Data Breaches and Security: Case Studies of Sony, Facebook, and Others

Verified

Added on 2025/04/27

AI Summary

Desklib provides past papers and solved assignments for students. This report analyzes major data breaches and mitigation strategies.

Task A
1.
Security is one of the most important aspects of every organization. It doesn’t matter which
from which sector the organization belongs to. Security for an organization involves security as
a whole. It involves both physical security and digital security. Like today, all the information is
stored in digital format in digital devices, there is a need to secure digital storage devices,
sender side infrastructure, receiver side infrastructure, and the communication path or
medium. Digital security involves the security of information/data related to organization
strategies, organization policies, standards, deals, and most importantly client related
information. Physical security involves the security of assets of an organization, its
clients/customers, and its staff.
The information related to clients/customers of an organization is the most important asset for
any organization whether it belongs to tourism, social media, healthcare, finance, etc.
Organizations are putting their efforts and money for securing their client’s information
because complete market value, popularity, and even the existence of any organization depend
upon their clients.
Security Breaches
1. Aadhar data breach: India suffered a data breach of around 1.1 billion Aadhar card
residents in March 2018. The information includes the name of Aadhar card holder,
their ID numbers, and crucial information on linked services for example bank accounts.
2. Cambridge Analytica: Facebook suffered a data breach of around 87 million Facebook
users in 2015. The breach happened through an app name “thisisyourdigital life”. The
app inappropriately passed Facebook users and their friend’s information to the third
party.
3. Google+: The biggest name “Google” also suffered a data breach in 2015 – March 2018.
Data involve user profiles, job title, birth date, email address, etc. It was caused due to
software glitch (LESKIN, 2018).
4. T-Mobile: It has suffered a data breach which includes personal data along with
encrypted passwords, email addresses and billing information in August 2018. It was
revealed that an “International group” accessed organization servers through
Application Programming Interface (API).
5. Marriott Starwood hotels chain: It has suffered from a data breach in June 2018. In the
attack guest information involving email addresses, passport details, even payment card
details and its expiration details were compromised. The attack affected around 500
million guests at Marriott hotel.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

The attack on Queensland Law Firm (QLD law firm)
The Queensland law firm suffered a computer security breach or data breach around January
2018. The cybercriminals didn’t use any complex technique or tool to trick the lawyers of the
firm but used a simple technique to trick them and gather the confidential credentials.
The cybercriminals used the traditional “Social Engineering” attack to gather the credentials of
lawyers and misdirect the funds to loot a huge sum of money. Lawyers are considered as smart
professionals who could never be tricked and could not become a victim of any sort of cyber-
attack (Marshall, 2018).
But in this case, the smart people, the Lawyers of QLD firm, became the victim of simple social
engineering attack.
How the attack was executed?
In the first phase, the cyber-attackers didn’t breach or infect the computer network of the QLD
firm. They simply call lawyers of the firm, asking for legal advice on some sort of case. They
cyber-criminals make them believe that they are genuine customers and are seeking for legal
consultation. After gaining the trust of the lawyers, the cybercriminals sent the lawyers an email
which they said would include “important documents” related to the discussed case.
The lawyers found the cyber-criminals as legitimate customers or clients and agreed to help
them in their case. When the lawyers get those emails, there was a link which looks like a link to
a file-sharing website. As soon as the lawyers click on the link, it redirects them to the site
where the website asked them to enter their credentials to access those “important
documents” related to the case. This whole phase 1 was a trick to gain a lawyer’s email account
credentials (username and passwords).
In the second phase, the cyber-criminals simple sniff the QLD network to monitor the network
traffic. The aim of the cyber-criminals is to detect the network traffic for payment request
invoices. When the cyber-criminals saw a huge number of the invoice in the QLD inbox, the
cyber-attacks sent the emails with their bank account details in order to redirect the payment
coming for the QLD bank account towards their bank account.
The attack was performed to theft a huge amount of money from the QLD firm. The cyber-
criminals breach the network by compromising the least secure and weakest part of the QLD
network, the humans.
Solution
The simple solution which can be adopted is the awareness about different security breaches to
the employees or staff members of the organization. Awareness about how the cyber-criminals
trick the users into their web, preventing the employees from attacks like phishing, social
engineering, etc.

2.
Asynchronous I/O is considered as a problem to many memory protection schemes, including
paging and base/bounds. Asynchronous I/O is also known as overlapped I/O (Satran, and
Kennedy, 2018).
Figure 1: Asynchronous I/O
Source: (Satran, and Kennedy, 2018)
The vital benefit of an operating system (OS) with the fence register is the capability to relocate,
specifically in the multi-user environment. Fence register is used for memory protection. Fence
register is considered as low-level OS management of memory technique. The fence register
(variable) is called a base register. The base/bound register scheme is crucial to maintaining
separation of user area in memory and the integrity of the information. The base/bound
register scheme defines an upper and lower limit of the memory area for a particular user.
Paging separates the program into pieces of equal sized which are called pages, and the
memory is separated into page frames.
In a multi-user environment, no user can know where the program will be loaded and executed.
The technique of base/bound register safeguards the address of the program from alteration by
another user in the multi-user environment.
When there is a switch from one user to another the OS modify the content of the bound
register and base address to show the actual address space for the switched user. This
modification is known as a context switch.
This technique of base/bound register is protecting a user space from the program of another
user. But the erroneous address in the interior part of user space can still influence the
program. This situation can be easily solved by utilizing another separate pair of base/bound
registers in which one pair of the base/bound register will be used for data space and another
pair of base/bound register will be used for instruction of the program. The relocation of the
instruction fetches are inspected with the first base/bound register and the data access are
inspected and relocated using the second base/bound register pair. Another advantage which
the utilization of pair of registers provides is the division of program in two separate pieces and
these two pieces can be relocated separately.

The above feature call for the utilization of more pair of base/bound registers: one for the use
with code, one for modifying the data value and one for reading data. But the limit of the
design of the practical computer is the limit of only two pairs of base/bound registers. With the
help of only two pairs of base/bound registers, a decision can be made automatically. One pair
of the base/bound register is used for the instruction and second pair of the base/bound
register is used for the data.
In case of need of an additional pair of base/bound register pair, something in the machine
code has to indicate which pair of relocation is utilized to address the operands for the
instruction.
Checking of memory address cannot be done using bound and base registers or even page
table. It is because the present values in those techniques show the content for the user which
is presently active, not for the user performing I/O operations.
One of the solutions which can be adopted is to check or review the range of addresses affected
before starting the I/O operations. If one program tries to access the memory area of another
program it is immediately stopped before the second program could make any alteration in the
memory area of the first program. Another option is the scheme of privileged levels. The
tasks which are considered under low privilege are not permission to some sort of memory
access and not permission to execute certain instructions.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Task B
1.
Sony PlayStation Network suffered from a major data breach in 2011. It was discovered that an
unauthorized person covertly enters in their PSN (PlayStation Network) and stolen information
related to games/users on the network. The unauthorized person or hackers got access to
gamers email addresses, names, passwords, usernames, security question and other
information related to the users on the network. Sony also emailed the users about the
situation of data being compromised especially the children.
The intrusion or unauthorized access into the PSN was considered as the biggest intrusion into
the credit card store. The similar attack was suffered by the organization name Heartland
Payment Systems in the year 2009. In that attack, details of around 100 million US debit cards
and credit cards were stolen by the hackers. The hack attack impacted the network in such a
manner that it took around two weeks to come operational again with the security loopholes
patched that were found after the attack. Sony took several steps to harden the security of its
PSN network and also hired a security agency for investigating the scenario and to find out the
way the attack happened. The security agency helps Sony to get more information about the
execution of the attack and helped Sony to make their network more secure and protected
(Quinn, and Arthur, 2011).
PSN also posted an apology message on the Sony website and ensure users and games that the
services will be soon turned on with the patched security loopholes and tried very hard to track
down those who were responsible behind the PSN attack.
What was the problem?
The problem was that the PSN network, which is among the biggest credit card store was
hacked and the credentials of millions of users were stolen from the store. The PSN network
password was exposed. The confidential information like password and user related
information were stored on the PSN in plaintext (human readable format).
Who was affected and how?
It affected all the users of the PSN network and the details and confidential information of the
users were compromised. It also adversely affect the image and reputation of the Sony
company and the attack could have become the reason for the loss of trust of users from Sony.
Users having an account on the PSN network were warned through different mediums like
emails, new, through telephones, and even personal messages to be careful from “phishing” or
spam emails which pretend to be genuine security updates information mail from the
authorized organization. The users were warned to change the passwords of their credit cards if
same, on other websites or applications.

How was the attack carried out?
At the initial stage, when the PSN network was down the reason concluded was the anonymous
DDoS (Distributed Denial of Service) attack. After that further extension in the downtime of the
PSN network was explained with the reason for the rebuilding of the network. Sony is one the
biggest organization, so the original reason was not announced by the Sony staff. It can be
guessed that some Anonymous could have gain knowledge about the mechanism of the
security implemented on the PSN network. The Anonymous then conveyed the information to a
group of hackers and hackers after gathering information about the mechanism of security
implementation had simply performed the SQL injection attack on the sensitive database of the
PSN network to gain credentials for a huge number of users (Anthony, 2011).
Other alternative can be the firmware Rebug, which turn the PS network into developer after
which the normal user can try a lot of features, which was not possible earlier. The Rebug
firmware implemented by the Sony, give normal user path to the Sony internal network and
once an attacker gets access to the internal network, hackers can try a lot of hacks to gather
confidential information about the Sony, its partners, and its customers. The PSN password was
stored in plaintext (human readable format).
What could have been done to prevent the attack?
As it was discussed that the PSN network password and the information related to customers
on the PSN network was stored in the human-readable format. The steps which the Sony could
take to prevent the attack is that it can simply encrypt all the data stored on their sensitive
servers so that even after the network breach the hacker would not able to expose the
password and other confidential details (without decrypting the data first). It can be one
solution or one layer of security which could have been implemented by the PSN network.
The communication between organization officials and employees should also be encrypted.
The companies should ensure implementation and execution of best security practices within
the organization. The auditing should be performed on a regular basis and the network needs
to scan form malware and viruses regular to avoid any future attacks. Utilization of advanced
technologies like intrusion detection system (IDS), intrusion prevention system (IPS),
Demilitarized zone (DMZ) could be implemented in the organization network to protect the
sensitive infrastructure storing sensitive and confidential information could be protected.
Sony also warned users to remain watchful and regularly review the details of their accounts
and monitor credit cards statements.
Companies need to learn from the mistakes and attacks occur on other organizations and
analyze of the whole scenario to implement the security measures in their own infrastructure
(if required) to avoid similar kind of attack on them.

References
LESKIN, P., (2018). The 21 biggest data breaches of 2018. [Online] Available at
https://www.businessinsider.in/The-21-biggest-data-breaches-of-2018/articleshow/
67045497.cms
Marshall, E., (2018). CASE STUDY: How cybercriminals targeted QLD law firm with social
engineering. [Online] Available at https://securitybrief.com.au/story/case-study-how-
cybercriminals-targeted-qld-law-firm-social-engineering
Satran, M., and Kennedy, J. (2018). Synchronous and Asynchronous I/O. [Online] Available at
https://docs.microsoft.com/en-us/windows/desktop/fileio/synchronous-and-asynchronous-i-o
Quinn, B., and Arthur, C., (2011). PlayStation Network hackers access data of 77 million users.
[Online] Available at https://www.theguardian.com/technology/2011/apr/26/playstation-
network-hackers-data
Anthony, S. (2011). How the PlayStation Network was Hacked. [Online] Available at
https://www.extremetech.com/gaming/84218-how-the-playstation-network-was-hacked