the information like passwords that gave access to protected data. In this attack it was found that thousands of internal emails, financial documents were leaked. This approximately caused a loss to personal information, payroll breakdown; salaries of top executives, and movies were leaked and released to sharing websites (Milburn, 2017).

The attack was a targeted attack that happened by planning with a motive to break the information about Sony. The weakness of network was noted and then anonymously it was planned to gain the access of data. It was found that there was some contribution due to internal network (Goode, Hoehle, Venkatesh & Bro, 2017). The passwords were leaked and access control was not proper that offered unauthorised user to access the information. The reason of this attack was poor security concern as there were no ways for protection of data. Some of the government and media authorities also blamed Nrth Korea behind this attack as the methods used for breaching the data in Sony were similar to the attack that took place in South Korea. From the suspension it was found that attack was done by North Korea people from china. This attack occurred step by step, firstly an unauthorised access into the play station network was observed. Later there was some unusual activity that was observed over PSN. This indicated that intruder has hit the PlayStation network. The security team was hired so that loopholes could be found and access by unauthorised user could be stopped. The major problem of Sony PlayStation network attack was anonymous denial of services. This did not allowed valid user to access the service and this outage affected many other services running over the network. This attack caused negative image of the company by breaking the trust of the customers. Thus, it is important to maintain security by undertaking various security measures.

Some of the ways through which this attack could been protected is by keeping the information encrypted so that even if the data is leaked it is not read by the user. The network should make use of antivirus and firewalls so that system remains secure from hackers. An access control list should be prepared so that only authorised user get the access to sensitive information. It is recommended that security training should be given to employees so that they deal with social engineering tactics. There should be a proper alert system if someone else tries to access the system (Hawkins, 2017). The alert supports in taking future actions. Passwords should be encrypts so that there are no chances of information leakage. It assures that information remain confidential for only authorised users.

 

Conclusion

It can be concluded that WannaCry attack occurred in May 2017 and targeted computers to read the information and in return ask for money to release the information. This attack aimed the pcs through emails and downloads as viruses capture the system. Additionally, the major problem of Sony PlayStation network attack was anonymous denial of services. This did not allowed valid user to access the service and this outage affected many other services running over the network.

 

References

Bronte, R., Shahriar, H., & Haddad, H. M. (2017, April). Mitigating distributed denial of service attacks at the application layer. In Proceedings of the Symposium on Applied Computing (pp. 693-696). ACM.

Chinner, D., & Gigante, M. A. (2016). U.S. Patent No. 9,361,474. Washington, DC: U.S. Patent and Trademark Office.

Clarke, R., & Youngstein, T. (2017). Cyberattack on Britain’s National Health Service—a wake-up call for modern medicine. The New England journal of medicine, 377(5), 409-411.

Craddock, D., Klein, M., Lais, E. N., & Yudenfriend, H. M. (2018). U.S. Patent No. 9,965,350. Washington, DC: U.S. Patent and Trademark Office.

Goode, S., Hoehle, H., Venkatesh, V., & Bro, S. A. (2017). What to do when your clients' data is breached: the case of Sony Playstation. LSE Business Review.

Hawkins, N. (2017). Why communication is vital during a cyber-attack. Network Security, 2017(3), 12-14.

Horton, N., & DeSimone, A. (2018). Sony's Nightmare before Christmas: The 2014 North Korean Cyber Attack on Sony and Lessons for US Government Actions in Cyberspace (No. NSAD-R-17-045). JHUAPL Laurel United States.

Jenic. I. (2016). What’s the difference between WannaCry and Petya ransomware?. Retrieved from https://windowsreport.com/wannacry-vs-petya/.

Jeong, D., Lee, Y., & Kim, J. S. (2015, February). Boosting Quasi-Asynchronous I/O for Better Responsiveness in Mobile Devices. In FAST (pp. 191-202).

Kokas, A., Tryon, C., Gusterson, H., & Braun, J. (2016). “Freedom Edition”: Considering Sony Pictures and The Interview. Journal of Broadcasting & Electronic Media, 60(4), 714-728.

Kuperman, Y., Moscovici, E., Nider, J., Ladelsky, R., Gordon, A., & Tsafrir, D. (2016, March). Paravirtual remote i/o. In ACM SIGARCH Computer Architecture News (Vol. 44, No. 2, pp. 49-65). ACM.

Lallie, H. S., Debattista, K., & Bal, J. (2018). An Empirical Evaluation of the Effectiveness of Attack Graphs and Fault Trees in Cyber-Attack Perception. IEEE Transactions on Information Forensics and Security, 13(5), 1110-1122.

Mattei, T. A. (2017). Privacy, Confidentiality, and Security of Health Care Information: Lessons from the Recent WannaCry Cyberattack. World neurosurgery, 104, 972-974.

Milburn, C. (2017). Long live play: The PlayStation Network and technogenic life. In Research Objects in their Technological Setting (pp. 117-134). Routledge.

Miller, D. D., Reed, D. C., Smith, M. D., & Yee, H. (2016). U.S. Patent No. 9,495,262. Washington, DC: U.S. Patent and Trademark Office.

Ricks, B., Thuraisingham, B., & Tague, P. (2018, November). Lifting the Smokescreen: Detecting Underlying Anomalies During a DDoS Attack. In 2018 IEEE International Conference on Intelligence and Security Informatics (ISI) (pp. 130-135). IEEE.

Treviño, M. (2016). Inhibition controls asynchronous states of neuronal networks. Frontiers in synaptic neuroscience, 8, 11.

OR

Cite This Work

To export a reference to this article please select a referencing stye below:

My Assignment Help. (2020). MITS5004 It Security Assignment. Retrieved from https://myassignmenthelp.com/free-samples/mits5004-it-security-assignment.

"MITS5004 It Security Assignment." My Assignment Help, 2020, https://myassignmenthelp.com/free-samples/mits5004-it-security-assignment.

My Assignment Help (2020) MITS5004 It Security Assignment [Online]. Available from: https://myassignmenthelp.com/free-samples/mits5004-it-security-assignment
[Accessed 24 May 2020].

My Assignment Help. 'MITS5004 It Security Assignment' (My Assignment Help, 2020) <https://myassignmenthelp.com/free-samples/mits5004-it-security-assignment> accessed 24 May 2020.

My Assignment Help. MITS5004 It Security Assignment [Internet]. My Assignment Help. 2020 [cited 24 May 2020]. Available from: https://myassignmenthelp.com/free-samples/mits5004-it-security-assignment.


Myassignmenthelp.com has the best team of writers for primary level homework help service. We intend to share the load of homework on children so that they can engage in recreational activities. With some of the best ghostwriters at the rescue, kids can now spend time playing. We have proved ourselves time and again why we are considered one of the best essay writer services. We also offer help for college-level papers.

Latest Samples

NUTR11101-Food Nutrition And Health

Download : 0 | Pages : 10
  • Course Code: NUTR11101
  • University: Bond University
  • Country: Australia

Answers: 1.Betty is 48 years old and her height is 167 cm, weight is 71 kg, waist circumference is 87 cm and hip circumference is 88 cm. The Basal Metabolic Rate is defined as “the energy required for performing vital body functions at rest and is the largest contributor of energy expenditure” (Sabounchi, Rahmandad & Ammerman, 2013, pp. 1364). Betty’s basal metabolic rate is 34 x 71 + 3538 = 5952kJ/day. Determination of phy...

Read More arrow

IST8101-Process Of Finding A Good Research Topic

Download : 0 | Pages : 5
  • Course Code: IST8101
  • University: Wilmington University
  • Country: United States

Answer: The research paper is an academic writing that is based on the original research of a specific topic by the author. The author analyses the topic under research and interprets the finding of the research in order to come up with a conclusion or a recommendation. This paper gives a detailed information on the process of finding a good research topic. For this to be achieved one requires more than just knowledge or excellence. It is esse...

Read More arrow Tags: Australia Rockville Management University of New South Wales 

PROJ587-Project Portfolio Management Process 

Download : 0 | Pages : 13

Answer: Introduction Portfolio management process is an important requirement for creating a list of the projects that should be undertaken to benefit the requirements of an organization. The portfolio management process has a number of components that must be defined and a number of selection criteria must be used before one or more projects are officially selected for execution. Again, there are many portfolio processes and one of the types...

Read More arrow Tags: Australia Arlington Management University of New South Wales 

SIT772-Database And Information Retrieval Skills

Download : 0 | Pages : 4

Answers: 1 creating inverted index The three documents are; Computer vision Computer vision is concerned with the automatic extraction, analysis and understanding of useful information from a single image or a sequence of images Security and privacy Security and Privacy has been the premier forum for presenting developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field. ...

Read More arrow

NSG426 Integrity In Practice: Ethic And Legal Considerations

Download : 0 | Pages : 2
  • Course Code: NSG426
  • University: University Of Phoenix
  • Country: United States

Answer: Nursing E-portfolio Legal issues and frameworks in competent nursing In my academic course of nursing I have faced with many ethical dilemmas and am looking forward to many such ethical dilemmas. I believe that as a nurse I should be aware of my legal and the ethical duties as a nurse. One of the legal aspects is the responsibility and the accountability of the registered nurses. A nurse is committed to provide a safe care to t...

Read More arrow
Next
watch

Save Time & improve Grade

Just share Requriment and get customize Solution.

question
We will use e-mail only for:

arrow Communication regarding your orders

arrow To send you invoices, and other billing info

arrow To provide you with information of offers and other benefits

1,316,470

Orders

4.9/5

Overall Rating

5,074

Experts

Our Amazing Features

delivery

On Time Delivery

Our writers make sure that all orders are submitted, prior to the deadline.

work

Plagiarism Free Work

Using reliable plagiarism detection software, Turnitin.com.We only provide customized 100 percent original papers.

time

24 X 7 Live Help

Feel free to contact our assignment writing services any time via phone, email or live chat.

subject

Services For All Subjects

Our writers can provide you professional writing assistance on any subject at any level.

price

Best Price Guarantee

Our best price guarantee ensures that the features we offer cannot be matched by any of the competitors.

Our Experts

Assignment writing guide
student rating student rating student rating student rating student rating 4/5

248 Order Completed

100% Response Time

Lloyd Bernabe

MSc in Accounting

London, United Kingdom

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

798 Order Completed

97% Response Time

Benjamin Blakeman

MSc in Medical Technology

London, United Kingdom

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

1265 Order Completed

97% Response Time

James Cook

Masters in Management

Wellington, New Zealand

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

416 Order Completed

95% Response Time

Tyler Moore

MBA in Accounting

Washington, United States

Hire Me

FREE Tools

plagiarism

Plagiarism Checker

Get all your documents checked for plagiarism or duplicacy with us.

essay

Essay Typer

Get different kinds of essays typed in minutes with clicks.

edit

GPA Calculator

Calculate your semester grades and cumulative GPa with our GPA Calculator.

referencing

Chemical Equation Balancer

Balance any chemical equation in minutes just by entering the formula.

calculator

Word Counter & Page Calculator

Calculate the number of words and number of pages of all your academic documents.

Refer Just 5 Friends to Earn More than $2000

Check your estimated earning as per your ability

1

1

1

Your Approx Earning

Live Review

Our Mission Client Satisfaction

The work was great I loves how fast the work was done. The prices was great it was not expensive

flag

User Id: 433071 - 24 May 2020

Australia

student rating student rating student rating student rating student rating

The expert didn't address all aspects of the assignment also didn't get my solution on time

flag

User Id: 430334 - 24 May 2020

Australia

student rating student rating student rating student rating student rating

Assignment looks amazing. I hope to score well. Will soon share my grades. I would recommend people like me who are working for livelihood and have studies to complete to take up this site as your best buddy.

flag

User Id: 432467 - 24 May 2020

Australia

student rating student rating student rating student rating student rating

Team My Assignment, you are the best. Assignment was done and submitted and as a result, grade marking was 80. Once again thanks so much

flag

User Id: 392423 - 24 May 2020

Australia

student rating student rating student rating student rating student rating
callback request mobile
Have any Query?