Computer Security Breaches: Analysis of Cyber Threats and Solutions

Verified

Added on 2023/04/21

AI Summary

This report provides an in-depth analysis of computer security breaches, examining the nature of cyber threats and the factors that contribute to their increase. The report focuses on two significant incidents: the Facebook Cambridge Analytica data breach and the Sony PlayStation Network outage. The Facebook case study details how Cambridge Analytica obtained user data, the vulnerabilities exploited, and the solutions Facebook implemented. The report also explains the concept of asynchronous I/O and its relevance to computer security. The Sony PlayStation Network breach is analyzed, detailing the attack, the data compromised, and the security measures taken. The report concludes by emphasizing the growing threat of cyber-crimes and the importance of employing security tools, using authentic servers, and following best practices to protect computer networks and user data.

COMPUTER SECURITY BREACHES
0
Computer security breaches

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

COMPUTER SECURITY BREACHES
1
Introduction
A security breach is defined as a cyber-threat which increases the issue of hacking, data
breaching and cyber-attacks. Mainly, such kind of issue occurs in the computer system
where hackers attack the user personal devices and networks (Aloul, et al., 2012). The
aim of this report is to analysis the concept of computer security breaches and threats
and identifies the key factors that increase the rate of cyber-crimes. Facebook is one of
the largest social media application that was suffered from the data breach and this
report will discuss this problem, how and why it occurs and the possible solution to
mitigate them.
Part A
1. Facebook Cambridge Analytica attack
Facebook is the biggest social media platform which is used by many consumers and
companies for communication purpose. In the year 2018 (March 17) Facebook faced the
issue of a security breach in which Cambridge analytica obtained the private data or
information of 50 million consumers with the help of the application. It is observed d
that Cambridge Analytica scraped details about individual’s personalities, social
networks, and engagement on the platform (Barkly, 2018). It obtained the information
of 30 million users and it is occurred due to lack of security, use of unauthentic servers
and hackers transfer the huge amount of traffic signal on the Facebook network.
Facebook identified the original estimate was, in fact, low and in April the organization
notified around 87 million people of its platform which their data had been shared. Such
kind of data breach issue occurred because Facebook is one of the biggest organizations
in the world and hackers required to earn more money by encrypting their personal
information (Davis, et al., 2007). After that, they communicate with consumers and
management team through e-mails and demand money to restore back their personal
information. According to the Facebook, such kinds of data were provided to Cambridge
anaytica by a researcher Aleksandr Kogan that started a firm which is called as GSR. GSR
produced a quiz and transfer to 270,000 individuals with the help of Facebook
application which create uncertainty in system and hackers enter into the networks and
hacked their private details. A recent study evaluated that criminals ware using the

COMPUTER SECURITY BREACHES
2
Facebook APIs to collect the data or information such as name, gender and location
which linked with the user profile. Therefore, to control and handle such issue Facebook
communicated with the IT support team and identify the traffic signals from the
networks that reduce the performance of their system. They also adopted the advanced
security tools and techniques to avoid the data breach problem such as firewall
software, two step verification, biometric recognition system, and cryptography
technology (Ericsson, 2010). Recently they plan to prevent the Cambridge analytics
incident in future and they designed the main six processes to handle cyber-crimes and
data breach which are the following:
 Analysis all applications which have had access to a huge amount of data or
information
 Turning off application access to users which can help to reduce the traffic
signals
 Use only authentic servers and networks during the communication process
 Changing the login password of Facebook so applications can only see the users
name, photo and mobile number unless the application goes through a further
analysis procedure
2. Asynchronous I/O activity
In the field of the computer system the asynchronous input and output is a kind of
process which permits other data processing to continue before the transmission has
finished. It is analysed that the I/O operations on a computer system are very slow
rather than processing of data and it is one of the biggest problems with many memory
protection processes (Hansen, and Nissenbaum, 2009). It is evaluated that a simple
input output system first access the data and take time for execution but asynchronous
I/O system block the process of the program during the communication process. in the
asynchronous system once the process issues a read or writes a program the process
cells are returned in the main system if the input and output program has been
transferred. For large computer network, such kind of program cannot be used because
it creates a problem or issue with the memory protection system. To avoid such kind of
issue consumers can adopt the operating system with a fence register that has the
ability to relocate the system and it plays a significant role in the multiuser
environment. The relocation technique reduces the problem by providing base or

COMPUTER SECURITY BREACHES
3
starting address and all IP address inside the programs are offset from the centre
station (Kritzinger, and von Solms, 2010). A variable fence register is also called as a
base register which provides a less bound system rather than upper bound. It is
observed that one upper bound can be used for checking the condition of overflow in
the system and every program address is transferred to the main base station. Such
kind of technique can protect the system and network with the help of upper bound,
base station and paging process. When any user changes the program then the
operating system also changes the content or information of the base station and bound
register to provide a way to reflect the customer address space. With the help of a
combination of a base station and bound system, consumers can easily protect their
personal data or information from other. the upper bound system can be involved in the
fence register because it provides a platform to identify how much space is allocated in
the memory. Therefore, people can adopt such kind of approach to control and monitor
the memory protection scheme and it has the potential to enhance the performance of
the computer system by reducing the execution time during data transmission.
However, people should ensure that they select the best operating system because there
are many sellers in the market that provide the third party applications which are
developed by hackers to hack their personal information.
Part B
The 2011 PlayStation network outage was the result of external intrusion on the Sony
and they suffered from the issue of cyber-crime or hacking. During this attack, around
77 million accounts were hacked by the attackers and it is one of the largest cyber-
attack which occurs due to use of unauthentic networks. This attack occurred between
17 and 19 April 2011 that time Sony turn of their play station network to control and
manage the data breach issue (The Guardian, 2018). On May 4 Sony confirmed that
hackers collected data or information of 77 million users and recent study analysed that
it was one of the highest data security attacks in the history. After this attack, Sony
produced the PlayStation 3 firmware as a security pitch which needed the consumer to
change their login ID and password to secure their personal information from hackers.
The company said that hackers send the traffic signals and malware on their networks
which block their system and hackers enter into their servers (Von Solms, and Van
Niekerk, 2013). After that they collected the personal data of consumers like name,
address, profile photo and many more and it occurs because many employees and

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

COMPUTER SECURITY BREACHES
4
consumers use the third party application and login their social media accounts or
Gmail in unauthentic servers which create uncertainty in their system. Consumers
trying to interconnect have been met with an error message which shows that
undergoing maintenance. Sony said it found that somewhere in the range of 17 and 19
April an "illicit and unapproved individual" gain admittance to individuals' names,
addresses, email address, birthdates, usernames, passwords, logins, security questions
and that's only the tip of the iceberg. At that time numbers of consumers and their
family lots their personal data files like bank details, financial documents and pictures.
More than 50 million individuals were affected due to this attack because they are
connected with the Sony PlayStation network and they logged in their accounts in that
play station. Due to which hackers enter into their servers and networks and collected
their private information with the help of malware and botnet process. Recent
investigation evaluated that such kind of attack carried out because criminal developed
the huge quantity of traffic signal and passed on the Sony network and few of their
employees click on the unwanted links which reduced the performance of their
networks. Hackers identified the IP address and type of network and blocked them to
access their personal computer system and to avoid such issue company hired an IT
team to investigate what happened and has adopted the advanced security techniques
like encryption, firewall, cryptography and robust technology to detect the unwanted
signals and malware from their networks. Therefore, the problem of hacking or data
breach occurs when any person uses the third party application and unauthentic
networks which are produced by the hackers to detect the accounts details like login ID
and password. There are many researcher investigations on this attack and they
analysed that lack of security is one of the biggest problems which increases the
problem of cyber-attacks. In which the passwords of PlayStation networks were
exposed due to use of unauthentic servers and attackers uses the malicious process to
produce the more complex algorithm which helps during the generation of traffic
signals. The main problem of Sony PlayStation is that they store the credit or debit card
numbers of consumers because they required some amount to play the game and access
their services. Attackers stored the details of 74 million accounts due to which most
users lost the bank details and credit card numbers because hacker blocks their bank
accounts (Yan, et al., 2012). After that attack, Sony developed many security plans and

COMPUTER SECURITY BREACHES
5
programs to improve the security of their system and they involved few steps in their
program which are the following:
 Use only authentic servers
 Turn on the two step verification
 Use firewall and antivirus to detect the malware from a computer
 Change passwords of the PlayStation networks and use a strong password rather
than simple
 Use backup plans to secure personal information
Conclusion
Cyber-crime is part of hacking where attackers use the malware and botnet process to
identify the personal data of consumers. In this modern era, the rate of cyber-crimes
and data breach is growing rapidly because every user uses internet connectivity for
communication which also associated with the cyber-attacks. This report described the
two recent cyber-attack cases one is Facebook Cambridge and another is the Sony
PlayStation network that was suffered from the data breach and hacking. People should
ensure that they turn on security tools and use an only authentic server which can help
them to improve the security and privacy of their computer networks.

COMPUTER SECURITY BREACHES
6
References
Aloul, F., Al-Ali, A.R., Al-Dalky, R., Al-Mardini, M. and El-Hajj, W., 2012. Smart grid
security: Threats, vulnerabilities and solutions. International Journal of Smart Grid and
Clean Energy, 1(1), pp.1-6.
Barkly. (2018) The 10 Biggest Data Breaches of 2018... So Far. [online] Available from
https://blog.barkly.com/biggest-data-breaches-2018-so-far [Accessed 07/01/2019].
Davis, C.M., Tate, J.E., Okhravi, H., Grier, C., Overbye, T.J. and Nicol, D., 2007, September.
SCADA cyber security testbed development. In Power Symposium, 2006. NAPS 2006. 38th
North American (pp. 483-488). IEEE.
Ericsson, G.N., 2010. Cyber security and power system communication—essential parts
of smart grid infrastructure. IEEE Transactions on Power Delivery, 25(3), pp.1501-1507.
Hansen, L. and Nissenbaum, H., 2009. Digital disaster, cyber security, and the
Copenhagen School. International studies quarterly, 53(4), pp.1155-1175.
Igure, V.M., Laughter, S.A. and Williams, R.D., 2006. Security issues in SCADA
networks. Computers & Security, 25(7), pp.498-506.
Kritzinger, E. and von Solms, S.H., 2010. Cyber security for home users: A new way of
protection through awareness enforcement. Computers & Security, 29(8), pp.840-847.
The Guardian. (2018) PlayStation Network hackers access data of 77 million users.
[online] Available from
https://www.theguardian.com/technology/2011/apr/26/playstation-network-
hackers-data [Accessed 07/01/2019].
Von Solms, R. and Van Niekerk, J., 2013. From information security to cyber
security. computers & security, 38, pp.97-102.
Yan, Y., Qian, Y., Sharif, H. and Tipper, D., 2012. A survey on cyber security for smart grid
communications. IEEE Communications Surveys and tutorials, 14(4), pp.998-1010.