Great Deal! Get Instant $10 FREE in Account on First Order + 10% Cashback on Every Order Order Now

Research Report task Value: 15% Due Date: 24-Aug-2018 Return Date: 14-Sep-2018 Length: Submission method options: Alternative submission method Task back to top Part A: 10 Marks 1. Search the web for...

1 answer below »
Research Report task
Value: 15%
Due Date: 24-Aug-2018
Return Date: 14-Sep-2018
Length:
Submission method options: Alternative submission method
Task
ack to top
Part A: 10 Marks
1. Search the web for news on computer security
eaches that occu
ed during January-August 2018. Research one such reported incident. Prepare a report focusing on the following issues:
· What the problem was;
· How and why it occu
ed;
· What could have been done to prevent it?
Length: Around 900 words (Excluding references)
Part B: 10 Marks
Research the WannaCry and the Petya cyber-attacks and prepare a report comparing the two, focusing on the following issues:
· What the problem was;
· The scope of the attack;
· Operational details of the attack;
· What could have been done to prevent the attack?
Length: Around 900 words (Excluding references)
Rationale
ack to top
This assessment task will assess the following learning outcome/s:
· be able to justify security goals and the importance of maintaining the secure computing environment against digital threats.
· be able to explain the fundamental concepts of cryptographic algorithms.
· be able to examine malicious activities that may affect the security of a computer program and justify the choice of various controls to mitigate threats.
· be able to compare and contrast the security mechanisms of a trusted operating system with those used in a general purpose operating system.
Marking criteria and standards
ack to top
    Assessment criteria
    PART A : 10 marks
    Assessable Components
    HD
100% - 85%
    DI
84% - 75%
    CR
74% - 65%
    PS
64% - 50%
    FL
49% - 0
    Search the web for news on computer security
eaches that occu
ed during January-August 2018. Research one such reported incident. Prepare a report focusing on the following issues:
· What the problem was;
· How and why it occu
ed;
· What could have been done to prevent it?
    1. The comprehensive report addressing all criteria. Evidence of in-depth research.
 (Value: 95%)  
2. Referenced a wide range of appropriate sources.  
Referencing style co
ectly used.
  (Value: 5%)
    1. The comprehensive report addressing all criteria. Evidence of in-depth research. Minor omissions only.
 (Value: 95%) 
 2. Referenced a range of appropriate sources.
 
 Referencing style co
ectly used. Minor e
ors only.
  (Value: 5%)
    
 1. Mostly well-researched and well-presented report addressing all criteria. Some omissions.
 (Value: 95%)
2. Referenced a range of appropriate sources.
Referencing style co
ectly used. Some e
ors and omissions.
  (Value: 5%)
    1. The partially complete report addressing most of the criteria. Evidence of research. Some omissions.
 (Value: 95%)    
2. Referenced some appropriate sources.
Referencing style mostly co
ectly used. Some e
ors and omissions.
  (Value: 5%)
    1. Major omissions or inco
ect answers(Value: 95%)
 2. Either no evidence of literature being consulted or cited references i
elevant to the assignment set.
 
 Major e
ors in referencing style.
  (Value: 5%)
    Possible marks
    10.0 – 8.5
    8.4-7.5
    7.49 – 6.5
    6.49 –5.0
    4.99 – 0
    PART B: 10 marks
    Research the WannaCry and the Petya cyber-attacks and prepare a report comparing the two, focusing on the following issues:
· What the problem was;
· The scope of the attack;
· Operational details of the attack;
· What could have been done to prevent the attack?
    1. The comprehensive report addressing all criteria. Evidence of in-depth research.
 (Value: 95%)
 
 2. Referenced a wide range of appropriate sources.
 
 Referencing style co
ectly used.
 (Value: 5%)
    1. The comprehensive report addressing all criteria. Evidence of in-depth research. Minor omissions only.
 (Value: 95%)
2. Referenced a range of appropriate sources.
 
 Referencing style co
ectly used. Minor e
ors only.
 (Value: 5%)
    1. Mostly well-researched and well-presented report addressing all criteria. Some omissions.
 (Value: 95%)
2. Referenced a range of appropriate sources.
Referencing style co
ectly used. Some e
ors and omissions.
 (Value: 5%)
    1. The partially complete report addressing most of the criteria. Evidence of research. Some omissions.
 (Value: 95%)
2. Referenced some appropriate sources.
Referencing style mostly co
ectly used. Some e
ors and omissions.
 (Value: 5%)
    1. Major omissions or inco
ect answers.
 (Value: 95%)
2.  Either no evidence of literature being consulted or cited references i
elevant to the assignment set.
 
 Major e
ors in referencing style.
 (Value: 5%)
    Possible marks
    10.0 – 8.5
    8.4-7.5
     XXXXXXXXXX
     XXXXXXXXXX
     XXXXXXXXXX
Presentation
ack to top
· Assessment MUST be submitted as ONE MS Word file via Turnitin. Please do not submit *.zip or *.rar or multiple files. Assessments may be marked and feedback may be generated using MS Word-based tool. Reports that are submitted in PDF format will be re-formatted to Word format in order to be marked. Allowances will not be made for any loss of information, diagrams or images as a result of the re-formatting.
· Your answers to the questions should be precise but complete and informative.
· Each question should be answered individually with the co
esponding label to indicate the tasks completed e.g. Task 1 a.
· APA reference style must be used throughout the document, with the  Reference list not counted in the page limit. APA referencing guide can be found  in http:
student.csu.edu.au/study
eferencing-at-csu
· A cover page must be included and should contain relevant identifying information (Student name, Student ID#, Subject Code, Subject name, Session and Assessment Number).
Requirements
ack to
Answered Same Day Aug 20, 2020

Solution

Soumi answered on Aug 22 2020
138 Votes
Running Head: COMPUTER SECURITY BREACHES 2017-18    1
COMPUTER SECURITY BREACHES 2017-18    7
INFORMATION TECHNOLOGY
ASSESSMENT: COMPUTER SECURITY BREACHES 2017-18
Executive Summary
The report discusses in-depth the nature and meaning of Ransomwares and their types namely WannaCry and Petya. The reports explain the latest security
each of Reddit, in which users’ data was compromised between 2005 and 2007. It further discusses the methods to prevent the occu
ence of security
each in the future. In the other part, it explains the differences, scope and operational details of the attack and finally methods to prevent the same and how vigilance is important on the part of users to prevent further security lapses in the future.
Table of Contents
Part A    4
Reddit Security Breach    4
The methods to prevent security
each    5
Part B    7
A Comparative analysis between WannaCry and Petya Cyber Attack    7
Scope of the WannaCry and Petya Cyber Attack    8
Operational details of the WannaCry and Petya Cyber Attack    8
Actionable steps to prevent the attacks    9
Conclusion    10
References    10
Part A
The hackers
eaking into the computer systems and using it to access the user data is becoming a major problem with the firms on internet platform. This part discusses the recent Reddit security
each incident which happened in June,2018 and explains the reason for its occu
ence and the possible methods to prevent the occu
ence of same in the future.
Reddit Security Breach
Reddit is a news aggregation and discussion website, where participants posts content on the site. It was founded in 2005. On June 19, 2018 Reddit learnt that hackers attacked its system between 14 June and 18 June,2018 and got access to some of the user data. The data included e-mail addresses, employee accounts and passwords stored in the old database, that means, the complete database back up from 2005 and 2007, containing username, hashed passwords, email content including private messages was stolen. Reddit confirmed that the attacker gained only the read-only access to the data and did not gain the writing access to the database, which means that attacker could not change the database intentionally, they could only know the information (Kamat, & Gautam 2018).
Reddit claimed that the attacker compromised the information of the employee accounts with its cloud service provider and source code providers. The information
each from the old database effected particularly those users who haven’t changed their credentials yet and have also used the same credentials in another web platform, because the attacker could then use the stolen information to access other accounts (Leukfeldt & Yar 2016).
Reason for occu
ence of security
each
According to experts, security
each wasn’t difficult for the attackers because Reddit was using the outdated form of two-factor authentication for its employee accounts. Whenever the user logged into their accounts, they received an SMS message with a one-time code, which needs to be entered after the password. This SMS based version of authentication was not secure, as the attackers could hack the message. Hackers performed the SMS intercept attack on the phone numbers of the Reddit employees to intercept the 2FA codes, which were necessary to access the employee accounts. The hackers also knew the employees’ account passwords. The US National Institute for Standards and Technology (NIST) has advised and warned against using the SMS-based 2FA. The attacker got access for the old database backup that contained old-information about Reddit’s user data from 2005 to 2007, which contained information like account credentials- username and salted hashed passwords, email addresses and other content like private messages. The
each won’t affect those users who signed after 2007 (Singer, Flöck, Meinhart, Zeitfogel & Strohmaier 2014).
The methods to prevent security
each
As soon as the incident was reported, Reddit reported the matter to the law enforcement agencies and the search and investigation began to find out the real attacker. Reddit is making its users change the credentials information on its website. It is making sure that users and employees are prompted to regularly change their password-related information. Since, the attacker had only read-only access to the account, they could not...
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here