MITS5004 Assignment 2: IT Security Breach Report Analysis

Verified

Added on 2023/02/01

AI Summary

This report analyzes a significant computer security breach, specifically the 2018 Facebook data breach. The report details the incident, where hackers exploited vulnerabilities to access user data, affecting millions of users. It explores how the breach occurred, highlighting the exploitation of multiple bugs and the use of the "View As" feature. The report also discusses potential solutions such as device audits, password resets, and two-factor authentication. The conclusion emphasizes the importance of robust security measures to prevent such breaches. Additionally, the report references relevant academic papers and articles to support its findings, providing a comprehensive overview of the incident and its implications.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: COMPUTER SECURITY BREACHES
COMPUTER SECURITY BREACHES
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

COMPUTER SECURITY BREACHES 1
Table of Contents
Introduction:...............................................................................................................................3
The incident:...............................................................................................................................3
When the attack happened?........................................................................................................3
How did the hackers get in?.......................................................................................................4
Possible solution:.......................................................................................................................4
Conclusion:................................................................................................................................5
Conclusion:................................................................................................................................5

2COMPUTER SECURITY BREACHES
Introduction:
A security breach is one of earliest stages related to security attacks through one of
the malicious intruders, like cracker, hacker or nefarious applications. When the security
procedures, policy or/ and system are being violated, then only security breach happens. One
of the most hilarious incident happened in 2018 was Facebooks data breaches where more
than 50 million users were affected [1]. The purpose of this paper is to discuss about
computer security breaches happened in recent years. For this paper Facebook security
breaches that was happened in 2018, has been chosen.
The incident:
It is said by the Facebook that something like information of 50 million clients' were
affirmed into the danger after aggressors misused one of the weaknesses which have
permitted them for accessing into information that is individual. All of the organization
likewise to secure preventively more than 40 million extra records out of a bounty of alert. It
is said by the Facebook CEO Mark Zuckerberg that the organization has not looked any of
the records that are traded as well as inappropriately for got into — in spite of the fact that its
initial days and which can be changed. In any case, it was said by Zuckerberg that the hackers
were utilizing Facebook designer APIs for getting some information that is similar to "name,
sexual orientation, and main residences" that are connected with a profile page of the clients
[3]. It is also said by the Facebook that it looked far-fetched that personal messages were
gotten to. No credit card data was taken from the breach. In addition, that has the ability to
change as the organization's examination proceeds.

3COMPUTER SECURITY BREACHES
When the attack happened?
The defencelessness was presented on the Facebook site in July 2017; however,
Facebook didn't think about this incident until September 16, 2018, at the time it was detected
one of the spikes in the unordinary movement [4]. That implies the programmers could have
approached client information for quite a while, as Facebook isn't sure at present when the
assault started. Facebook doesn't have the foggiest idea who assaulted the site, yet the FBI is
still researching, it says. Be that as it may, in the past Facebook is having discovered proof of
Russia's endeavours to intrude in American majority rules system and impact users decisions
— however it's not to say that behind this assault Russia is existing. Attribution is
fantastically troublesome as well as takes a huge time and exertion [2]. It as of late took the
FBI over two years for affirming that the Sony hack that was happened in 2016, behind that
the North Korea was existing — so it might be in for a huge wait.
How did the hackers get in?
Not one, however three bugs prompted the information presentation. In July 2017, it
was presented unintentionally from Facebook that there are three vulnerabilities were existing
in video uploader, as said by Guy Rosen, Facebook's VP of item executives, in one of the
calls with columnists. When utilizing the "View As" highlight for seeing user profile as
another person, the uploader then would once in a while show up when it shouldn't show by
any stretch of the imagination [5]. When it showed up, it produced an entrance token utilizing
the individual who was being seen as. whether the token was gotten, an assailant could sign
into the record of that other individual.
Possible solution:
As the problem occurs there are some possible solutions too. The users can take some steps
for protecting themselves, such as:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4COMPUTER SECURITY BREACHES
 Conducting a device audit.
 Resetting the Facebook password.
 Enabling the two factor authentication [5].
 Randomly checking which apps and site are using for Facebook login.
Conclusion:
Thus, it can be concluded that, the security procedures, policy or/ and system are being
violated, then only security breach happens. A security breach is one of earliest stages related
to security attacks through one of the malicious intruders, like cracker, hacker or nefarious
applications. The organization likewise secure preventively 40 million extra records out of a
bounty of alert. Attribution is fantastically troublesome as well as takes a huge time and
exertion [1]. It is said by the Facebook CEO Mark Zuckerberg that the organization has not
looked any of the records of the traded off. It is said by the Facebook that they have fixed the
helplessness on September 27, as well as after that started resetting the entrance tokens of
individuals for ensuring the security of accounts of the users of Facebook.

5COMPUTER SECURITY BREACHES
References:
[1] Das, Sauvik, Adam DI Kramer, Laura A. Dabbish, and Jason I. Hong. "Increasing
security sensitivity with social proof: A large-scale experimental confirmation."
In Proceedings of the 2014 ACM SIGSAC conference on computer and
communications security, pp. 739-749. ACM, 2014.
[2] Das, Sauvik, Tiffany Hyun-Jin Kim, Laura A. Dabbish, and Jason I. Hong. "The
effect of social influence on security sensitivity." In 10th Symposium On Usable
Privacy and Security ({SOUPS} 2014), pp. 143-157. 2014.
[3] Jabee, Roshan, and M. Afshar. "Issues and challenges of cyber security for social
networking sites (Facebook)." International Journal of Computer Applications 144,
no. 3 (2016): 36-40.
[4] Kuyumdzhiev, Ivan Ognyanov. "Controls Mitigating the Risk of Confidential
Information Disclosure by Facebook: Essential Concern in Auditing Information
Security." TEM Journal 3, no. 2 (2014): 113.
[5] Laube, Stefan, and Rainer Böhme. "The economics of mandatory security breach
reporting to authorities." Journal of Cybersecurity 2, no. 1 (2016): 29-41.
[6] Schneier, B. (2013). Carry on: Sound advice from Schneier on security. John Wiley &
Sons.