MITS 5004 IT Security Report: Analysis of Cyber Security Breaches

Verified

Added on 2022/12/15

AI Summary

This report provides an in-depth analysis of two significant IT security breaches: the 2017 Newark City Hall ransomware attack and the 2011 Sony PlayStation Network outage. Part A of the report examines the Newark incident, detailing the nature of the ransomware attack, its causes (including lack of security and outdated systems), and potential solutions such as updated software and security tools. The report also addresses the problem of asynchronous I/O activity in memory protection schemes, discussing its impact on memory allocation and suggesting the use of bound registers and paging as solutions. Part B focuses on the Sony PlayStation outage, exploring the problem of data theft affecting millions of users, the methods of attack, and the prevention techniques implemented by Sony. The report concludes by emphasizing the importance of robust security measures, updated software, and user awareness to mitigate the risks of cyberattacks. The report is well-researched, and the findings are supported by references to relevant sources. The report offers valuable insights into cybersecurity threats and mitigation strategies.

IT SECURITY
0
Information security

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Table of Contents
Part A....................................................................................................................................................2
Introduction.......................................................................................................................................2
Question 1: 'Newark City Hall Computers Hacked with Ransomware'.............................................2
What the problem was?.................................................................................................................2
How and why it occurred?.............................................................................................................2
Possible solutions..........................................................................................................................3
Question 2: problem with asynchronous I/O activity.........................................................................3
The solution to problem.................................................................................................................4
Conclusion.........................................................................................................................................4
Part B.....................................................................................................................................................4
Introduction.......................................................................................................................................4
Question 1: Sony PlayStation outage case.........................................................................................4
What was the problem?.................................................................................................................4
Who was affected and how?..........................................................................................................5
How was the attack carried out?....................................................................................................5
Prevention techniques....................................................................................................................5
Conclusion.........................................................................................................................................5
References.............................................................................................................................................7

Part A
Introduction
On April 24, 2017, the Newark city hall computer organization were suffered from
Ransomware cyber-attack and it was one of the largest data breach attacks in the history of
cyber-crime. It is very difficult to improve the security of personal data or computer networks
because hackers use high-level program for entering into the computer devices of users. The
aim of this study is to critically review the Network city hall cyber-crime and identify how
this attack occurred and how the company reduced such kind of data breach issue. Moreover,
this report also focuses on the problem of asynchronous I/O activity and provides suggestion
to overcome such kind of issue.
Question 1: 'Newark City Hall Computers Hacked with Ransomware'
What the problem was?
It is observed that the Newark city hall computer was faced the issue of a ransomware
attack on April 24, 2017. The ransomware attack harms the Australian organization and users
by collecting their personal information (TC Palm, 2019). The NHS directors evaluated that
bitcoin infection flies up and many hackers use this process for obtaining money from
consumers. It is observed that organization developed a computerized key that obtained by
attackers with the help of ransomware attack where they produced a huge amount of traffic
signals and transferred to the network of the organization (Security Affairs, 2019). During
this attack, the developers identified that computer system just opens automatically and
processed an electronic type of bitcoin. Moreover, through ransomware attack numbers of
consumers were lost their personal data and information and hackers entered into the
computer devices by using adversary and psychological militant states.
How and why it occurred?
Such kind of cyber-attack was occurred due to lack of security and use of unauthentic
networks because employees accessed their personal accounts in the unauthorized servers.
However, developers also identified that the hackers developed a huge amount of traffic
signals with the help of malware software and transferred on computer devices that occurred
the issue of ransomware (Hack Buster, 2018). However, the ransomware attack has occurred
because employees and users did not adopt a high level of security tools and attackers easily

entered into the organization’s servers. Use of older PC and windows are also risk factors that
increased the rate of ransomware and company was lost their private details and hackers
demanded money for obtaining private details. At that time the hackers were requested
payment of 24 Bitcoin and criminals encrypted the personal data files of users and companies
(TC Palm, 2019). However, the use of less effective security is a major problem that occurred
and produced a ransomware attack in the city of Newark.
Possible solutions
For reducing such kind of problem city of Newark communicated with IT department
and adopted a group of developers that identified the risks factors linked with this attack and
helped companies for obtaining their personal data. However, the NSA created a program for
controlling and managing the problem of cyber-attack and data breaching. The developers
identified that most of employees and users were used old computer and Windows in their
devices which are less secure in term of privacy and hackers transferred the large amount of
traffic that provided personal information of consumers. Moreover, there are several security
strategies and policies were developed for improving the security of private data. It is
suggested that users and employees should use updated windows and software and adopt
advanced security tools for controlling unwanted signals from the computer (TC Palm, 2019).
Firewall, antivirus, robust and cryptography all these are effective techniques that provided
by developers and suggested users install this software in their computers for addressing the
issue of cyber-attack.
Question 2: problem with asynchronous I/O activity
The asynchronous input-output is a type of program which is used in the computer
devices for processing the data and information. Mainly, it produces a problem with memory
protection because input and output operations on a computer system are very slow in the
processing that affects the allocation of memory and security of the memory system. A recent
study identified that asynchronous I/O system is less flexible and reliable rather than data
processing system (Microsoft, 2018). The key benefit of an operating system with a fence
register is that it has the ability to relocate memory to the system. There are major two kinds
of bound involved in the input and output system such as lower bound and upper bound
where upper bound is very important in the multi-user environment. It is analysed that the
relocation register solves the issue by delivering base to the computer system and all address
inside the system are offsets from the base address. A variable fence register is used in the
operating system which is also called a base register. Mainly, the fence register has the

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

potential to provide a lower bound rather than the upper bound. Moreover, an upper bound
system plays a key role in order to identify how much space is required to store data in
memory.
The solution to the problem
For solving the issue of memory protection consumers can adopt a high-level
operating system along with the security tools. Moreover, a bound register can be adopted for
this situation where every program address is forced to the above base address. However, by
using a pair of bound registers can help consumers for protecting memory system and they
can secure their system from other consumers (Physnet, 2018). Paging plays a significant
character in the memory management for a computer's operating system and it can help
consumers for protecting the memory allocation process.
Conclusion
This section provided an in-depth analysis of data breaching or cyber-attack along
with with asynchronous I/O system. It is concluded that hackers used malware software for
generating a large amount of unwanted signals and passed them on networks of consumers
for accessing their personal accounts. Moreover, the security of personal data can be
enhanced by using firewall, antivirus and other security tools that block traffic and malware
from computer networks. The problem of memory protection can be reduced by using an
upper bound register that also protects the operating system from other consumers.
Part B
Introduction
The 2011 Sony PlayStation network outage was the result of a cyber-attack where
private details of around 77 million users were compromised by the hackers. It is one of the
biggest attacks in the field of cyber-crimes affected numbers of users and employees. The
aim of this report is to highlight and analyse the Sony PlayStation outage case and identify
how this attack has occurred and how Sony protected their accounts.
Question 1: Sony PlayStation outage case
What was the problem?
In the year 2011, Sony PlayStation network has been stolen by hackers in which
attackers enter into the personal accounts of PlayStation by using third-party applications. It

is observed that during this attack more than 77 million users were lost their personal
information such as bank details, username, and accounts information and so on (Goode,
Hoehle, Venkatesh, & Brown, 2017). Consumers with accounts developed by their patients
also faced such issue and their data were obtained by criminals without taking user’s
permission. Sony stated that on April, the year 2011 they were faced the cyber-attack and
hackers blocked the networks and servers of PlayStation by sending traffic signals on their
networks.
Who was affected and how?
Mainly users have connected their accounts with PlayStation in order to play games
and they also allowed their accessibility to the Sony PlayStation. Due to which, criminals
obtained the data or information of users with the help of malicious and other high-level
programmes. The management team of Sony noted that this cyber-crime affected more than
76 million consumers because they are linked with the PlayStation application (Cha, & Kim,
2011). However, family members of users also lost their personal details along with their
bank accounts because they provided their credit and debit card to the PlayStation for playing
games.
How was the attack carried out?
The attack was carried out by producing a huge amount of traffic signals and links
using malware software. Moreover, hackers transferred these signals to the networks and
servers used by PlayStation that reduced the performance of the system and hackers detected
the private details of users and employees. A recent study identified that use of the
unauthentic server is one of the common problems which leads cyber-crime and users lost
their account details (Do, Hsu, & O’Rourke, 2011).
Prevention techniques
For reducing such kind of attack the IT team of Sony identified the key factors that
increased the issue of hacking or data breaching. They also improved their security and
adopted advanced computer networks to protect data or information of user’s accounts and
management team sent a notification to the users for removing their bank accounts from
PlayStation and use high-level passwords. In order to address cyber-attacks in future Sony
updated PlayStation and implements several security policies.

Conclusion
It is concluded that approximately 77 million customers were lost their private data
and it occurred due to lack of appropriate security. This report discussed the Sony PlayStation
outage case and identified how it occurred and what prevention techniques used by the
company. Therefore, it is recommended that users should use backup plans and use strong
passwords for protecting their accounts and personal information.