Current Attacks

PlayStation and Xbox 2015

PlayStation network and Xbox Live was hacked by a group called Lizard Squad to show that the security of these companies is bad. They hacked them to show them that they should invest more in their security. It was done by 3 people and they took down the networks, they took down the network so that nobody could play online or connect to their accounts. They mentioned weeks before the attack that they was going to attack so Sony and Microsoft had time to increase their security but they didn’t so they attacked to raise awareness.

EBay

eBay had been hacked and all the passwords got leaked. This would’ve allowed hackers to make transactions and steal their accounts. This was done when the network was hacked and the database with the user’s passwords, address, name, phone number and date of birth was compromised, however none of the user’s financial information was accessed. From this eBay increased their security and made all their users change their passwords.

US government

The US government has been hacked over a year and stolen up to 22 million federal employees, fingerprints up to 5million. Gigabytes of data were stolen and an even human rights record that isn’t right has been leaked. They used a stolen credential and planted a malware backdoor in the network. They went 343 days undetected so they stole a lot of data.

Ashley Madison

This is for married people to find other married people to have affairs. The information was leaked out to the public and 37 million accounts were vulnerable. This was done by a bad MD5 hash implementation. This was discovered in July 12th 2015 but there’s no information when they got in. this hack lead to embarrassment and even two cases of suicide.

Use a range of examples identify describe how software and network security can keep system and data secure

Call back

A call back is something that would allow the user to access a network by calling them back; they would hang you up and immediately call you back. This would bring security advantages to the network as they would ensure that users from specific locations can only access the network. This would also bring cost advantages to the user. This would have previous telephone numbers which are stored so it would only allow authorized users, so if someone was to gain a username and password then they wouldn’t get a call back as the number is not stored.

Handshaking

Challenge Handshake Authentication Protocol (CHAP) is something which is widely supported authentication method which would have the username which is sent to the authentication process instead of the password itself. The network client would send a challenge to the client trying to access the network; this would use the hash algorithm to create a MD5 hash result. A MD5 hash is computed from the user’s password as well and this is sent to server. The server would have the same result of the user’s password and it they match then the user would be authenticated. This would be secure as calculating the hash result for a data block could be easy but it would be hard to figure out the original data block from the hash result. The CHAP identifiers are changed quite frequently and authentication can be requested at any time this means that it is quite secured.

Diskless networks

A diskless network is a workstation or a PC that doesn’t have any disk drives, this could a thin client that would connect to a network and would load the operating system from the server, so data would be going back and forth all the time. It would store all the data on the network and it wouldn’t have its own components such as CPU, video card, sound card, RAM or even a network card. This could reduce the cost of a network as it would only need servers and thin clients. This would also make it easy to back up data as all the data is stored in one place and not on individual clients, however if the network goes down then the diskless workstations are useless. It would make it more secure by having these diskless computers and it could stop employees from messing around with parts of the system they shouldn’t be.

Audit logs

Audit logs would track down what users do and when it happened. This would have a set of records that would have evidence of all the activities that have happened over a period of time. It would also record who access what and when. This could make it secure because everything is tracked and if there’s any unusual behaviour then you would know who, what and when happened.

Use of backups

A backup is something which is to copy data onto a second medium which could be a disk or a tape. This is just in case if the first medium fails then there is a backup of the original files and it can be restored.

Redundant array of independent disks (RAID) is way which allows storing the same data in different places and ways. It could allow data to be placed on multiple disks and can provide redundancy. It can have the technique of disk mirroring or disk striping. Disk mirroring is where two or more disks would have duplicate of the data, read performance are pretty good in this RAID. Disk striping would spread the data blocks across different disks.

Differential backup is something that would only save the data if something has changed with the last full back up. Incremental backup would provide back up of files that have been changed or new files since the last incremental back or full back up. A full back up is something that would back up every single data on the system.

Onsite backup is where the data is all backed up on the site that the original data is on, offsite back up is where the backup is not in the same location as the original data. You would want backup’s offsite so if there was a fire or something then you could lose the onsite back up. Cloud backup is something which would back up the data onto a cloud service, however if this was to be hacked then the data could be lost or stolen.

Firewall configuration

A firewall is something that would be designed to prevent unauthorized access into a private network. This could be a hardware device or software, it could even be both. Everything that would leave or enter the network would go through the firewall and it would examine it to see whether it would meet the specific security criteria. This could be configured by the user as they can close or open the connections they want or don’t want.

Hardware firewalls can be bought as a standalone product but they would usually be found in broadband routers and it is something important to have in your network setup. Software firewalls can be installed on your computer and it can have the same protection as the hardware firewall.

Virus checking software

Virus checking software is something that would check your computer for any viruses. You would want to have this as it is important that you do not have any viruses on your computer, this should be installed straight after the operating system installation. This would work by having a database on viruses and check your computer to see if there is anything that would match the database, if something matches then it would remove it. Virus definitions would have to be updated frequently as new viruses are developed. There are many different anti-virus software such as Norton Security, this is a common antivirus which is compatible with nearly every device.

VPN

A virtual private network is something that would be used to connect to private networks such as a company’s internal network. This works by connecting two clients together securely and privately over the internet, this does this by having a computer connect to a VPN client then connect to the other computer. This would have encryption and other types of security so that no one would be able to see what information is being sent or received. A company would want to use this so that information cannot be read by anyone and be able to keep the company’s private network secure and private.

Intrusion detection systems

There are two types of intrusion detection systems that would be used in a network and they are Host Intrusion Detection Systems (HIDS) and network intrusion detection systems (NIDS). HIDS is something that would have anti-threat applications such as the firewalls, antivirus and spyware software. This would be installed on every networked computer that would be connected to the internet. NIDS is when anti threat software is installed at certain points in the network such as the servers that would be interface with the outside so this would need to be protected.

Passwords

A password is a method which is commonly used. This would be used with a username and would be to secure a user’s account. This would make the network physically safe as it would be hard to crack these passwords. A good password would have alpha and numeric values as it would be harder to crack these passwords as there are lots of combination’s that can be made. A user would have to log out when they are using machines as this would just bypass the password security. Passwords should be changed frequently so that it would make it harder to crack the passwords.

Levels of access to data

On a network there are levels of access to data for when users are trying to access them. There may be read privileges on certain files or data. There are also write privileges and execute, this would prevent users on the network abusing the data or even from seeing high level security information. If this wasn’t set up properly then it could be a huge security issue.

Software updating

Software updating is something that would be done frequently as possible. This is so that it can fix security breaches, it can patch holes there may be in the software and protect your data. There could be new features that may be in the updates, this could increase productivity or speed it up. Appearance could get changed so that the UI may be easier to use or there is more complex features. There could be bugs in the last update and the newer one may fix these bugs which could increase the performance of the software. Compatibility of the software may be increased and they could support other OS with the updates.