Information Security | Assignment (Doc)
Added on 2020-03-28
7 Pages2642 Words37 Views
|
|
|
Information SecurityNameDate
Part 11. Kevin Mitnick is an American security (computer) expert and consultant, as well as an author anda hacker. Kevin is famous for his 1995 arrest and subsequent controversial imprisonment for five years for various communications and computer related charges. As a teenager, Mitnick employed the skills of dumpster diving and social engineering to bypass the Los Angeles bus system card punching system by using non utilized transfer slips he got from a dumpster adjacent to the bus park. Having succeeded at this, he used social engineering later in life as his preferred method for obtaining information, including for modem hone numbers and passwords and user names. At age 16, he gained unauthorized access to a network when he got a phone number form a friend for the DEC (Digital Equipment Corporation). Mitnick broke into DEC computer networks and managed to copy the company's software, a crime for which he was arrested and subsequently charged and convicted for in 1988 by imprisonment for 12 months. He was further sentenced to three years of supervised release but managed to hack the voice mail computers of Pacific Bell (Shimomura & Markoff 1996). He fled after an arrest warrant was issued against him, becoming a fugitive for almost three years. Records show that he managed to gain unauthorized access to several computer networks while he was a fugitive; he could used cloned mobile phones to conceal his whereabouts while engaging in digital mischief, including copying valuable proprietary software from the largestcomputer and telephone corporations in America.He stole, after managing to intercept, computer passwords and was able to break into private mails (e-mail) and also alter computer networks. After a high profile pursuit by the FBI, he was arrested in 1995 15th February in North Carolina for charges including wire and computer fraud and was arrested with cloned codes and mobile phones and several pieces of fake identification documents. He was indicted on 14 charges of wire fraud, intercepting electronic/ wire communications, 8 counts of possessing unauthorized devices, accessing a Federal/ Government Computer without authorization, and damaging computers. He pleaded guilty as charged to four counts of electronic fraud, one count of intercepting a wire communication illegally, and two computer fraud counts; these were part of his plea agreement and was sentenced cumulatively to 68 months in prison. In all,Mitnick served a five year jail term and was held in solitary internment apparently after authorities convinced the judge that Mitnick had the capability to instigate a nuclear war just by accessing a mobile phone and whistling into it (Greenberg, 2014). He is thus infamous for serious hacking activity, in the age before the internet and modern communications devices2. a. The chosen topic is Apple does right by users and advertisers are displeasedThis topic has been chosen because advertisers have for many years abused the freedom of the internet by developing their ‘economic’ model in which the privacy of users is violated by having
their browsing activity tracked and monitored for the purposes of sending adverts, without the consent or agreement of the Internet users. Many internet sites include stealthy scripts that track, collect, and share your browsing data with third parties. The domains set cookies on web sites a user visits and this enables these sites to recognize the user from previous web visits, although without tracking other site visits (Jegatheesan 2013). However, other third party domains apart fromthose a user visits also sets cookies and circumvent the original purpose and design of cookies. The third party domains then track all the sites a user visits, without their knowledge even where its trackers are not loaded. Websites then use these third party cookies for tracking and undertake analysis and data brokerage, aggregating individual profiles that are then fed into real time auction processes. Companies then bid to have the right to send the user, based on their aggregated browsing information, advertisements whenever they visit a site. b. This is an important privacy issue; a topic on information security issue because it violates the privacy of internet users when the internet is supposed to be free. Cookies are like a surveillance tool; tracking user information and activity while browsing and collecting and aggregating their online behavior and selling these off, through auctions, to advertisers. The user does not benefit in any way; yet their activity is tracked without their consent and used for commercial purposes. Hackers can get their hands on this information and use them for malicious attacks, social engineering attacks, or theft of information and data, and hence should be considered as a serious security issue. It breaches user privacy and exposes them to further risks, without even giving the user the chance to decide whether they can allow their activity to be tracked and how this information abut them is used and by whom (Barker, 2014). 3. a A hacker breaking into the network of a company and deleting data is a serious disaster as crucial information is lost; in this case, the company should have in place a business process continuity contingency, such as having virtual real time cloud back ups of their data. b When there is a fire breakout and fire sprinklers automatically come on with some computers being damaged and the fire is contained, this is an incident. Business process continuity plans should still come into play; such as by having RAID architectures on the computers so that even if one or a few are physically damaged, the data contained in them is mirrored to other computers/ virtual computers and ensures business process continuity (Radvanovsky & Brodsky 2016)c A tornado hitting the local power station is an incident and business continuity can be attained by having virtual backups running or using emergency power supplies, such as UPS or standby generators for business processes to continued When employees are on strike, this is an incident and even if they are without critical workers for weeks, some activities can be automated or outsourced to other firms, such as call centers as the issue with employees is tackled
End of preview
Want to access all the pages? Upload your documents or become a member.