Computer Security Breaches: Facebook Data Breach and 2011 PlayStation Network Outage

Verified

Added on  2023/04/23

|11
|2860
|385
AI Summary
This report discusses the Facebook data breach and 2011 PlayStation Network outage, their reasons, and possible solutions. It also provides recommendations to prevent such incidents in the future.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Running head: MITS 5004 IT SECURITY
MITS 5004 IT SECURITY ASSIGNMENT 2
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
1MITS 5004 IT SECURITY
Part A:
Question1
Introduction
The aim of this report is to describe about the computer security breaches took place.
One of the largest data breaches that took place in the year 2018 was Facebook data breach.
This took place in the month of January. Around 50 million user’s accounts of Facebook got
exposed. This became one of the major issues of the year("Rewind 2018: Data breaches,
privacy concerns rocked the tech boat with Facebook, Google as sailing masters", 2019).
Every credentials detail related to 50 million users got leaked. The report will discuss about
the reason of databreach and the problem faced by such a large organization. Apart from this
report will provide possible solution towards this incident.
About Facebook data breach
In the month of January around 50million users data got breached. The reason behind
this data breach was presence of flaw in the system. This allowed hackers to enter into the
system and leak the credential data of the users. The user’s data got exploited by the attacker
after getting the access towards their personal data. However the organization secured around
40 million additional accounts so that the hackers cannot breach their information("Rewind
2018: Data breaches, privacy concerns rocked the tech boat with Facebook, Google as
sailing masters", 2019). Attackers used Facebook developer APIs to gather the information
related to the user. The information included name, gender and address details that are being
updated in users profile. After analysing the data that got breached from Facebook it showed
that data related to private messages were being accessed by the hackers. However the
organization was not sure about the fact whether the hackers breached any information
Document Page
2MITS 5004 IT SECURITY
related to credit card or not. Hackers used different sites to attract the users. The browser
were set with access tokens as soon as the users logged in with their Facebook account details
regarding to the users got breached. After investigation by the FBI it was addressed that
around 3 bugs led to the data exposure related to the users within Facebook. In the year 2017,
three vulnerabilities were identified by the Facebook that was faced at the time of video
uploader. As soon as this appeared on the system, a token got generated in response to this
that helped to view the person’s profile. This led the attackers to get into the account of the
users("Rewind 2018: Data breaches, privacy concerns rocked the tech boat with Facebook,
Google as sailing masters", 2019). The user’s needs to be careful about the information
stored. It is important to determine the vulnerability at early stage so that it does not affect
any user. It is also confirmed by Facebook that some small attacks attempted by hacker went
unnoticed and they were never being analysed before. It is important to understand the
problems at early stages. Organization such as Facebook needs to be more careful while
handling the situations as many peoples are associated with this organization.
Ways to protect Facebook Data breach
After analysing the incident it becomes important to ensure security towards the
information stored towards every users account. Facebook took some steps to protect their
user’s details. Facebook logged out 90 million accounts to ensure safety. In order to provide
proper help towards the users. Apart from this Facebook has initiated several other options to
check the number of devices that are being logged in with the same user name profile. In
order to prevent data breaches it is important to safeguard data stored in the system. Proper
procedures are needed to keep the system and site updated. With latest version the chances of
data breach will get reduced. The security software needs to maintain properly. Each
employee needs to be educated properly about the possible data breaches. The organization
needs to stop transmitting the data without encryption. The user needs to be careful while
Document Page
3MITS 5004 IT SECURITY
using the Facebook. However the data breach needs to be understood properly. The user
needs to set proper an effective passwords that will protect the user’s data and will maintain
proper confidentiality towards the user’s data. Apart from this it is important to check on the
breaches and update towards the crime branch. Proper precaution measures are needed to
implement in time to protect further data breaches.
Conclusion
From the above report it can be stated that Facebook data breach was one of the major
data breaches that took place in the year 2018. This has affected the privacy and security
offered by Facebook. Large number of community people got affected by this data breach.
The report has included the way data got breached in the organization. The report has
provided a possible solution to avoid such conditions.
Question 2
Among the forms of input and output Asynchronous I/O is one. This type of operation
permits the other procedures to continue their operations before a transaction is completed.
The input output operations are generally slow on the computer systems (Jeong, Lee and Kim
2015). There are a lot of devices involved with the I/O operations and thus associates a lot of
physical movement with it. Hence, the use of asynchronous I/O operations is done so that this
time gap can be reduced to a great extent. For this type of operation the process that calls for
the I/O operation immediately regains control for execution after the completion of the I/O
operation. After the completion of the I/O operation the calling process will be notified by a
single Asynchronous I/O process (Studi et al. 2017). However, the process is a disadvantage
for the memory protection schemes such as the base/bounds and paging techniques. It is to be
noted that memory protection is very important for any type of operating systems for
ensuring that different process do not mix with each other.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
4MITS 5004 IT SECURITY
Each and every memory address which is used by a certain process is at first checked.
If the chosen address falls within the allocated range of memory then a certain memory area
is allocated to that process. The two registers LBR and UBR are used for the implementation
of memory protection (Wei 2018). The kernel loads the appropriate values in both the
registers at the time of execution and all the hardware compares the address when they are
used by any process with both the UBR and the LBR. However the asynchronous I/O
operation disrupts the process if the address smaller than the LBR process or larger than the
UBR process, a memory protection violation interrupt would be generated. A page table is
used here for storing the addresses that are related to processes and maps them to the logical
addresses and the correspondingly to the physical addresses. This helps in the prevention for
the process to access any type of unallocated memory (Takeuchi et al. 2018). Paging is used
to get a large linear address space without having to buy more physical memory. With
paging, the address space is divided into a sequence of fixed size units called “pages”. And
logical addresses take the form of a tuple <page, offset> .Paging helps reduce fragmentation
and ensures better memory management. Hence there arises a huge problem for the processes
to word accordingly and the performance of the overall system is reduced to a great extent
(Boyle and Naor 2016).
As a solution to this problem it is recommended that the relocation register scheme is
used for the process so that an effective way is discovered which would allow the operating
system in changing the size in a dynamic process. This can be done by increasing the number
of threads that are working in the system (Brewer et al. 2018). This would assist the
overlapping processes to a great extent and also the real time processing and the transaction
processing of the machine would improve to a great extent. The throughput and the
determinism of per process on the basis of applications can be done which would accelerate
the overall processing speed of the system. The asynchronous I/O operations consists of a
Document Page
5MITS 5004 IT SECURITY
very important part that has the ability for requesting the asynchronous I/O for completion of
the transaction (Brewer et al. 2018). In the time of request, the application would be
requesting for completion of the I/O after the execution of the process has already been
performed.
Document Page
6MITS 5004 IT SECURITY
Part B:
Introduction
The report is going to discuss about the 2011 play station network outage. The report
will discuss about the main reason behind this outage. 2011 play station network outage was
a result of external intrusion that was attempted on Sony’s Play station Network("All PS4
services currently unavailable following a glitch in PlayStation Network | MarketsPioneer",
2019). This outage lead to preventing the users from accessing the play station around 77
million accounts. This prevented the users from accessing the services offered by Play Station
3 and Portable Play Station. The attack occurred between April 17 and April 19 of 2011.
Apart from this the report will discuss about the ways the attack can be prevented.
The reason behind outage
At the time of 20111 around 77 million account registered within the play station
network accounts got breached. This was one of the major security breaches. The users of
Play station 3 received messages while they tried to login to their systems("All PS4 services
currently unavailable following a glitch in PlayStation Network | MarketsPioneer", 2019).
The message displayed towards the user stated that the site is under maintenance. After
proper analysis of the incident Sony announced that the case was related to External intrusion
and this effected the Play Station network and services offered by Qriocity. After the security
breach took place in the play station network it was identified that many people accounts
details and personal details got leaked. However Sony Company decided to remove the
personal details regarding 2500 people that was hacked by hackers. After analysing the
incidents took place within the Playstation network it was confirmed that the planning was
done very carefully with the intention to harm the image of the organization and to breach the
data of the users. By April 25 proper analysis of the stolen data was provided by the

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
7MITS 5004 IT SECURITY
organization. However they failed to analyse whether the card details related to the customer
got leaked or not. The people that got affected by the incident were the account holders and
the organization. As this security data breach lead to impact on the image and reputation of
the organization. However it becomes the responsibility of every organization to ensure
proper security towards the personal data stored within the organization.
Reason behind the attack was hacking. Due to external intrusion the details of account
holders got viral and also they prevented the users from accessing their services. The
playstation network was used by owners for PS3 and for Portable machines in order to
download game, music and films and allows o play games online with friends. The outage
has affected the other services that are being carried out within the Play station network("All
PS4 services currently unavailable following a glitch in PlayStation Network |
MarketsPioneer", 2019). After the attack took place it was confirmed by the users that they
were unable to access and stream films. However Sony failed to declare any date on which
the services will be back to normal. The main reason identified by Sony was an act of
external intrusion. However they failed to analyse the intruders behind this incident. At the
time the organization conducted through investigation they decided to turn off the play
station network. The organization is having around 70 million users at their play station at
present and it becomes extremely important to protect and ensures high security towards their
customers account.
However, Sony updated their customers with day to day fact. The site went under
rebuilding and the system developed with more advanced features that will ensure proper
strength towards their infrastructure.
Document Page
8MITS 5004 IT SECURITY
Recommendation
In order to overcome the problems it is important to understand the requirement of the
network. Different terms and conditions were implemented by the organization. These
conditions helped the organization to overcome the challenges faced at the time of the outage.
According to the new agreement the user will have the ability to sue Sony Company if such
security breach takes place in future. If any such clause regarding user’s right to trial by jury
is found, it is removed. It is said that Class Action Waiver if ever found illegal or invalid, the
whole Section 15 will be declared as unenforceable, and the issue will then be decided by a
court. Sony ensured that a law in this case would hold jurisdiction with respect to any rules or
regulations in the Sony Company.
All questions related to the performance and these terms of service, enforcement or
breach of Terms of Service, the rights, interpretation, and the liabilities of all the members. In
order to avoid data breaching it is important to ensure proper security at right time. The
organization should always keep the necessary thing within it. Every computer associated
with the organisation needs to be secure. The security software needs to be updated
frequently. It is important to protect the data of the organisation from unauthorised access.
Proper implementation of security policy will keep threats always from the organisation. The
organisation needs to monitor each and every activities held in the organisation so that
external intuition can be detected as soon as it occurs. With the help of strong authentication,
the organisation will be able to restrict the users. Apart from this, it is important to secure
PlayStation network and networks. Thus will help the Sony Company to overcome the
challenges in future.
Document Page
9MITS 5004 IT SECURITY
References
All PS4 services currently unavailable following a glitch in PlayStation Network |
MarketsPioneer. (2019). Retrieved from http://marketspioneer.com/2018/12/03/all-ps4-
services-currently-unavailable-following-a-glitch-in-playstation-network/
Rewind 2018: Data breaches, privacy concerns rocked the tech boat with Facebook, Google
as sailing masters. (2019). Retrieved from
https://www.financialexpress.com/industry/technology/rewind-2018-data-breaches-privacy-
concerns-rocked-the-tech-boat-with-facebook-google-as-sailing-masters/1426131/
Jeong, D., Lee, Y. and Kim, J.S., 2015, February. Boosting Quasi-Asynchronous I/O for
Better Responsiveness in Mobile Devices. In FAST (pp. 191-202).
Stuedi, P., Trivedi, A., Pfefferle, J., Stoica, R., Metzler, B., Ioannou, N. and Koltsidas, I.,
2017. Crail: A High-Performance I/O Architecture for Distributed Data Processing. IEEE
Data Eng. Bull., 40(1), pp.38-49.
Wei, Y., 2018. Space complexity of implementing large shared registers. arXiv preprint
arXiv:1808.00481.
Takeuchi, Y., Mantri, A., Morimae, T., Mizutani, A. and Fitzsimons, J.F., 2018. Resource-
efficient verification of quantum computing using Serfling's bound. arXiv preprint
arXiv:1806.09138.
Boyle, E. and Naor, M., 2016, January. Is there an oblivious RAM lower bound?. In
Proceedings of the 2016 ACM Conference on Innovations in Theoretical Computer Science
(pp. 357-368). ACM.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
10MITS 5004 IT SECURITY
Brewer, S.A., Craddock, D.F., Kalos, M.J., Klein, M. and Lais, E.N., International Business
Machines Corp, 2018. Synchronous input/output (I/O) cache line padding. U.S. Patent
Application 10/133,691.
1 out of 11
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]