CSI2102 Information Security

Added on - 29 Apr 2021

  • 9

    Pages

  • 2368

    Words

  • 13

    Views

  • 0

    Downloads

Trusted by +2 million users,
1000+ happy students everyday
Showing pages 1 to 3 of 9 pages
Assignment Cover SheetThe information on this coversheet will be included in Turnitin’s similarity analysis; however, yourlecturers are aware of this and will disregard it.StudentDetailsStudentNumber10498743FamilyNameGivenNameUnitDetailsUnit CodeCSI2102UnitTitleInformation SecurityName of LecturerDr Liau Vui KieuDueDate24 June 2019Topic ofAssignmentA analysis of Target Databreach and lessonslearnedGrouporTutorial(if applicable)CourseBachelors of Science in Cyber Security (FT)CampusSingaporeIcertify that the attachedassignmentismyownwork and that anymaterial drawnfrom othersourceshas beenacknowledged.Thiswork has not previously beensubmittedfor assessmentin any otherunit orcourse.Copyrightin assignmentsremainsmy property.I grant permission to the University tomakecopies ofassignmentsfor assessment,review and/orrecordkeepingpurposes. I note that theUniversityreserves therighttocheckmy assignmentfor plagiarism.Should thereproduction of all or part of an assignment berequiredbytheUniversityfor any purpose other thanthosementioned above,appropriate authorisation willbesoughtfromme ontherelevantform.ManualSubmissionIfhandinginanassignmentin apaperorotherphysicalform,signheretoindicatethatyouhavereadthisform,filleditincompletelyandthatyoucertifyasabove.SignatureDateElectronicSubmissionOR,ifsubmittingthispaperelectronicallyasperinstructionsfortheunit,placeanXintheboxbelow toindicatethatyouhavereadthisformandfilleditincompletelyandthatyoucertifyasabove.Pleaseincludethispagewithyoursubmission.AnyresponsestothissubmissionwillbesenttoyourECUemailaddress.AgreementXselectcheckboxDate23 June2019ForproceduresandpenaltiesonlateassignmentspleaserefertotheUniversityAdmission, Enrolment andAcademicProgressRules-rule24,andtheECUCourseandUnitDeliveryandAssessmentPolicyThe information on this coversheet will be included in Turnitin’s similarity analysis; however, your lecturers are awareof this and will disregard it.
ContentsAssignment Cover Sheet...................................................................................................................1Introduction..........................................................................................................................................3Data breach background.......................................................................................................................3How it happened...................................................................................................................................3Mind Map..............................................................................................................................................4CIA.........................................................................................................................................................5Protections............................................................................................................................................6In place..............................................................................................................................................6Failed.................................................................................................................................................6Respond from Target Corporation.........................................................................................................7Legal and Ethical consequences............................................................................................................7Conclusion.............................................................................................................................................8References.............................................................................................................................................8
IntroductionIn this digital era information plays a vital role everywhere. Starts from small sizedorganisation to enterprise organisation everything relied on this information. This reportcontains the following, firstly the background which explains how the data breach took place.Then the report explains the threats have been faced in this breach. After it explains the CIAprinciples related it in this particular breach and it explains the protections were there andreason for failures. Then this report continues to the ethical and legal issues in this and endswith conclusion.Data breach backgroundTarget Corporation is a well ranked store retailer in United States. The company operatesalmost 1844 stores all over the globe. The given case study explains about the data breachhappened at Target Corporation in 2013. During this data breach over 70 million individualuser details such as mailing addresses, names, email address, phone numbers, and credit anddebit card account data were stolen. This data breach resulted in second largest credit carddetail theft in United States. Credit card information includes Encrypted pins, Customernames, Credit card numbers, Credit card expiration date, embedded code on credit cardsmagnetic strip. This entire breach is a result of human error and failure of educating basicsecurity practices required.How it happenedThe beginning of this data breach starts with Phishing attack. In Phishing attack theintruder/hacker will send a fake email/message which looks like from an official source. Themain motive of this phishing attack is to steal sensitive data from the user (Security, n.d.). Byusing this same method the intruders/hackers targeted a third party air-conditioning firmvendor Fazio Mechanical Services. Due to poor security practices this third party vendor fellin this phishing attack and certainly installed the malware called Citadel which is a passwordstealing bot program. Using this malware the intruders/hackers gained access to TargetCooperation’s network.Once, they gained access to the network they exploited poor segmentation of targetcooperation’s network which had no separate segmented network for the sensitiveinformation. This poor network management made the work easy. Once they exploited this
desklib-logo
You’re reading a preview
Preview Documents

To View Complete Document

Click the button to download
Subscribe to our plans

Download This Document