SlideShare a Scribd company logo

Case Study.pdf

•
•
D
DamaineFranklinMScBE

The possibilities provided by the internet in this day and times is almost limitless, fueled by presence of global networks and larger operations being performed on a daily basis coupled with people around the world who enjoy these benefits. However, the internet space is not used for peaceful reasons as it should be assumed. The growing development in technologies and substantive upgrade of programming systems has led to frequent cases of attacks by threat actors, becoming a real problem for large companies. Hence, therefore, one of the most famous cases in relation to hacking in the world was the hacking of important information on the eBay database, an online shopping store. The case study will focus on this attack. 3

Education
1 of 18
Download to read offline
Studocu is not sponsored or endorsed by any college or university A1-obunga 1-R2110D12837119 Computer Security (University of East London) Studocu is not sponsored or endorsed by any college or university A1-obunga 1-R2110D12837119 Computer Security (University of East London) Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
NAME : ROBERT OBUNGA STUDENT ID : R2110D12837119 TITLE : ASSIGNMENT 1 MODULE : COMPUTER SECURITY MODULE CODE : UEL-CN-7016-33285 DATE : 29TH OCTOBER 2022 1 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
THE 2014 eBay CYBER ATTACK. A CASE STUDY. 2 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
ABSTRACT The possibilities provided by the internet in this day and times is almost limitless, fueled by presence of global networks and larger operations being performed on a daily basis coupled with people around the world who enjoy these benefits. However, the internet space is not used for peaceful reasons as it should be assumed. The growing development in technologies and substantive upgrade of programming systems has led to frequent cases of attacks by threat actors, becoming a real problem for large companies. Hence, therefore, one of the most famous cases in relation to hacking in the world was the hacking of important information on the eBay database, an online shopping store. The case study will focus on this attack. 3 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
Introduction The incident under case study occurred in 2014, during summer where one of the world’s most popular online trading platforms eBay, a company in the United States was attacked by virtual threat actors (Meyer,2017). According to Meyer, eBay had up to 145 million user accounts compromised (p. 11). With such a large amount of people affected by this this breach, it was extremely hard for it to go unnoticed or rather be swept under the carpet by eBay. This attack received a lot of public response. The attack scenarios are similar in most cases; The threat actors enter systems through backdoor means an access secret databases and other classified information which is not visible to the public and lay the stolen information bare on a public network. Furthermore, as time passes, fighting such criminals has become extremely difficult as they come up with new ways of circumventing defense systems. Therefore, it is important to dig in on what persuaded the threat actors, aftermath of the attack, which counter measures were taken to avert future data leakages by eBay and the possible recommendations in terms of hardware and software improvements and best practices that would protect the company from persistent threats on the internet. Literature review The eBay attack being one of the worst cyber-attacks registered, review of various information security concepts is vital. Furthermore, to tackle this case effectively, there is need to look at this security principles as it will form the backbone of the case study. It will help in the assessment of the whole incident in a wholesome manner and coming up with the best recommendations for the same. Furthermore, by assessing and reviewing various literature on the subject which relate to computer security, we shall get a proper understanding of specific areas any organization should put emphasis on in order to deal with cyberspace threats. This will intern create a secure working environment. I shall tackle the various concepts of computer security and bring into context the incident that occurred. Below are some of the concepts. i) The fundamental concepts of computer security Sutton (2017), asserts that computer security is a combination of well laid out practices, tools, set standards, written policies and strategies that need to be taken to reduce, prevent or eliminate cyber threats. Cyber threats as referred to here points to threats to intellectual property, identity theft, fraudulent activities, cyber terrorism and espionage. This includes other external and internal aspects as far as technology is concerned. To tackle these, further emphasis is put on the following aspects of computer security: - A) The categories of cyber threats to computer and information security 4 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
According to Sutton (2017), the impact of cyber related crimes can be tackled inform of grouping where each threat is put where it fits. That is to say - General crime: are crimes not very specific to a particular aspect. e.g crimes related to loss of intellectual property falls in this category. Such crimes could lead to the loss of value of the compromised information. - Cyber stalking: is another form of crime which involves unsolicited online advances on people without their consent or bullying them online. This can be grouped as cyber harassment. - Cyber terrorism and espionage: - This is a form of cybercrime where a nation uses cyber space to compromise another country’s national security. Last but not least, the above-mentioned are just a few which relate to the case Study. Other cyber threats exist such us information stealing which is prevalent in the case study. B) What are the realms of cyber security The field of cyber security is divided into several groups that makes it easier for companies to make informed choices on which component best fits their security needs when building cyber security infrastructure and systems. The categories include applications and data security, forensic analysis and software development security. Accordingly, these components shade light on the things that should be given priority in order to prevent data from breach. The other component components such as network and application security play a big role in terms of software integrity and putting up a top-notch control for organizations and consumers of available services. In addition, to ensure all evidence associated with cyber breaches are well kept, forensic analysis is key as part of incident response. Finally, organizations must ensure there is a written incident response plan, disaster recovery plan and business continuity plan to act as guides in the event of a data breach. C) The concept of confidentiality, integrity and availability: The CIA Triad The domicile of information security is built on these core principles. They are commonly referred as CIA triad. The architecture of cyber security heavily relies on these principles and every company must work withing the framework of these three in order to achieve its goals of computer and information security. Confidentiality asserts that all data should and must be kept out of access must require authorization. It emphasizes data classification to ensure it doesn’t end up in the hands of unauthorized individuals. A water-tight security policy that ensures confidentiality must be formulated to ensure no data is accessed by unauthorized persons. 5 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
There is also the concept of data integrity which is a component of CIA. This principle points to the fact data must be accurate at rest, during transfer and eventually when it reaches its destination it must remain the same. This ensures reliability and builds trust in information and that all transactions involving this information must be accurate and reliable. Finally, availability is a principle of the CIA triad that asserts that apart from ensuring that information is confidential and has integrity, its availability to those who rightfully need it is key. The information should be accessible to stake holders with access rights to whatever information they need in order to run their organizations effectively. In a nutshell, trust and reputation of computer systems must be priority for all organizations. ii) The concept and use of cryptography Cryptography by definition is technique used to protect information and communication using codes, such that only those who are authorized to it cab read and process it. Modern cryptography concerns itself with the four major objectives of information security. These objectives are confidentiality, integrity, non-repudiation and authentication. The process of cryptography forms the foundation of cyber security in this modern age. Furthermore, cryptography employs the technique of encryption which is the process of converting information to unreadable cipher text and decryption which is the reverse of encryption. The process of encryption and decryption has revolutionized cyber security and have made it possible for organizations to store information in a more secure form making it difficult for third parties or malicious people to comprehend the content of the information, stored or being transmitted. To further enrich this concept, substitution and transposition ciphers came into play. The algorithm used by substitution cipher for example, allows parties to swap text information into unique and discrete formats acceptable to the parties involved. This method was put to use by ceaser cipher and Vigenère cipher to transmit information between themselves. In this cipher the position and identity of text changes. The substitution method was enriched and reinvented into a more developed and effective transposition ciphers. To encrypt text on the kali linux, gpg command is used i.e $ sudo gpg –full-generate-key iii) The concept of Identity, authentication, and access control In this modern day and era, cyber-attacks have become more frequent than before. To tackle this adequately and prevent intrusion or breaches similar to that of eBay, it is crucial and mandatory to get a good understanding of the methods used to verify the identity of individuals in an organization. There are three know authentication mechanisms that can be used to identify and issue authorization to users. There are namely: - 6 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
- Knowledge based authentication where access to systems is hinged on what the user knows eg password or PIN - Ownership based authentication where access to systems is hinged on what the user has or posses as proof e.g RFID card, tokens - Inherent based authentication where access to systems is based on what the user is. Eg biometrics like finger print, face or Iris. Identity management which is also referred to as Identity and access management (IAM) refers to the overarching discipline used to verify a user’s identity and his/her access level to a particular system. In that context, authentication and access control, regulates user’s access level to a given system, thus playing a vital role in securing user data. To further discuss these concepts, threat actors are known to always exploit and utilize every level of access they can gain and thus it’s important to ensure that access levels and restrictions are put in place and reinforced by a written security policy. Identity, trust and reputation are key considerations for every organization before admitting a user into internal networks. To achieve that crucial goal, organizations must build systems that ensure users validate their credentials every time they need to access the systems or network. It’s the duty of the organization to ensure user information is secure and work towards maintain a level of trust from the users of the systems. Therefore, the crucial process of validating user information before accessing the system or network resources is called authentication. This process can be said in layman’s language as “separating the wheat from the chuff”. It ensures that only legitimate users have access to system and network resources. Another widely used concept under authentication is the use of multifactor authentication rather than rather than single intrinsic factor method for users. Multifactor authentication requires a user to further prove his/her identity even after entering correct credentials. Eg a verification code is sent to user’s email or phone number saved in the system. The user will then be required to enter the code for access to be granted. This two-factor method has proven to be effective and organizations must adopt this method to achieve some maximum level of security to their information and network assets. Furthermore, this method can be coupled with other authentication mechanisms like inherent based which in turn provide solid security to information. In a nutshell, the three authentication mechanisms if used correctly will help organizations achieve its goal of information security. User training on this authentication mechanisms is also required if organizations want to achieve their goal of information security as it will be a waste of time to introduce them to an untrained staff who may not take it seriously. Lastly, to further boost the authentication mechanism employed, access control methods to augment them is vital. Access control methods limits users and devices privileges to access organization’s systems and network resources. There are various access control methods as below:- 7 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
a) Discretionary access control- in this type of control, only the owner of the resource can allow other users access to it. i.e, its at his disposal to allow or disallow other users from accessing a particular object. b) Role based access control (RBAC). This type of access control asserts that each user or subject is given access to an object based on their roles in the organization. Eg a loan officer can only have access to loan related information. c) Mandatory access control (MAC). This type of access control demands that information is classified and access to it requires some form of authentication. Finally, other predefined access control mechanisms can be employed to add on those mentioned to ensure information is secure and no unauthorized access is permitted. iv) The use of Encryption, digital signatures and digital certificates These components are employed in technology to allow encryption and decryption of data. They form the cornerstone for carrying out cryptography. There are two known encryption key techniques. These are symmetric and asymmetric keys encryption. Majority of the encryption methods apply these two techniques. Symmetric encryption is a type of encryption where one key is utilized in the process of encryption and decryption of data. This principle guarantees that the speed of encrypting and decrypting data is high and efficient for any organization that uses it. The advantage of symmetric encryption is it can handle big volumes of data at a go. The presence of a key ensures confidentiality of the data being transmitted. Asymmetric encryption on the other hand, embrace the use of two keys the encryption process. A key pair one for encrypting and the other for decrypting are used unlike the case in symmetric encryption. Asymmetric encryption requires the public and the private key. The two key requirement mechanism ensures safety in compromised environments in case of attacks. Data encryption algorithms available in this modern day for the benefit of this case study are the standard encryption standards and advanced encryption standards. Asymmetric algorithms for example include Rivest shammer Adelman (RSA) and MD4 also referred to as message digest. v) Incorporation of intrusion, detection and prevention measures in information security In every attack environment, there must be a corresponding defense measures put in place by organizations to thwart such attacks. Cyber threats are real and any company can be attacked without notice, thus organizations must have mechanisms and policies to help them defend themselves against attacks. Installations of systems to monitor and prevent attacks must be a priority. 8 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
These measures can be achieved by ensuring that the IT team of the organization have enough training and experience to identify and deal with threats. In addition, a proper understanding of threat models i.e STRIDE AND DREAD goes a long way in achieving security goals. They must also have a proper understanding of the cyber kill chain and how to break the chain incase of an attack. A well-documented information on previous attacks and threats helps as it forms the cyber threat intelligence (CTI) mechanism when threats are identified as the indicators of compromise (IOCs) are already documented from previous attack. Constant vulnerability scans on internal systems and networks coupled with staff training on information security will help avert attacks. vi) The concept of network security, malware and viruses. In many ways the network acts as the information pathway and data transmission relies on network infrastructure from place of origin to its final destination. In this context, network security is an essential component of cyber security. Network connectivity and data transportation is divided into layers known as the OSI model. Data transmission goes through layers from initiation, transmission to its final destination. These layers can be exploited my threat actors in case they have vulnerabilities. Therefore, securing this layer is vital to ensure data is secure at all stages of transmission and delivery. In addition, there are significant examples to justify network security importance. DNS exploits can be used to exploit DNS via insecure networks, bringing into the fore the importance of understanding the OSI model and how it plays a role in data transmission. As a matter of fact, each layer of the OSI model carries vulnerabilities from the presentation layer to the physical layer. Most attacks are normally executed at the network layers and transportation layers, hence the presence of encryption protocols like transport layer security (TLS) to provide security at the transport layer. Harmful and malicious programs can be sent over insecure networks causing harm to systems and information. Malware stands for malicious software. In figure 1 below is the summary of OSI model and the kind of attacks on each layer. 9 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
Figure 1 The OSI model and attack examples (Manninen,2018) Network vulnerability tools such as tcp dump and Nmap can be used to check network vulnerabilities and have them fixed eg $ sudo tcpdump on Kali linux Terminal. For packet sniffing $ sudo nmap scanme.nmap.org to scan for open ports Incident overview The e-commerce giant e-Bay Inc is an American company in the United States in San Jose, California. It facilitates the process of consumer-to-consumer sales through an online platform. The Washington post published a report on attack on the online shopping platform of eBay which occurred between February and March 2014. The attack went on undetected for a whole month. The threat actors got access to user credentials and used them gain access to the internal systems of eBay and carry out their malicious activities. This resulted in exploitation of 145 million user accounts as per the report. Discussion and analysis of the attack The actions of the threat actors who illegally gained access to user information and harvested passwords and other access credentials were well organized and quiet professional. Nonetheless, this doesn’t point to a fact that eBay protection was weak since for some time, their firewall was protected. In spite of the presence of a firewall, the threat actors managed to overcome the firewall defense and effectively committed their crime. To better explain hacker activities, Figure 2 below shows the series of events pointing to what actually happened to the internet store and the nature of threat customers had to experience. 10 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
Figure 2. The case of eBay data theft and potential threats to customers (Codsi,2014) From figure 2, conclusions can be that customers were at serious risk as threat actors aim was to steal information and sell to companies as shown for monetary gains. The companies A and B are hypothetical since its wasn’t proven outright in the investigations. a) Possible intentions of the attack In this particular attack, the intentions and motives of the threat actors are not well established. The plausible motive of their actions could have been to undermine the authority of the company. According to El-Kenawy, El-Dosky and Sarhan (2014), eBay is ranked as one of the largest global online stores and this could be actions of a rival online store aimed at bringing down popularity of eBay. Another plausible reason for the attack was that the attackers did and ordinary database attack just for entertainment purposes or hacktivism, thus sending a signal to the creators of eBay security team that their product has vulnerabilities and can be hacked easily. Nevertheless, their intentions notwithstanding, they succeeded to achieve what they aspired to do. They penetrated the eBay systems and made information of 145 million clients’ accounts available to unauthorized parties. b) Mode of attack used In most cyber security breachers, threat actors use different modes or methods to execute their attack. In this case, the threat actors did not use the well-known scheme of Distributed Denial of Service attack (DDOS), where the intent of the attack is to flood one site with many requests with the aim of causing its collapse. These threat actors employed a more sophisticated method. They used compromised user credentials and hacked into information field of the store’s 11 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
database and gaining access to vital information. The only relief to users is that no critical financial data were kept in the attacked base. This means there was no monetary loss incurred by users. The most identified method was social engineering on compromised accounts of three employees. However, even though no financial losses were incurred, the reputation of the company was severely damaged. Aggarwal, Arora, et al (2014) asserted that millions of data was lost. c) Vulnerabilities exploited by threat actors In carrying out attacks, cyber criminals usually exploit various vulnerabilities that exist in any system or network of their target victim. In the case of eBay, threat actors were able the weaknesses in their network infrastructure and used it to their advantage to access and control the databases that contained user information. The vulnerabilities that were identified in this case were a cross-site scripting vulnerability and a cookie reuse. Another remote vulnerability was identified as basic standard firewalls setup by eBay easy to penetrate. To tackle the cross-site scripting vulnerability in detail, eBay’s auction site was affected by a bug which consistently caused a cross-site scripting. This anomaly created a loophole for users to add malicious codes in java-script and HTML into the company systems. The threat actors utilized this to write a script that would store user credentials whenever they visited the site. This assertion is plausible on how credentials of users were obtained. In this case both employees and customers credentials were compromised. Cookie re-use as mentioned earlier is a vulnerability plausibly exploited by the attackers. In addition, eBay site utilized cookie re-use which permits its systems to allow alike or similar text files holding cookie data to be re-utilized. This method enhances data harvesting as the threat actors’ systems ate able to listen and collection valuable information. The presence of a standard firewall was also cited as a vulnerability d) Response by eBay to counter the attack For every attack, follows a response otherwise known as incident response. eBay responded to the attack to reduce the impact of the attack though late by informing their members to change their passwords. The Cyber security team went ahead and put in place access control measures to their existing infrastructure which is essential to the functioning of their online business. In addition, vetting mechanisms were put in place which ensured only cleared employees got access to their business operations and server rooms. The remaining set of employees were locked out or denied access to servers and databases that were considered critical to the business operations. Furthermore, the firewall and its intrusion sensors were reinforced to ensure effective detection of threats, intrusion and corresponding prevention signatures for solid internal network security. To add on this measures, intrusion and prevention monitoring systems were audited to ensure user activities registered were accurate and reliable. Encryption of all databases was done to prevent threat actors from scooping more information. They released a report to confirm this to boost customer confidence. This was done as investigations continued. 12 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
e) Impact of the attack on eBay The impact of the attack was quite significant. It caused leakage of confidential user credentials which included emails, names and passwords. This attack placed users at risk and this affecting the reputation of eBay as one of the largest online stores. This information found their way to black markets where they were sold at good retail price to companies dealing in metadata. In addition, this attack also caused a financial loss to customers who didn’t get the goods they ordered for. On the part of eBay, and equally financial loss of about 200 million dollars was incurred which is a loss of revenue. The major loss was actually reputational damage which meant loss confidence in the company by users which translates to future financial losses. To cap it all, the counter-measures by eBay to contain the attack made it even harder for the already frustrated users to operate on their platform. This was occasioned by the security restrictions put in place which involved stringent verification protocols. Some users left the platform because of this. On the part of investors, who had invested on this online store, financial loss was incurred as they had to pay forensics experts and IT gurus to get the systems up and running. In line with this systems upgrades had to be done to make the platform secure. This meant purchasing and replacing existing firewall and ensuring a top-notch data encryption mechanism to all data. Conclusion This attack was one of the biggest attacks in this century and in US history. This case study has put into perspective the dangers of cross-site scripting and cookie re-use to online platforms. The importance of up-to-date firewalls, intrusion and detections systems has been highlighted as key elements of data security. In addition, this information and data age demands that security of both data and systems is essential. Threat actors according to the case study got access easily because of eBay’s poorly trained employees on information security. This was escalated by lack of enough preventive mechanisms to detect intrusion. This clearly points to the fact that if small things aren’t taken care off, they can escalate to bigger and expensive things. Recommendations Firstly, to prevent such breaches, organizations must ensure data is stored in encrypted form. This will prevent unauthorized access to information, any form of listening and interception of traffic. The process of encryption involves the use of a particular key to access particular website or system resources. The technicalities involved in the method of data security is that threat actors will not gain access to information minus having the particular secret key to decrypt the information. The encryption can be symmetric or asymmetric as highlighted in the concepts of information security in the literature review. An example to elaborate encryption is shown in figure 3 below:- 13 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
Figure 3: The login page of eBay (WebCount ,2017) When you observe the login interface in figure 3, it is easy to identify the type of encryption used. i.e. single key or Symmetric encryption. This is used on many online platforms. We can also get to define other unique methods of how eBay IT staff would have prevented the 2014 attack. Even in encryption it is essential to adhere to proper preventive rules to prevent attack. In this case adding the stay signed on option negated the encryption method used as an attacker can exploit this vulnerability. It is also clear that eBay did not employ the use of a two-factor authentication requirement for users to verify their identity before login. The second method that would prevent such attacks from recurring is to ensure access to systems is restricted. The methods deployed to prevent unauthorized access can actually be simple if properly executed. The most important and basic goal of restriction is to reduce or eliminate completely the ability of a threat actor to have unfettered access to critical servers which avail webservices to external users. When a threat actor is prevented from accessing a port, he can’t attack it. The IT team at eBay failed to provide this complete protection in time. A centralized key management is a third method to protect information. In this concept, important factors are put into account. The sequence and flow of work must and should be in conformity with a uniquely defined algorithm and adherence a unique chain. To elaborate this order, figure 4 will be used. 14 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
Figure 4: The system of centralized cryptographic key management (Gemalto ,2017) From figure 4, it can be noted that all objects of the database chain are actually managed by a single key element. When the central apparatus is reliably and professionally managed, the chances of attack on such a system will be minimal The fourth recommendation is proper training of employees. This encompasses written security policies for them to adhere to. The policy concept may include the principle of least privilege which avails them with bare minimum amount of permission and access rights to perform their duties. Additionally, an incident response plan that can be implemented in times of crisis or intrusion must be in place. Furthermore, the fifth point is that organizations must ensure their systems have proper security controls which was a glare vulnerability in the case study. Security measures such as the use of two factor authentication mechanism wasn’t put in place. Organizations must ensure such fundamental security measures are in place. In addition, having regular checks on organization’s systems will help detect any intrusions in time. Businesses should also ensure that systems are equipped with proper antimalware software to prevent malware attacks. In a nutshell regular system checkup must be made routine and compulsory. Accordingly, the sixth recommendation is that organization’s IT team must ensure that the first layer of security is applied. The operating systems running webservers, databases, including other network services must always be up to date with security patches. In addition, most webservers typically reside in demilitarized zone, which is typically exposed to untrusted external networks where unknown web users can interact with webservers by establishing a connection enabling them to send data to the webserver thus making it vulnerable to attacks. 15 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
When the webserver and database server are installed in the demilitarized zones zone, then chances of hackers gaining access to the databases is high. Therefore, separating servers with different roles is crucial i.e webserver and database server should be separated. This will improve the security of an organization’s web farm and limits the extent of damage in case of an attack. The principle of least privilege is another security concept that should be adopted by IT professionals working in organizations. This simply means that the webserver should have the least possible privilege to access databases. In addition, it should not be granted administrative rights to invoke changes to the databases structure e.g the drop table. This will go along way in limiting the damage in case servers are compromised by an attack. Limiting remote access is also another security concept that should be adopted by organizations to protect all their server in the web farm. This means that webservers and database servers should only be accessed locally from local area networks; admin interfaces must not be accessed from the internet. Therefore, if remote access id unavoidable, a well-documented handful number of IP addresses can be granted access to these administrative interfaces. This can be achieved using whitelisting from the firewall. The other method remote access can be secure is by employing the use of cryptographically secure mechanisms such as SSH or use virtual private network. In a nutshell there are many security measures that can be employed by organizations to protect their systems and other internal assets. REFERENCES 1. Aggarwal, P., Arora, P., & Ghai, R. (2014). Review on cybercrime and security. International Journal of Research in Engineering and Applied Sciences, 2(1), 48-51. 2. The case of eBay data theft and potential threat to customers [Image]. (2014). Web. 3. The damage that the Heartbleed bug caused [Image]. (2014). Web. 16 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
4. Gujrathi, S. (2014). Heartbleed bug: An OpenSSL heartbeat vulnerability. International Journal of Computer Science and Engineering, 2(5), 61-64. 5. El-Kenawy, E. S. M. T., El-Desoky, A. I., & Sarhan, A. M. (2014). Bidder strategy system for online auctions trust measurement. International Journal of Computer Science Issues (IJCSI), 11(5), 76-82. 6. How hackers hack PayPal account in 2017 – Hack PayPal. (2017). Web. 7. The login page of eBay [Image]. (2017). Web. 8. Meyer, C. (2017). Submitted to the Department of technology systems. Web. The system of centralized cryptographic key management [Image]. Web. 9. Sahib, S. (2015) Cyber terrorism: Policy and technical perspective. Melaka: Penerbit University Teknikal Melaysia Melaka. 10. Andrade, R. et al. (2021) “Extending a trust model for energy trading with cyber-attack detection,” Electronics, 10(16), p. 1975. 11. Butler, R. (2007) “A framework of anti‐phishing measures aimed at protecting the online consumer’s identity,” Electronic library, 25(5), pp. 517–533. 12. Byrne, D. J. (2015) “Cyber-attack methods, why they work on us, and what to do,” in AIAA SPACE 2015 Conference and Exposition. Reston, Virginia: American Institute of Aeronautics and Astronautics. 17 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381

Recommended

Ashar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptxAshar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptxasharshaikh8
 
CyberSecurity.pdf
CyberSecurity.pdfCyberSecurity.pdf
CyberSecurity.pdfSuleiman55
 
Module 1Introduction to cyber security.pptx
Module 1Introduction to cyber security.pptxModule 1Introduction to cyber security.pptx
Module 1Introduction to cyber security.pptxSkippedltd
 
Cyber security for Developers
Cyber security for DevelopersCyber security for Developers
Cyber security for Developerstechtutorus
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationKen Flott
 
A01450131
A01450131A01450131
A01450131IOSR Journals
 
Module 1 (legality)
Module 1 (legality)Module 1 (legality)
Module 1 (legality)Wail Hassan
 

Recommended

Ashar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptxAshar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptxasharshaikh8
 
CyberSecurity.pdf
CyberSecurity.pdfCyberSecurity.pdf
CyberSecurity.pdfSuleiman55
 
Module 1Introduction to cyber security.pptx
Module 1Introduction to cyber security.pptxModule 1Introduction to cyber security.pptx
Module 1Introduction to cyber security.pptxSkippedltd
 
Cyber security for Developers
Cyber security for DevelopersCyber security for Developers
Cyber security for Developerstechtutorus
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationKen Flott
 
A01450131
A01450131A01450131
A01450131IOSR Journals
 
Module 1 (legality)
Module 1 (legality)Module 1 (legality)
Module 1 (legality)Wail Hassan
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCybAnastaciaShadelb
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCybChantellPantoja184
 
Cyber Security Intelligence
Cyber Security IntelligenceCyber Security Intelligence
Cyber Security Intelligenceijtsrd
 
Cyber Security Matters a book by Hama David Bundo
Cyber Security Matters a book by Hama David BundoCyber Security Matters a book by Hama David Bundo
Cyber Security Matters a book by Hama David Bundohdbundo
 
E-Commerce Privacy and Security System
E-Commerce Privacy and Security SystemE-Commerce Privacy and Security System
E-Commerce Privacy and Security SystemIJERA Editor
 
E-Commerce Privacy and Security System
E-Commerce Privacy and Security SystemE-Commerce Privacy and Security System
E-Commerce Privacy and Security SystemIJERA Editor
 
Top Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfTop Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfCareerera
 
Threat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber SecurityThreat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber SecurityIRJET Journal
 
A Comprehensive Review of Cyber Security, Threats and Cyber Attacks
A Comprehensive Review of Cyber Security, Threats and Cyber AttacksA Comprehensive Review of Cyber Security, Threats and Cyber Attacks
A Comprehensive Review of Cyber Security, Threats and Cyber AttacksIRJET Journal
 
Inria - Cybersecurity: current challenges and Inria’s research directions
Inria - Cybersecurity: current challenges and Inria’s research directionsInria - Cybersecurity: current challenges and Inria’s research directions
Inria - Cybersecurity: current challenges and Inria’s research directionsInria
 
Global Perspective Cyberlaw, Regulations and Compliance
Global Perspective Cyberlaw, Regulations and ComplianceGlobal Perspective Cyberlaw, Regulations and Compliance
Global Perspective Cyberlaw, Regulations and Complianceijtsrd
 
DIGITAL EMPOWERMENT ASSIGNMENT.docx
DIGITAL EMPOWERMENT ASSIGNMENT.docxDIGITAL EMPOWERMENT ASSIGNMENT.docx
DIGITAL EMPOWERMENT ASSIGNMENT.docxHateMe9
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesKrist Davood - Principal - CIO
 
The Role of Technology in Modern Security Services Trends and Innovations.pdf
The Role of Technology in Modern Security Services Trends and Innovations.pdfThe Role of Technology in Modern Security Services Trends and Innovations.pdf
The Role of Technology in Modern Security Services Trends and Innovations.pdfMax Secure Ltd
 
Honey Pot Intrusion Detection System
Honey Pot Intrusion Detection SystemHoney Pot Intrusion Detection System
Honey Pot Intrusion Detection SystemInternational Journal of Engineering Inventions www.ijeijournal.com
 
ControlsforProtectingCriticalInformationInfrastructurefromCyberattacks (1).pdf
ControlsforProtectingCriticalInformationInfrastructurefromCyberattacks (1).pdfControlsforProtectingCriticalInformationInfrastructurefromCyberattacks (1).pdf
ControlsforProtectingCriticalInformationInfrastructurefromCyberattacks (1).pdfsulu98
 
Running head CYBERSECURITY IN FINANCIAL DOMAIN .docx
Running head CYBERSECURITY IN FINANCIAL DOMAIN .docxRunning head CYBERSECURITY IN FINANCIAL DOMAIN .docx
Running head CYBERSECURITY IN FINANCIAL DOMAIN .docxhealdkathaleen
 
C018131821
C018131821C018131821
C018131821IOSR Journals
 
Digital Forensics Assignment One UEL and Unicaf
Digital Forensics Assignment One UEL and UnicafDigital Forensics Assignment One UEL and Unicaf
Digital Forensics Assignment One UEL and UnicafDamaineFranklinMScBE
 
LEGAL AND REGULATORY STRUCTURE PREVAILING IN THE UK RELATED TO DATA PRIVACY A...
LEGAL AND REGULATORY STRUCTURE PREVAILING IN THE UK RELATED TO DATA PRIVACY A...LEGAL AND REGULATORY STRUCTURE PREVAILING IN THE UK RELATED TO DATA PRIVACY A...
LEGAL AND REGULATORY STRUCTURE PREVAILING IN THE UK RELATED TO DATA PRIVACY A...DamaineFranklinMScBE
 
Security Management
Security ManagementSecurity Management
Security ManagementDamaineFranklinMScBE
 
Security Management
Security ManagementSecurity Management
Security ManagementDamaineFranklinMScBE
 

More Related Content

Similar to Case Study.pdf

12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCybAnastaciaShadelb
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCybChantellPantoja184
 
Cyber Security Intelligence
Cyber Security IntelligenceCyber Security Intelligence
Cyber Security Intelligenceijtsrd
 
Cyber Security Matters a book by Hama David Bundo
Cyber Security Matters a book by Hama David BundoCyber Security Matters a book by Hama David Bundo
Cyber Security Matters a book by Hama David Bundohdbundo
 
E-Commerce Privacy and Security System
E-Commerce Privacy and Security SystemE-Commerce Privacy and Security System
E-Commerce Privacy and Security SystemIJERA Editor
 
E-Commerce Privacy and Security System
E-Commerce Privacy and Security SystemE-Commerce Privacy and Security System
E-Commerce Privacy and Security SystemIJERA Editor
 
Top Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfTop Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfCareerera
 
Threat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber SecurityThreat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber SecurityIRJET Journal
 
A Comprehensive Review of Cyber Security, Threats and Cyber Attacks
A Comprehensive Review of Cyber Security, Threats and Cyber AttacksA Comprehensive Review of Cyber Security, Threats and Cyber Attacks
A Comprehensive Review of Cyber Security, Threats and Cyber AttacksIRJET Journal
 
Inria - Cybersecurity: current challenges and Inria’s research directions
Inria - Cybersecurity: current challenges and Inria’s research directionsInria - Cybersecurity: current challenges and Inria’s research directions
Inria - Cybersecurity: current challenges and Inria’s research directionsInria
 
Global Perspective Cyberlaw, Regulations and Compliance
Global Perspective Cyberlaw, Regulations and ComplianceGlobal Perspective Cyberlaw, Regulations and Compliance
Global Perspective Cyberlaw, Regulations and Complianceijtsrd
 
DIGITAL EMPOWERMENT ASSIGNMENT.docx
DIGITAL EMPOWERMENT ASSIGNMENT.docxDIGITAL EMPOWERMENT ASSIGNMENT.docx
DIGITAL EMPOWERMENT ASSIGNMENT.docxHateMe9
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesKrist Davood - Principal - CIO
 
The Role of Technology in Modern Security Services Trends and Innovations.pdf
The Role of Technology in Modern Security Services Trends and Innovations.pdfThe Role of Technology in Modern Security Services Trends and Innovations.pdf
The Role of Technology in Modern Security Services Trends and Innovations.pdfMax Secure Ltd
 
ControlsforProtectingCriticalInformationInfrastructurefromCyberattacks (1).pdf
ControlsforProtectingCriticalInformationInfrastructurefromCyberattacks (1).pdfControlsforProtectingCriticalInformationInfrastructurefromCyberattacks (1).pdf
ControlsforProtectingCriticalInformationInfrastructurefromCyberattacks (1).pdfsulu98
 
Running head CYBERSECURITY IN FINANCIAL DOMAIN .docx
Running head CYBERSECURITY IN FINANCIAL DOMAIN .docxRunning head CYBERSECURITY IN FINANCIAL DOMAIN .docx
Running head CYBERSECURITY IN FINANCIAL DOMAIN .docxhealdkathaleen
 

Similar to Case Study.pdf (18)

12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCyb
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCyb
 
Cyber Security Intelligence
Cyber Security IntelligenceCyber Security Intelligence
Cyber Security Intelligence
 
Cyber Security Matters a book by Hama David Bundo
Cyber Security Matters a book by Hama David BundoCyber Security Matters a book by Hama David Bundo
Cyber Security Matters a book by Hama David Bundo
 
E-Commerce Privacy and Security System
E-Commerce Privacy and Security SystemE-Commerce Privacy and Security System
E-Commerce Privacy and Security System
 
E-Commerce Privacy and Security System
E-Commerce Privacy and Security SystemE-Commerce Privacy and Security System
E-Commerce Privacy and Security System
 
Top Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfTop Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdf
 
Threat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber SecurityThreat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber Security
 
A Comprehensive Review of Cyber Security, Threats and Cyber Attacks
A Comprehensive Review of Cyber Security, Threats and Cyber AttacksA Comprehensive Review of Cyber Security, Threats and Cyber Attacks
A Comprehensive Review of Cyber Security, Threats and Cyber Attacks
 
Inria - Cybersecurity: current challenges and Inria’s research directions
Inria - Cybersecurity: current challenges and Inria’s research directionsInria - Cybersecurity: current challenges and Inria’s research directions
Inria - Cybersecurity: current challenges and Inria’s research directions
 
Global Perspective Cyberlaw, Regulations and Compliance
Global Perspective Cyberlaw, Regulations and ComplianceGlobal Perspective Cyberlaw, Regulations and Compliance
Global Perspective Cyberlaw, Regulations and Compliance
 
DIGITAL EMPOWERMENT ASSIGNMENT.docx
DIGITAL EMPOWERMENT ASSIGNMENT.docxDIGITAL EMPOWERMENT ASSIGNMENT.docx
DIGITAL EMPOWERMENT ASSIGNMENT.docx
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
 
The Role of Technology in Modern Security Services Trends and Innovations.pdf
The Role of Technology in Modern Security Services Trends and Innovations.pdfThe Role of Technology in Modern Security Services Trends and Innovations.pdf
The Role of Technology in Modern Security Services Trends and Innovations.pdf
 
Honey Pot Intrusion Detection System
Honey Pot Intrusion Detection SystemHoney Pot Intrusion Detection System
Honey Pot Intrusion Detection System
 
ControlsforProtectingCriticalInformationInfrastructurefromCyberattacks (1).pdf
ControlsforProtectingCriticalInformationInfrastructurefromCyberattacks (1).pdfControlsforProtectingCriticalInformationInfrastructurefromCyberattacks (1).pdf
ControlsforProtectingCriticalInformationInfrastructurefromCyberattacks (1).pdf
 
Running head CYBERSECURITY IN FINANCIAL DOMAIN .docx
Running head CYBERSECURITY IN FINANCIAL DOMAIN .docxRunning head CYBERSECURITY IN FINANCIAL DOMAIN .docx
Running head CYBERSECURITY IN FINANCIAL DOMAIN .docx
 
C018131821
C018131821C018131821
C018131821
 

More from DamaineFranklinMScBE

Digital Forensics Assignment One UEL and Unicaf
Digital Forensics Assignment One UEL and UnicafDigital Forensics Assignment One UEL and Unicaf
Digital Forensics Assignment One UEL and UnicafDamaineFranklinMScBE
 
LEGAL AND REGULATORY STRUCTURE PREVAILING IN THE UK RELATED TO DATA PRIVACY A...
LEGAL AND REGULATORY STRUCTURE PREVAILING IN THE UK RELATED TO DATA PRIVACY A...LEGAL AND REGULATORY STRUCTURE PREVAILING IN THE UK RELATED TO DATA PRIVACY A...
LEGAL AND REGULATORY STRUCTURE PREVAILING IN THE UK RELATED TO DATA PRIVACY A...DamaineFranklinMScBE
 
Formative Task 3: Social Engineering Attacks
Formative Task 3: Social Engineering AttacksFormative Task 3: Social Engineering Attacks
Formative Task 3: Social Engineering AttacksDamaineFranklinMScBE
 
Classical Cryptography and Digital Encryption
Classical Cryptography and Digital EncryptionClassical Cryptography and Digital Encryption
Classical Cryptography and Digital EncryptionDamaineFranklinMScBE
 
Identity, Authentication, and Access Control
Identity, Authentication, and Access ControlIdentity, Authentication, and Access Control
Identity, Authentication, and Access ControlDamaineFranklinMScBE
 
Is online education an effective replacement for traditional classroom teaching?
Is online education an effective replacement for traditional classroom teaching?Is online education an effective replacement for traditional classroom teaching?
Is online education an effective replacement for traditional classroom teaching?DamaineFranklinMScBE
 
What is The Role of Students in Online Courses?
What is The Role of Students in Online Courses?What is The Role of Students in Online Courses?
What is The Role of Students in Online Courses?DamaineFranklinMScBE
 
Computer Security - Case Study
Computer Security - Case StudyComputer Security - Case Study
Computer Security - Case StudyDamaineFranklinMScBE
 

More from DamaineFranklinMScBE (14)

Digital Forensics Assignment One UEL and Unicaf
Digital Forensics Assignment One UEL and UnicafDigital Forensics Assignment One UEL and Unicaf
Digital Forensics Assignment One UEL and Unicaf
 
LEGAL AND REGULATORY STRUCTURE PREVAILING IN THE UK RELATED TO DATA PRIVACY A...
LEGAL AND REGULATORY STRUCTURE PREVAILING IN THE UK RELATED TO DATA PRIVACY A...LEGAL AND REGULATORY STRUCTURE PREVAILING IN THE UK RELATED TO DATA PRIVACY A...
LEGAL AND REGULATORY STRUCTURE PREVAILING IN THE UK RELATED TO DATA PRIVACY A...
 
Security Management
Security ManagementSecurity Management
Security Management
 
Security Management
Security ManagementSecurity Management
Security Management
 
Formative Task 3: Social Engineering Attacks
Formative Task 3: Social Engineering AttacksFormative Task 3: Social Engineering Attacks
Formative Task 3: Social Engineering Attacks
 
Classical Cryptography and Digital Encryption
Classical Cryptography and Digital EncryptionClassical Cryptography and Digital Encryption
Classical Cryptography and Digital Encryption
 
Identity, Authentication, and Access Control
Identity, Authentication, and Access ControlIdentity, Authentication, and Access Control
Identity, Authentication, and Access Control
 
ebay_data_breach
ebay_data_breachebay_data_breach
ebay_data_breach
 
Ebay cyber attack
Ebay cyber attackEbay cyber attack
Ebay cyber attack
 
Is online education an effective replacement for traditional classroom teaching?
Is online education an effective replacement for traditional classroom teaching?Is online education an effective replacement for traditional classroom teaching?
Is online education an effective replacement for traditional classroom teaching?
 
What is The Role of Students in Online Courses?
What is The Role of Students in Online Courses?What is The Role of Students in Online Courses?
What is The Role of Students in Online Courses?
 
Computer Security - Case Study
Computer Security - Case StudyComputer Security - Case Study
Computer Security - Case Study
 
IT & Internet Law
IT & Internet LawIT & Internet Law
IT & Internet Law
 
IT and Internet Law
IT and Internet LawIT and Internet Law
IT and Internet Law
 

Recently uploaded

Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxEyham Joco
 
ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)Dr. Mazin Mohamed alkathiri
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersSabitha Banu
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentInMediaRes1
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupJonathanParaisoCruz
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
18-04-UA_REPORT_MEDIALITERAĐĄY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAĐĄY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAĐĄY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAĐĄY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 

Recently uploaded (20)

Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptx
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media Component
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized Group
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
18-04-UA_REPORT_MEDIALITERAĐĄY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAĐĄY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAĐĄY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAĐĄY_INDEX-DM_23-1-final-eng.pdf
 
OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...
 

Case Study.pdf

  • 1. Studocu is not sponsored or endorsed by any college or university A1-obunga 1-R2110D12837119 Computer Security (University of East London) Studocu is not sponsored or endorsed by any college or university A1-obunga 1-R2110D12837119 Computer Security (University of East London) Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
  • 2. NAME : ROBERT OBUNGA STUDENT ID : R2110D12837119 TITLE : ASSIGNMENT 1 MODULE : COMPUTER SECURITY MODULE CODE : UEL-CN-7016-33285 DATE : 29TH OCTOBER 2022 1 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
  • 3. THE 2014 eBay CYBER ATTACK. A CASE STUDY. 2 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
  • 4. ABSTRACT The possibilities provided by the internet in this day and times is almost limitless, fueled by presence of global networks and larger operations being performed on a daily basis coupled with people around the world who enjoy these benefits. However, the internet space is not used for peaceful reasons as it should be assumed. The growing development in technologies and substantive upgrade of programming systems has led to frequent cases of attacks by threat actors, becoming a real problem for large companies. Hence, therefore, one of the most famous cases in relation to hacking in the world was the hacking of important information on the eBay database, an online shopping store. The case study will focus on this attack. 3 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
  • 5. Introduction The incident under case study occurred in 2014, during summer where one of the world’s most popular online trading platforms eBay, a company in the United States was attacked by virtual threat actors (Meyer,2017). According to Meyer, eBay had up to 145 million user accounts compromised (p. 11). With such a large amount of people affected by this this breach, it was extremely hard for it to go unnoticed or rather be swept under the carpet by eBay. This attack received a lot of public response. The attack scenarios are similar in most cases; The threat actors enter systems through backdoor means an access secret databases and other classified information which is not visible to the public and lay the stolen information bare on a public network. Furthermore, as time passes, fighting such criminals has become extremely difficult as they come up with new ways of circumventing defense systems. Therefore, it is important to dig in on what persuaded the threat actors, aftermath of the attack, which counter measures were taken to avert future data leakages by eBay and the possible recommendations in terms of hardware and software improvements and best practices that would protect the company from persistent threats on the internet. Literature review The eBay attack being one of the worst cyber-attacks registered, review of various information security concepts is vital. Furthermore, to tackle this case effectively, there is need to look at this security principles as it will form the backbone of the case study. It will help in the assessment of the whole incident in a wholesome manner and coming up with the best recommendations for the same. Furthermore, by assessing and reviewing various literature on the subject which relate to computer security, we shall get a proper understanding of specific areas any organization should put emphasis on in order to deal with cyberspace threats. This will intern create a secure working environment. I shall tackle the various concepts of computer security and bring into context the incident that occurred. Below are some of the concepts. i) The fundamental concepts of computer security Sutton (2017), asserts that computer security is a combination of well laid out practices, tools, set standards, written policies and strategies that need to be taken to reduce, prevent or eliminate cyber threats. Cyber threats as referred to here points to threats to intellectual property, identity theft, fraudulent activities, cyber terrorism and espionage. This includes other external and internal aspects as far as technology is concerned. To tackle these, further emphasis is put on the following aspects of computer security: - A) The categories of cyber threats to computer and information security 4 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
  • 6. According to Sutton (2017), the impact of cyber related crimes can be tackled inform of grouping where each threat is put where it fits. That is to say - General crime: are crimes not very specific to a particular aspect. e.g crimes related to loss of intellectual property falls in this category. Such crimes could lead to the loss of value of the compromised information. - Cyber stalking: is another form of crime which involves unsolicited online advances on people without their consent or bullying them online. This can be grouped as cyber harassment. - Cyber terrorism and espionage: - This is a form of cybercrime where a nation uses cyber space to compromise another country’s national security. Last but not least, the above-mentioned are just a few which relate to the case Study. Other cyber threats exist such us information stealing which is prevalent in the case study. B) What are the realms of cyber security The field of cyber security is divided into several groups that makes it easier for companies to make informed choices on which component best fits their security needs when building cyber security infrastructure and systems. The categories include applications and data security, forensic analysis and software development security. Accordingly, these components shade light on the things that should be given priority in order to prevent data from breach. The other component components such as network and application security play a big role in terms of software integrity and putting up a top-notch control for organizations and consumers of available services. In addition, to ensure all evidence associated with cyber breaches are well kept, forensic analysis is key as part of incident response. Finally, organizations must ensure there is a written incident response plan, disaster recovery plan and business continuity plan to act as guides in the event of a data breach. C) The concept of confidentiality, integrity and availability: The CIA Triad The domicile of information security is built on these core principles. They are commonly referred as CIA triad. The architecture of cyber security heavily relies on these principles and every company must work withing the framework of these three in order to achieve its goals of computer and information security. Confidentiality asserts that all data should and must be kept out of access must require authorization. It emphasizes data classification to ensure it doesn’t end up in the hands of unauthorized individuals. A water-tight security policy that ensures confidentiality must be formulated to ensure no data is accessed by unauthorized persons. 5 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
  • 7. There is also the concept of data integrity which is a component of CIA. This principle points to the fact data must be accurate at rest, during transfer and eventually when it reaches its destination it must remain the same. This ensures reliability and builds trust in information and that all transactions involving this information must be accurate and reliable. Finally, availability is a principle of the CIA triad that asserts that apart from ensuring that information is confidential and has integrity, its availability to those who rightfully need it is key. The information should be accessible to stake holders with access rights to whatever information they need in order to run their organizations effectively. In a nutshell, trust and reputation of computer systems must be priority for all organizations. ii) The concept and use of cryptography Cryptography by definition is technique used to protect information and communication using codes, such that only those who are authorized to it cab read and process it. Modern cryptography concerns itself with the four major objectives of information security. These objectives are confidentiality, integrity, non-repudiation and authentication. The process of cryptography forms the foundation of cyber security in this modern age. Furthermore, cryptography employs the technique of encryption which is the process of converting information to unreadable cipher text and decryption which is the reverse of encryption. The process of encryption and decryption has revolutionized cyber security and have made it possible for organizations to store information in a more secure form making it difficult for third parties or malicious people to comprehend the content of the information, stored or being transmitted. To further enrich this concept, substitution and transposition ciphers came into play. The algorithm used by substitution cipher for example, allows parties to swap text information into unique and discrete formats acceptable to the parties involved. This method was put to use by ceaser cipher and Vigenère cipher to transmit information between themselves. In this cipher the position and identity of text changes. The substitution method was enriched and reinvented into a more developed and effective transposition ciphers. To encrypt text on the kali linux, gpg command is used i.e $ sudo gpg –full-generate-key iii) The concept of Identity, authentication, and access control In this modern day and era, cyber-attacks have become more frequent than before. To tackle this adequately and prevent intrusion or breaches similar to that of eBay, it is crucial and mandatory to get a good understanding of the methods used to verify the identity of individuals in an organization. There are three know authentication mechanisms that can be used to identify and issue authorization to users. There are namely: - 6 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
  • 8. - Knowledge based authentication where access to systems is hinged on what the user knows eg password or PIN - Ownership based authentication where access to systems is hinged on what the user has or posses as proof e.g RFID card, tokens - Inherent based authentication where access to systems is based on what the user is. Eg biometrics like finger print, face or Iris. Identity management which is also referred to as Identity and access management (IAM) refers to the overarching discipline used to verify a user’s identity and his/her access level to a particular system. In that context, authentication and access control, regulates user’s access level to a given system, thus playing a vital role in securing user data. To further discuss these concepts, threat actors are known to always exploit and utilize every level of access they can gain and thus it’s important to ensure that access levels and restrictions are put in place and reinforced by a written security policy. Identity, trust and reputation are key considerations for every organization before admitting a user into internal networks. To achieve that crucial goal, organizations must build systems that ensure users validate their credentials every time they need to access the systems or network. It’s the duty of the organization to ensure user information is secure and work towards maintain a level of trust from the users of the systems. Therefore, the crucial process of validating user information before accessing the system or network resources is called authentication. This process can be said in layman’s language as “separating the wheat from the chuff”. It ensures that only legitimate users have access to system and network resources. Another widely used concept under authentication is the use of multifactor authentication rather than rather than single intrinsic factor method for users. Multifactor authentication requires a user to further prove his/her identity even after entering correct credentials. Eg a verification code is sent to user’s email or phone number saved in the system. The user will then be required to enter the code for access to be granted. This two-factor method has proven to be effective and organizations must adopt this method to achieve some maximum level of security to their information and network assets. Furthermore, this method can be coupled with other authentication mechanisms like inherent based which in turn provide solid security to information. In a nutshell, the three authentication mechanisms if used correctly will help organizations achieve its goal of information security. User training on this authentication mechanisms is also required if organizations want to achieve their goal of information security as it will be a waste of time to introduce them to an untrained staff who may not take it seriously. Lastly, to further boost the authentication mechanism employed, access control methods to augment them is vital. Access control methods limits users and devices privileges to access organization’s systems and network resources. There are various access control methods as below:- 7 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
  • 9. a) Discretionary access control- in this type of control, only the owner of the resource can allow other users access to it. i.e, its at his disposal to allow or disallow other users from accessing a particular object. b) Role based access control (RBAC). This type of access control asserts that each user or subject is given access to an object based on their roles in the organization. Eg a loan officer can only have access to loan related information. c) Mandatory access control (MAC). This type of access control demands that information is classified and access to it requires some form of authentication. Finally, other predefined access control mechanisms can be employed to add on those mentioned to ensure information is secure and no unauthorized access is permitted. iv) The use of Encryption, digital signatures and digital certificates These components are employed in technology to allow encryption and decryption of data. They form the cornerstone for carrying out cryptography. There are two known encryption key techniques. These are symmetric and asymmetric keys encryption. Majority of the encryption methods apply these two techniques. Symmetric encryption is a type of encryption where one key is utilized in the process of encryption and decryption of data. This principle guarantees that the speed of encrypting and decrypting data is high and efficient for any organization that uses it. The advantage of symmetric encryption is it can handle big volumes of data at a go. The presence of a key ensures confidentiality of the data being transmitted. Asymmetric encryption on the other hand, embrace the use of two keys the encryption process. A key pair one for encrypting and the other for decrypting are used unlike the case in symmetric encryption. Asymmetric encryption requires the public and the private key. The two key requirement mechanism ensures safety in compromised environments in case of attacks. Data encryption algorithms available in this modern day for the benefit of this case study are the standard encryption standards and advanced encryption standards. Asymmetric algorithms for example include Rivest shammer Adelman (RSA) and MD4 also referred to as message digest. v) Incorporation of intrusion, detection and prevention measures in information security In every attack environment, there must be a corresponding defense measures put in place by organizations to thwart such attacks. Cyber threats are real and any company can be attacked without notice, thus organizations must have mechanisms and policies to help them defend themselves against attacks. Installations of systems to monitor and prevent attacks must be a priority. 8 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
  • 10. These measures can be achieved by ensuring that the IT team of the organization have enough training and experience to identify and deal with threats. In addition, a proper understanding of threat models i.e STRIDE AND DREAD goes a long way in achieving security goals. They must also have a proper understanding of the cyber kill chain and how to break the chain incase of an attack. A well-documented information on previous attacks and threats helps as it forms the cyber threat intelligence (CTI) mechanism when threats are identified as the indicators of compromise (IOCs) are already documented from previous attack. Constant vulnerability scans on internal systems and networks coupled with staff training on information security will help avert attacks. vi) The concept of network security, malware and viruses. In many ways the network acts as the information pathway and data transmission relies on network infrastructure from place of origin to its final destination. In this context, network security is an essential component of cyber security. Network connectivity and data transportation is divided into layers known as the OSI model. Data transmission goes through layers from initiation, transmission to its final destination. These layers can be exploited my threat actors in case they have vulnerabilities. Therefore, securing this layer is vital to ensure data is secure at all stages of transmission and delivery. In addition, there are significant examples to justify network security importance. DNS exploits can be used to exploit DNS via insecure networks, bringing into the fore the importance of understanding the OSI model and how it plays a role in data transmission. As a matter of fact, each layer of the OSI model carries vulnerabilities from the presentation layer to the physical layer. Most attacks are normally executed at the network layers and transportation layers, hence the presence of encryption protocols like transport layer security (TLS) to provide security at the transport layer. Harmful and malicious programs can be sent over insecure networks causing harm to systems and information. Malware stands for malicious software. In figure 1 below is the summary of OSI model and the kind of attacks on each layer. 9 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
  • 11. Figure 1 The OSI model and attack examples (Manninen,2018) Network vulnerability tools such as tcp dump and Nmap can be used to check network vulnerabilities and have them fixed eg $ sudo tcpdump on Kali linux Terminal. For packet sniffing $ sudo nmap scanme.nmap.org to scan for open ports Incident overview The e-commerce giant e-Bay Inc is an American company in the United States in San Jose, California. It facilitates the process of consumer-to-consumer sales through an online platform. The Washington post published a report on attack on the online shopping platform of eBay which occurred between February and March 2014. The attack went on undetected for a whole month. The threat actors got access to user credentials and used them gain access to the internal systems of eBay and carry out their malicious activities. This resulted in exploitation of 145 million user accounts as per the report. Discussion and analysis of the attack The actions of the threat actors who illegally gained access to user information and harvested passwords and other access credentials were well organized and quiet professional. Nonetheless, this doesn’t point to a fact that eBay protection was weak since for some time, their firewall was protected. In spite of the presence of a firewall, the threat actors managed to overcome the firewall defense and effectively committed their crime. To better explain hacker activities, Figure 2 below shows the series of events pointing to what actually happened to the internet store and the nature of threat customers had to experience. 10 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
  • 12. Figure 2. The case of eBay data theft and potential threats to customers (Codsi,2014) From figure 2, conclusions can be that customers were at serious risk as threat actors aim was to steal information and sell to companies as shown for monetary gains. The companies A and B are hypothetical since its wasn’t proven outright in the investigations. a) Possible intentions of the attack In this particular attack, the intentions and motives of the threat actors are not well established. The plausible motive of their actions could have been to undermine the authority of the company. According to El-Kenawy, El-Dosky and Sarhan (2014), eBay is ranked as one of the largest global online stores and this could be actions of a rival online store aimed at bringing down popularity of eBay. Another plausible reason for the attack was that the attackers did and ordinary database attack just for entertainment purposes or hacktivism, thus sending a signal to the creators of eBay security team that their product has vulnerabilities and can be hacked easily. Nevertheless, their intentions notwithstanding, they succeeded to achieve what they aspired to do. They penetrated the eBay systems and made information of 145 million clients’ accounts available to unauthorized parties. b) Mode of attack used In most cyber security breachers, threat actors use different modes or methods to execute their attack. In this case, the threat actors did not use the well-known scheme of Distributed Denial of Service attack (DDOS), where the intent of the attack is to flood one site with many requests with the aim of causing its collapse. These threat actors employed a more sophisticated method. They used compromised user credentials and hacked into information field of the store’s 11 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
  • 13. database and gaining access to vital information. The only relief to users is that no critical financial data were kept in the attacked base. This means there was no monetary loss incurred by users. The most identified method was social engineering on compromised accounts of three employees. However, even though no financial losses were incurred, the reputation of the company was severely damaged. Aggarwal, Arora, et al (2014) asserted that millions of data was lost. c) Vulnerabilities exploited by threat actors In carrying out attacks, cyber criminals usually exploit various vulnerabilities that exist in any system or network of their target victim. In the case of eBay, threat actors were able the weaknesses in their network infrastructure and used it to their advantage to access and control the databases that contained user information. The vulnerabilities that were identified in this case were a cross-site scripting vulnerability and a cookie reuse. Another remote vulnerability was identified as basic standard firewalls setup by eBay easy to penetrate. To tackle the cross-site scripting vulnerability in detail, eBay’s auction site was affected by a bug which consistently caused a cross-site scripting. This anomaly created a loophole for users to add malicious codes in java-script and HTML into the company systems. The threat actors utilized this to write a script that would store user credentials whenever they visited the site. This assertion is plausible on how credentials of users were obtained. In this case both employees and customers credentials were compromised. Cookie re-use as mentioned earlier is a vulnerability plausibly exploited by the attackers. In addition, eBay site utilized cookie re-use which permits its systems to allow alike or similar text files holding cookie data to be re-utilized. This method enhances data harvesting as the threat actors’ systems ate able to listen and collection valuable information. The presence of a standard firewall was also cited as a vulnerability d) Response by eBay to counter the attack For every attack, follows a response otherwise known as incident response. eBay responded to the attack to reduce the impact of the attack though late by informing their members to change their passwords. The Cyber security team went ahead and put in place access control measures to their existing infrastructure which is essential to the functioning of their online business. In addition, vetting mechanisms were put in place which ensured only cleared employees got access to their business operations and server rooms. The remaining set of employees were locked out or denied access to servers and databases that were considered critical to the business operations. Furthermore, the firewall and its intrusion sensors were reinforced to ensure effective detection of threats, intrusion and corresponding prevention signatures for solid internal network security. To add on this measures, intrusion and prevention monitoring systems were audited to ensure user activities registered were accurate and reliable. Encryption of all databases was done to prevent threat actors from scooping more information. They released a report to confirm this to boost customer confidence. This was done as investigations continued. 12 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
  • 14. e) Impact of the attack on eBay The impact of the attack was quite significant. It caused leakage of confidential user credentials which included emails, names and passwords. This attack placed users at risk and this affecting the reputation of eBay as one of the largest online stores. This information found their way to black markets where they were sold at good retail price to companies dealing in metadata. In addition, this attack also caused a financial loss to customers who didn’t get the goods they ordered for. On the part of eBay, and equally financial loss of about 200 million dollars was incurred which is a loss of revenue. The major loss was actually reputational damage which meant loss confidence in the company by users which translates to future financial losses. To cap it all, the counter-measures by eBay to contain the attack made it even harder for the already frustrated users to operate on their platform. This was occasioned by the security restrictions put in place which involved stringent verification protocols. Some users left the platform because of this. On the part of investors, who had invested on this online store, financial loss was incurred as they had to pay forensics experts and IT gurus to get the systems up and running. In line with this systems upgrades had to be done to make the platform secure. This meant purchasing and replacing existing firewall and ensuring a top-notch data encryption mechanism to all data. Conclusion This attack was one of the biggest attacks in this century and in US history. This case study has put into perspective the dangers of cross-site scripting and cookie re-use to online platforms. The importance of up-to-date firewalls, intrusion and detections systems has been highlighted as key elements of data security. In addition, this information and data age demands that security of both data and systems is essential. Threat actors according to the case study got access easily because of eBay’s poorly trained employees on information security. This was escalated by lack of enough preventive mechanisms to detect intrusion. This clearly points to the fact that if small things aren’t taken care off, they can escalate to bigger and expensive things. Recommendations Firstly, to prevent such breaches, organizations must ensure data is stored in encrypted form. This will prevent unauthorized access to information, any form of listening and interception of traffic. The process of encryption involves the use of a particular key to access particular website or system resources. The technicalities involved in the method of data security is that threat actors will not gain access to information minus having the particular secret key to decrypt the information. The encryption can be symmetric or asymmetric as highlighted in the concepts of information security in the literature review. An example to elaborate encryption is shown in figure 3 below:- 13 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
  • 15. Figure 3: The login page of eBay (WebCount ,2017) When you observe the login interface in figure 3, it is easy to identify the type of encryption used. i.e. single key or Symmetric encryption. This is used on many online platforms. We can also get to define other unique methods of how eBay IT staff would have prevented the 2014 attack. Even in encryption it is essential to adhere to proper preventive rules to prevent attack. In this case adding the stay signed on option negated the encryption method used as an attacker can exploit this vulnerability. It is also clear that eBay did not employ the use of a two-factor authentication requirement for users to verify their identity before login. The second method that would prevent such attacks from recurring is to ensure access to systems is restricted. The methods deployed to prevent unauthorized access can actually be simple if properly executed. The most important and basic goal of restriction is to reduce or eliminate completely the ability of a threat actor to have unfettered access to critical servers which avail webservices to external users. When a threat actor is prevented from accessing a port, he can’t attack it. The IT team at eBay failed to provide this complete protection in time. A centralized key management is a third method to protect information. In this concept, important factors are put into account. The sequence and flow of work must and should be in conformity with a uniquely defined algorithm and adherence a unique chain. To elaborate this order, figure 4 will be used. 14 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
  • 16. Figure 4: The system of centralized cryptographic key management (Gemalto ,2017) From figure 4, it can be noted that all objects of the database chain are actually managed by a single key element. When the central apparatus is reliably and professionally managed, the chances of attack on such a system will be minimal The fourth recommendation is proper training of employees. This encompasses written security policies for them to adhere to. The policy concept may include the principle of least privilege which avails them with bare minimum amount of permission and access rights to perform their duties. Additionally, an incident response plan that can be implemented in times of crisis or intrusion must be in place. Furthermore, the fifth point is that organizations must ensure their systems have proper security controls which was a glare vulnerability in the case study. Security measures such as the use of two factor authentication mechanism wasn’t put in place. Organizations must ensure such fundamental security measures are in place. In addition, having regular checks on organization’s systems will help detect any intrusions in time. Businesses should also ensure that systems are equipped with proper antimalware software to prevent malware attacks. In a nutshell regular system checkup must be made routine and compulsory. Accordingly, the sixth recommendation is that organization’s IT team must ensure that the first layer of security is applied. The operating systems running webservers, databases, including other network services must always be up to date with security patches. In addition, most webservers typically reside in demilitarized zone, which is typically exposed to untrusted external networks where unknown web users can interact with webservers by establishing a connection enabling them to send data to the webserver thus making it vulnerable to attacks. 15 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
  • 17. When the webserver and database server are installed in the demilitarized zones zone, then chances of hackers gaining access to the databases is high. Therefore, separating servers with different roles is crucial i.e webserver and database server should be separated. This will improve the security of an organization’s web farm and limits the extent of damage in case of an attack. The principle of least privilege is another security concept that should be adopted by IT professionals working in organizations. This simply means that the webserver should have the least possible privilege to access databases. In addition, it should not be granted administrative rights to invoke changes to the databases structure e.g the drop table. This will go along way in limiting the damage in case servers are compromised by an attack. Limiting remote access is also another security concept that should be adopted by organizations to protect all their server in the web farm. This means that webservers and database servers should only be accessed locally from local area networks; admin interfaces must not be accessed from the internet. Therefore, if remote access id unavoidable, a well-documented handful number of IP addresses can be granted access to these administrative interfaces. This can be achieved using whitelisting from the firewall. The other method remote access can be secure is by employing the use of cryptographically secure mechanisms such as SSH or use virtual private network. In a nutshell there are many security measures that can be employed by organizations to protect their systems and other internal assets. REFERENCES 1. Aggarwal, P., Arora, P., & Ghai, R. (2014). Review on cybercrime and security. International Journal of Research in Engineering and Applied Sciences, 2(1), 48-51. 2. The case of eBay data theft and potential threat to customers [Image]. (2014). Web. 3. The damage that the Heartbleed bug caused [Image]. (2014). Web. 16 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381
  • 18. 4. Gujrathi, S. (2014). Heartbleed bug: An OpenSSL heartbeat vulnerability. International Journal of Computer Science and Engineering, 2(5), 61-64. 5. El-Kenawy, E. S. M. T., El-Desoky, A. I., & Sarhan, A. M. (2014). Bidder strategy system for online auctions trust measurement. International Journal of Computer Science Issues (IJCSI), 11(5), 76-82. 6. How hackers hack PayPal account in 2017 – Hack PayPal. (2017). Web. 7. The login page of eBay [Image]. (2017). Web. 8. Meyer, C. (2017). Submitted to the Department of technology systems. Web. The system of centralized cryptographic key management [Image]. Web. 9. Sahib, S. (2015) Cyber terrorism: Policy and technical perspective. Melaka: Penerbit University Teknikal Melaysia Melaka. 10. Andrade, R. et al. (2021) “Extending a trust model for energy trading with cyber-attack detection,” Electronics, 10(16), p. 1975. 11. Butler, R. (2007) “A framework of anti‐phishing measures aimed at protecting the online consumer’s identity,” Electronic library, 25(5), pp. 517–533. 12. Byrne, D. J. (2015) “Cyber-attack methods, why they work on us, and what to do,” in AIAA SPACE 2015 Conference and Exposition. Reston, Virginia: American Institute of Aeronautics and Astronautics. 17 Downloaded by kemar frank (revolute.p@gmail.com) lOMoARcPSD|1449381