SlideShare a Scribd company logo

NT2580 Week 1 Understanding IT Infrastructure Security An.docx

Download as DOCX, PDF
H
henrymartin15260

NT2580: Week 1 Understanding IT Infrastructure Security Analysis 1.1 Case Study 1 In March 2010, 28 year-old Albert Gonzalez was sentenced to 20 years in federal prison for breaching security measures at several well-known retailers and stealing millions of credit card numbers, which he then resold across a variety of shadow “carding” Web sites. Using a fairly simple packet sniffer, Gonzalez was able to steal payment card transaction data in real time, which he then parked on blind servers in places such as Latvia and Ukraine—countries formerly part of the Soviet Union. Gonzalez named his activities “Operation Get Rich or Die Tryin'” and lived a lavish lifestyle by selling stolen credit card information. He was eventually tracked down by the U.S. Secret Service, which was investigating the stolen card ring. Operation Get Rich or Die Tryin' took place for more than two years and cost major retailers, such as TJX, OfficeMax, Barnes & Noble, Heartland, and Hannaford, more than $200 million in losses and recovery costs. It is the largest computer crime case ever prosecuted. At first glance, Operation Get Rich or Die Tryin' seems to be an open-and-shut case. A hacker commits a series of cybercrimes, is caught, and is successfully prosecuted. Fault and blame are assigned to the cybercriminal, and justice is served for the corporations and the millions of people whose credit card information was compromised. Unless you ask the shareholders, banking partners, and some customers of TJX, who filed a series of class- action lawsuits against the company claiming that the “high-level deficiencies” in its security practices make it at least partially responsible for the damages caused by Albert Gonzalez and his accomplices. The lawsuits point out, for example, that the packet sniffer Gonzalez attached to the TJX network went unnoticed for more than seven months. Court documents also indicate that TJX failed to notice more than 80 GB of stored data being transferred from its servers using TJX’s own high-speed network. Finally, an audit performed by TJX’s payment-card processing partners found that it was noncompliant with 9 of the 12 requirements for secure payment card transactions. TJX’s core information security policies were found to be so ineffective that the judge presiding over sentencing hearing of Gonzalez reviewed them to determine whether TJX’s damages claim against him of $171 million is valid. Apart from lawsuits, TJX faced a serious backlash from customers and the media when the details of the scope of the breaches trickled out. Customers reacted angrily when they learned that nearly six weeks had passed between the discovery of the breach and its notification to the public. News organizations ran headline stories that painted a picture of TJX as a clueless and uncaring company. Consumer organizations openly warned people not to shop at TJX stores. TJX’s reputation and brand.

Education
1 of 4
NT2580: Week 1 Understanding IT Infrastructure Security Analysis 1.1 Case Study 1 In March 2010, 28 year-old Albert Gonzalez was sentenced to 20 years in federal prison for breaching security measures at several well-known retailers and stealing millions of credit card numbers, which he then resold across a variety of shadow “carding” Web sites. Using a fairly simple packet sniffer, Gonzalez was able to steal payment card transaction data in real time, which he then parked on blind servers in places such as Latvia and Ukraine—countries formerly part of the Soviet Union. Gonzalez named his activities “Operation Get Rich or Die Tryin'” and lived a lavish lifestyle by selling stolen credit card information. He was eventually tracked down by the U.S. Secret Service, which was investigating the stolen card ring. Operation Get Rich or Die Tryin' took place for more than two years and cost major retailers, such as TJX, OfficeMax, Barnes &
Noble, Heartland, and Hannaford, more than $200 million in losses and recovery costs. It is the largest computer crime case ever prosecuted. At first glance, Operation Get Rich or Die Tryin' seems to be an open-and-shut case. A hacker commits a series of cybercrimes, is caught, and is successfully prosecuted. Fault and blame are assigned to the cybercriminal, and justice is served for the corporations and the millions of people whose credit card information was compromised. Unless you ask the shareholders, banking partners, and some customers of TJX, who filed a series of class- action lawsuits against the company claiming that the “high- level deficiencies” in its security practices make it at least partially responsible for the damages caused by Albert Gonzalez and his accomplices. The lawsuits point out, for example, that the packet sniffer Gonzalez attached to the TJX network went unnoticed for more than seven months. Court documents also indicate that TJX failed to notice more than 80 GB of stored data being transferred from its servers using TJX’s own high-speed network. Finally, an audit performed by TJX’s
payment-card processing partners found that it was noncompliant with 9 of the 12 requirements for secure payment card transactions. TJX’s core information security policies were found to be so ineffective that the judge presiding over sentencing hearing of Gonzalez reviewed them to determine whether TJX’s damages claim against him of $171 million is valid. Apart from lawsuits, TJX faced a serious backlash from customers and the media when the details of the scope of the breaches trickled out. Customers reacted angrily when they learned that nearly six weeks had passed between the discovery of the breach and its notification to the public. News organizations ran headline stories that painted a picture of TJX as a clueless and uncaring company. Consumer organizations openly warned people not to shop at TJX stores. TJX’s reputation and brand image was shattered in the wake of Operation Get Rich or Die Tryin', and only a small portion of the damage was actually Albert Gonzalez’s fault. NT2580: Week 1 Understanding IT Infrastructure Security
Analysis 1.1 Case Study 2 The real lesson of Operation Get Rich or Die Tryin' may not be the crime itself, but how a lackluster security policy was chiefly responsible for it happening in the first place. Source: David, K., & Solomon, M. G. (2010). Fundamentals of information systems security (1st ed.). Sudbury, MA: Jones & Bartlett

Recommended

TEACHING CASETargeting Target with a 100 million dollar da.docx
TEACHING CASETargeting Target with a 100 million dollar da.docxTEACHING CASETargeting Target with a 100 million dollar da.docx
TEACHING CASETargeting Target with a 100 million dollar da.docxdeanmtaylor1545
 
TEACHING CASETargeting Target with a 100 million dollar da.docx
TEACHING CASETargeting Target with a 100 million dollar da.docxTEACHING CASETargeting Target with a 100 million dollar da.docx
TEACHING CASETargeting Target with a 100 million dollar da.docxbradburgess22840
 
TEACHING CASETargeting Target with a 100 million dollar da.docx
TEACHING CASETargeting Target with a 100 million dollar da.docxTEACHING CASETargeting Target with a 100 million dollar da.docx
TEACHING CASETargeting Target with a 100 million dollar da.docxerlindaw
 
Where is the blockchain capital of the US?
Where is the blockchain capital of the US?Where is the blockchain capital of the US?
Where is the blockchain capital of the US?Vladislav Solodkiy
 
TJX Attack
TJX AttackTJX Attack
TJX Attackjoevest
 
Case in PointInaction Caused Costly Hacking At Large Retailer.docx
Case in PointInaction Caused Costly Hacking At Large Retailer.docxCase in PointInaction Caused Costly Hacking At Large Retailer.docx
Case in PointInaction Caused Costly Hacking At Large Retailer.docxcowinhelen
 
Bitcoin Loses a Highly Valued Asset—Anonymity - WSJ.pdf
Bitcoin Loses a Highly Valued Asset—Anonymity - WSJ.pdfBitcoin Loses a Highly Valued Asset—Anonymity - WSJ.pdf
Bitcoin Loses a Highly Valued Asset—Anonymity - WSJ.pdfeymisc
 
IDT Red Flags White Paper By Wrf
IDT Red Flags White Paper By WrfIDT Red Flags White Paper By Wrf
IDT Red Flags White Paper By WrfBucacci Business Solutions
 

Recommended

TEACHING CASETargeting Target with a 100 million dollar da.docx
TEACHING CASETargeting Target with a 100 million dollar da.docxTEACHING CASETargeting Target with a 100 million dollar da.docx
TEACHING CASETargeting Target with a 100 million dollar da.docxdeanmtaylor1545
 
TEACHING CASETargeting Target with a 100 million dollar da.docx
TEACHING CASETargeting Target with a 100 million dollar da.docxTEACHING CASETargeting Target with a 100 million dollar da.docx
TEACHING CASETargeting Target with a 100 million dollar da.docxbradburgess22840
 
TEACHING CASETargeting Target with a 100 million dollar da.docx
TEACHING CASETargeting Target with a 100 million dollar da.docxTEACHING CASETargeting Target with a 100 million dollar da.docx
TEACHING CASETargeting Target with a 100 million dollar da.docxerlindaw
 
Where is the blockchain capital of the US?
Where is the blockchain capital of the US?Where is the blockchain capital of the US?
Where is the blockchain capital of the US?Vladislav Solodkiy
 
TJX Attack
TJX AttackTJX Attack
TJX Attackjoevest
 
Case in PointInaction Caused Costly Hacking At Large Retailer.docx
Case in PointInaction Caused Costly Hacking At Large Retailer.docxCase in PointInaction Caused Costly Hacking At Large Retailer.docx
Case in PointInaction Caused Costly Hacking At Large Retailer.docxcowinhelen
 
Bitcoin Loses a Highly Valued Asset—Anonymity - WSJ.pdf
Bitcoin Loses a Highly Valued Asset—Anonymity - WSJ.pdfBitcoin Loses a Highly Valued Asset—Anonymity - WSJ.pdf
Bitcoin Loses a Highly Valued Asset—Anonymity - WSJ.pdfeymisc
 
IDT Red Flags White Paper By Wrf
IDT Red Flags White Paper By WrfIDT Red Flags White Paper By Wrf
IDT Red Flags White Paper By WrfBucacci Business Solutions
 
InstructionsBased on the theories you have learnt, write a two-
InstructionsBased on the theories you have learnt, write a two-InstructionsBased on the theories you have learnt, write a two-
InstructionsBased on the theories you have learnt, write a two-cooperapleh
 
Biden Warning to Bitcoin
Biden Warning to BitcoinBiden Warning to Bitcoin
Biden Warning to BitcoinInvestingTips
 
Can cloud computing survive the NSA disclosures
Can cloud computing survive the NSA disclosuresCan cloud computing survive the NSA disclosures
Can cloud computing survive the NSA disclosuresJason Fernandes
 
Nokia LTA Web 20 Legal Issues
Nokia LTA Web 20 Legal IssuesNokia LTA Web 20 Legal Issues
Nokia LTA Web 20 Legal IssuesJoel A. Gómez Treviño
 
10 of the Top Data Breaches of the Decade
10 of the Top Data Breaches of the Decade10 of the Top Data Breaches of the Decade
10 of the Top Data Breaches of the Decadestudentinternetdeals33
 
CyberSecurityBook[Final]
CyberSecurityBook[Final]CyberSecurityBook[Final]
CyberSecurityBook[Final]Lucy Kitchin
 
The Haiti File by Mary O'Grady
The Haiti File by Mary O'GradyThe Haiti File by Mary O'Grady
The Haiti File by Mary O'GradyStanleylucas
 
BITCOIN IS MONEY, RULES NEW YORK FEDERAL JUDGE
BITCOIN IS MONEY, RULES NEW YORK FEDERAL JUDGEBITCOIN IS MONEY, RULES NEW YORK FEDERAL JUDGE
BITCOIN IS MONEY, RULES NEW YORK FEDERAL JUDGESteven Rhyner
 
Business Ethics: The impact of technology
Business Ethics: The impact of technologyBusiness Ethics: The impact of technology
Business Ethics: The impact of technologyRakesh Mehta
 
www.pwc.comgsiss2015Managing cyber risks in an intercon.docx
www.pwc.comgsiss2015Managing cyber risks in an intercon.docxwww.pwc.comgsiss2015Managing cyber risks in an intercon.docx
www.pwc.comgsiss2015Managing cyber risks in an intercon.docxericbrooks84875
 
Transnational anti-corruption law March 2014_NYU Colloquium (2)
Transnational anti-corruption law March 2014_NYU Colloquium (2)Transnational anti-corruption law March 2014_NYU Colloquium (2)
Transnational anti-corruption law March 2014_NYU Colloquium (2)Bruno Paschoal
 
A Strategist's Guide to Blockchain
A Strategist's Guide to BlockchainA Strategist's Guide to Blockchain
A Strategist's Guide to BlockchainStrategy&, a member of the PwC network
 
Privacy in the Information Age [Q3 2015 version]
Privacy in the Information Age [Q3 2015 version]Privacy in the Information Age [Q3 2015 version]
Privacy in the Information Age [Q3 2015 version]Jordan Peacock
 
Privacy in the Information Age
Privacy in the Information AgePrivacy in the Information Age
Privacy in the Information AgeJordan Peacock
 
National Consumers League 2013 State of ID Theft Report
National Consumers League 2013 State of ID Theft ReportNational Consumers League 2013 State of ID Theft Report
National Consumers League 2013 State of ID Theft Reportnationalconsumersleague
 
State Data Breach Laws - A National Patchwork Quilt
State Data Breach Laws - A National Patchwork QuiltState Data Breach Laws - A National Patchwork Quilt
State Data Breach Laws - A National Patchwork QuiltRochester Security Summit
 
Identity Theft * Canada
Identity Theft * CanadaIdentity Theft * Canada
Identity Theft * Canada- Mark - Fullbright
 
Rapid7 Report: Data Breaches in the Government Sector
Rapid7 Report: Data Breaches in the Government SectorRapid7 Report: Data Breaches in the Government Sector
Rapid7 Report: Data Breaches in the Government SectorRapid7
 
862018 Rubio plans national crackdown on real estate money l.docx
862018 Rubio plans national crackdown on real estate money l.docx862018 Rubio plans national crackdown on real estate money l.docx
862018 Rubio plans national crackdown on real estate money l.docxsleeperharwell
 
Are Your Crypto Tokens Securities?
Are Your Crypto Tokens Securities?Are Your Crypto Tokens Securities?
Are Your Crypto Tokens Securities?InvestingTips
 
NTC362 Week 3OSI Model, Switching Systems, Network Channel Pr.docx
NTC362 Week 3OSI Model, Switching Systems, Network Channel Pr.docxNTC362 Week 3OSI Model, Switching Systems, Network Channel Pr.docx
NTC362 Week 3OSI Model, Switching Systems, Network Channel Pr.docxhenrymartin15260
 
NT2580 Week 4 Hardening a NetworkAnalysis 4.2Availability, In.docx
NT2580 Week 4 Hardening a NetworkAnalysis 4.2Availability, In.docxNT2580 Week 4 Hardening a NetworkAnalysis 4.2Availability, In.docx
NT2580 Week 4 Hardening a NetworkAnalysis 4.2Availability, In.docxhenrymartin15260
 

More Related Content

Similar to NT2580 Week 1 Understanding IT Infrastructure Security An.docx

InstructionsBased on the theories you have learnt, write a two-
InstructionsBased on the theories you have learnt, write a two-InstructionsBased on the theories you have learnt, write a two-
InstructionsBased on the theories you have learnt, write a two-cooperapleh
 
Biden Warning to Bitcoin
Biden Warning to BitcoinBiden Warning to Bitcoin
Biden Warning to BitcoinInvestingTips
 
Can cloud computing survive the NSA disclosures
Can cloud computing survive the NSA disclosuresCan cloud computing survive the NSA disclosures
Can cloud computing survive the NSA disclosuresJason Fernandes
 
10 of the Top Data Breaches of the Decade
10 of the Top Data Breaches of the Decade10 of the Top Data Breaches of the Decade
10 of the Top Data Breaches of the Decadestudentinternetdeals33
 
CyberSecurityBook[Final]
CyberSecurityBook[Final]CyberSecurityBook[Final]
CyberSecurityBook[Final]Lucy Kitchin
 
The Haiti File by Mary O'Grady
The Haiti File by Mary O'GradyThe Haiti File by Mary O'Grady
The Haiti File by Mary O'GradyStanleylucas
 
BITCOIN IS MONEY, RULES NEW YORK FEDERAL JUDGE
BITCOIN IS MONEY, RULES NEW YORK FEDERAL JUDGEBITCOIN IS MONEY, RULES NEW YORK FEDERAL JUDGE
BITCOIN IS MONEY, RULES NEW YORK FEDERAL JUDGESteven Rhyner
 
Business Ethics: The impact of technology
Business Ethics: The impact of technologyBusiness Ethics: The impact of technology
Business Ethics: The impact of technologyRakesh Mehta
 
www.pwc.comgsiss2015Managing cyber risks in an intercon.docx
www.pwc.comgsiss2015Managing cyber risks in an intercon.docxwww.pwc.comgsiss2015Managing cyber risks in an intercon.docx
www.pwc.comgsiss2015Managing cyber risks in an intercon.docxericbrooks84875
 
Transnational anti-corruption law March 2014_NYU Colloquium (2)
Transnational anti-corruption law March 2014_NYU Colloquium (2)Transnational anti-corruption law March 2014_NYU Colloquium (2)
Transnational anti-corruption law March 2014_NYU Colloquium (2)Bruno Paschoal
 
Privacy in the Information Age [Q3 2015 version]
Privacy in the Information Age [Q3 2015 version]Privacy in the Information Age [Q3 2015 version]
Privacy in the Information Age [Q3 2015 version]Jordan Peacock
 
Privacy in the Information Age
Privacy in the Information AgePrivacy in the Information Age
Privacy in the Information AgeJordan Peacock
 
National Consumers League 2013 State of ID Theft Report
National Consumers League 2013 State of ID Theft ReportNational Consumers League 2013 State of ID Theft Report
National Consumers League 2013 State of ID Theft Reportnationalconsumersleague
 
State Data Breach Laws - A National Patchwork Quilt
State Data Breach Laws - A National Patchwork QuiltState Data Breach Laws - A National Patchwork Quilt
State Data Breach Laws - A National Patchwork QuiltRochester Security Summit
 
Rapid7 Report: Data Breaches in the Government Sector
Rapid7 Report: Data Breaches in the Government SectorRapid7 Report: Data Breaches in the Government Sector
Rapid7 Report: Data Breaches in the Government SectorRapid7
 
862018 Rubio plans national crackdown on real estate money l.docx
862018 Rubio plans national crackdown on real estate money l.docx862018 Rubio plans national crackdown on real estate money l.docx
862018 Rubio plans national crackdown on real estate money l.docxsleeperharwell
 
Are Your Crypto Tokens Securities?
Are Your Crypto Tokens Securities?Are Your Crypto Tokens Securities?
Are Your Crypto Tokens Securities?InvestingTips
 

Similar to NT2580 Week 1 Understanding IT Infrastructure Security An.docx (20)

InstructionsBased on the theories you have learnt, write a two-
InstructionsBased on the theories you have learnt, write a two-InstructionsBased on the theories you have learnt, write a two-
InstructionsBased on the theories you have learnt, write a two-
 
Biden Warning to Bitcoin
Biden Warning to BitcoinBiden Warning to Bitcoin
Biden Warning to Bitcoin
 
Can cloud computing survive the NSA disclosures
Can cloud computing survive the NSA disclosuresCan cloud computing survive the NSA disclosures
Can cloud computing survive the NSA disclosures
 
Nokia LTA Web 20 Legal Issues
Nokia LTA Web 20 Legal IssuesNokia LTA Web 20 Legal Issues
Nokia LTA Web 20 Legal Issues
 
10 of the Top Data Breaches of the Decade
10 of the Top Data Breaches of the Decade10 of the Top Data Breaches of the Decade
10 of the Top Data Breaches of the Decade
 
CyberSecurityBook[Final]
CyberSecurityBook[Final]CyberSecurityBook[Final]
CyberSecurityBook[Final]
 
The Haiti File by Mary O'Grady
The Haiti File by Mary O'GradyThe Haiti File by Mary O'Grady
The Haiti File by Mary O'Grady
 
BITCOIN IS MONEY, RULES NEW YORK FEDERAL JUDGE
BITCOIN IS MONEY, RULES NEW YORK FEDERAL JUDGEBITCOIN IS MONEY, RULES NEW YORK FEDERAL JUDGE
BITCOIN IS MONEY, RULES NEW YORK FEDERAL JUDGE
 
Business Ethics: The impact of technology
Business Ethics: The impact of technologyBusiness Ethics: The impact of technology
Business Ethics: The impact of technology
 
www.pwc.comgsiss2015Managing cyber risks in an intercon.docx
www.pwc.comgsiss2015Managing cyber risks in an intercon.docxwww.pwc.comgsiss2015Managing cyber risks in an intercon.docx
www.pwc.comgsiss2015Managing cyber risks in an intercon.docx
 
Transnational anti-corruption law March 2014_NYU Colloquium (2)
Transnational anti-corruption law March 2014_NYU Colloquium (2)Transnational anti-corruption law March 2014_NYU Colloquium (2)
Transnational anti-corruption law March 2014_NYU Colloquium (2)
 
A Strategist's Guide to Blockchain
A Strategist's Guide to BlockchainA Strategist's Guide to Blockchain
A Strategist's Guide to Blockchain
 
Privacy in the Information Age [Q3 2015 version]
Privacy in the Information Age [Q3 2015 version]Privacy in the Information Age [Q3 2015 version]
Privacy in the Information Age [Q3 2015 version]
 
Privacy in the Information Age
Privacy in the Information AgePrivacy in the Information Age
Privacy in the Information Age
 
National Consumers League 2013 State of ID Theft Report
National Consumers League 2013 State of ID Theft ReportNational Consumers League 2013 State of ID Theft Report
National Consumers League 2013 State of ID Theft Report
 
State Data Breach Laws - A National Patchwork Quilt
State Data Breach Laws - A National Patchwork QuiltState Data Breach Laws - A National Patchwork Quilt
State Data Breach Laws - A National Patchwork Quilt
 
Identity Theft * Canada
Identity Theft * CanadaIdentity Theft * Canada
Identity Theft * Canada
 
Rapid7 Report: Data Breaches in the Government Sector
Rapid7 Report: Data Breaches in the Government SectorRapid7 Report: Data Breaches in the Government Sector
Rapid7 Report: Data Breaches in the Government Sector
 
862018 Rubio plans national crackdown on real estate money l.docx
862018 Rubio plans national crackdown on real estate money l.docx862018 Rubio plans national crackdown on real estate money l.docx
862018 Rubio plans national crackdown on real estate money l.docx
 
Are Your Crypto Tokens Securities?
Are Your Crypto Tokens Securities?Are Your Crypto Tokens Securities?
Are Your Crypto Tokens Securities?
 

More from henrymartin15260

NTC362 Week 3OSI Model, Switching Systems, Network Channel Pr.docx
NTC362 Week 3OSI Model, Switching Systems, Network Channel Pr.docxNTC362 Week 3OSI Model, Switching Systems, Network Channel Pr.docx
NTC362 Week 3OSI Model, Switching Systems, Network Channel Pr.docxhenrymartin15260
 
NT2580 Week 4 Hardening a NetworkAnalysis 4.2Availability, In.docx
NT2580 Week 4 Hardening a NetworkAnalysis 4.2Availability, In.docxNT2580 Week 4 Hardening a NetworkAnalysis 4.2Availability, In.docx
NT2580 Week 4 Hardening a NetworkAnalysis 4.2Availability, In.docxhenrymartin15260
 
NTNU, May 2009 ntnu.nocbm 1 LEARNING AND MEMORY .docx
NTNU, May 2009 ntnu.nocbm 1 LEARNING AND MEMORY .docxNTNU, May 2009 ntnu.nocbm 1 LEARNING AND MEMORY .docx
NTNU, May 2009 ntnu.nocbm 1 LEARNING AND MEMORY .docxhenrymartin15260
 
nowHow to be Army StrongI was 18 years old when I saw my fa.docx
nowHow to be Army StrongI was 18 years old when I saw my fa.docxnowHow to be Army StrongI was 18 years old when I saw my fa.docx
nowHow to be Army StrongI was 18 years old when I saw my fa.docxhenrymartin15260
 
NR-351 Transitions in Professional NursingWebsite Evaluation T.docx
NR-351 Transitions in Professional NursingWebsite Evaluation T.docxNR-351 Transitions in Professional NursingWebsite Evaluation T.docx
NR-351 Transitions in Professional NursingWebsite Evaluation T.docxhenrymartin15260
 
Ntc 362 Week 2, Integrative Network Design Project , Part 1By Alucar.docx
Ntc 362 Week 2, Integrative Network Design Project , Part 1By Alucar.docxNtc 362 Week 2, Integrative Network Design Project , Part 1By Alucar.docx
Ntc 362 Week 2, Integrative Network Design Project , Part 1By Alucar.docxhenrymartin15260
 
NTHEMIND OF GREATCOMPANIESBy Scott BlanchardThe.docx
NTHEMIND OF GREATCOMPANIESBy Scott BlanchardThe.docxNTHEMIND OF GREATCOMPANIESBy Scott BlanchardThe.docx
NTHEMIND OF GREATCOMPANIESBy Scott BlanchardThe.docxhenrymartin15260
 
nR E E 693 5T o c o m p l e t e th i s e x a m y o u n.docx
nR E E 693 5T o c o m p l e t e th i s e x a m y o u n.docxnR E E 693 5T o c o m p l e t e th i s e x a m y o u n.docx
nR E E 693 5T o c o m p l e t e th i s e x a m y o u n.docxhenrymartin15260
 
NSG6001 Advanced Practice Nursing I Page 1 of 5 © 2007 S.docx
NSG6001 Advanced Practice Nursing I Page 1 of 5 © 2007 S.docxNSG6001 Advanced Practice Nursing I Page 1 of 5 © 2007 S.docx
NSG6001 Advanced Practice Nursing I Page 1 of 5 © 2007 S.docxhenrymartin15260
 
NR360 We Can But Dare We.docx Revised 5 ‐ 9 .docx
NR360 We Can But Dare We.docx Revised 5 ‐ 9 .docxNR360 We Can But Dare We.docx Revised 5 ‐ 9 .docx
NR360 We Can But Dare We.docx Revised 5 ‐ 9 .docxhenrymartin15260
 
ns;,eilrlt.lnterviewing is one HR function.docx
ns;,eilrlt.lnterviewing is one HR function.docxns;,eilrlt.lnterviewing is one HR function.docx
ns;,eilrlt.lnterviewing is one HR function.docxhenrymartin15260
 
NR443 Guidelines for Caring for PopulationsMilestone 2 As.docx
NR443 Guidelines for Caring for PopulationsMilestone 2 As.docxNR443 Guidelines for Caring for PopulationsMilestone 2 As.docx
NR443 Guidelines for Caring for PopulationsMilestone 2 As.docxhenrymartin15260
 
NRB Dec’99 1WHITHER THE EMERGENCY MANAGER 1Neil R Bri.docx
NRB Dec’99 1WHITHER THE EMERGENCY MANAGER 1Neil R Bri.docxNRB Dec’99 1WHITHER THE EMERGENCY MANAGER 1Neil R Bri.docx
NRB Dec’99 1WHITHER THE EMERGENCY MANAGER 1Neil R Bri.docxhenrymartin15260
 
Now, its time to create that treasure map to hide the treasur.docx
Now, its time to create that treasure map to hide the treasur.docxNow, its time to create that treasure map to hide the treasur.docx
Now, its time to create that treasure map to hide the treasur.docxhenrymartin15260
 
NR361 Information Systems in HealthcareInterview with a Nursing.docx
NR361 Information Systems in HealthcareInterview with a Nursing.docxNR361 Information Systems in HealthcareInterview with a Nursing.docx
NR361 Information Systems in HealthcareInterview with a Nursing.docxhenrymartin15260
 
NR360 Information Systems in Healthcare Team Technology Pr.docx
NR360 Information Systems in Healthcare Team Technology Pr.docxNR360 Information Systems in Healthcare Team Technology Pr.docx
NR360 Information Systems in Healthcare Team Technology Pr.docxhenrymartin15260
 
NR443 Guidelines for Caring for PopulationsMilestone 2 Assess.docx
NR443 Guidelines for Caring for PopulationsMilestone 2 Assess.docxNR443 Guidelines for Caring for PopulationsMilestone 2 Assess.docx
NR443 Guidelines for Caring for PopulationsMilestone 2 Assess.docxhenrymartin15260
 
Nowak Aesthetics, was founded by Dr. Eugene Nowak in 1999, in Ch.docx
Nowak Aesthetics, was founded by Dr. Eugene Nowak in 1999, in Ch.docxNowak Aesthetics, was founded by Dr. Eugene Nowak in 1999, in Ch.docx
Nowak Aesthetics, was founded by Dr. Eugene Nowak in 1999, in Ch.docxhenrymartin15260
 
NR305 Health Assessment Course Project Milestone #2 Nursing Di.docx
NR305 Health Assessment Course Project Milestone #2 Nursing Di.docxNR305 Health Assessment Course Project Milestone #2 Nursing Di.docx
NR305 Health Assessment Course Project Milestone #2 Nursing Di.docxhenrymartin15260
 
Nova Southeastern University H. Wayne Huizenga School of Busin.docx
Nova Southeastern University H. Wayne Huizenga School of Busin.docxNova Southeastern University H. Wayne Huizenga School of Busin.docx
Nova Southeastern University H. Wayne Huizenga School of Busin.docxhenrymartin15260
 

More from henrymartin15260 (20)

NTC362 Week 3OSI Model, Switching Systems, Network Channel Pr.docx
NTC362 Week 3OSI Model, Switching Systems, Network Channel Pr.docxNTC362 Week 3OSI Model, Switching Systems, Network Channel Pr.docx
NTC362 Week 3OSI Model, Switching Systems, Network Channel Pr.docx
 
NT2580 Week 4 Hardening a NetworkAnalysis 4.2Availability, In.docx
NT2580 Week 4 Hardening a NetworkAnalysis 4.2Availability, In.docxNT2580 Week 4 Hardening a NetworkAnalysis 4.2Availability, In.docx
NT2580 Week 4 Hardening a NetworkAnalysis 4.2Availability, In.docx
 
NTNU, May 2009 ntnu.nocbm 1 LEARNING AND MEMORY .docx
NTNU, May 2009 ntnu.nocbm 1 LEARNING AND MEMORY .docxNTNU, May 2009 ntnu.nocbm 1 LEARNING AND MEMORY .docx
NTNU, May 2009 ntnu.nocbm 1 LEARNING AND MEMORY .docx
 
nowHow to be Army StrongI was 18 years old when I saw my fa.docx
nowHow to be Army StrongI was 18 years old when I saw my fa.docxnowHow to be Army StrongI was 18 years old when I saw my fa.docx
nowHow to be Army StrongI was 18 years old when I saw my fa.docx
 
NR-351 Transitions in Professional NursingWebsite Evaluation T.docx
NR-351 Transitions in Professional NursingWebsite Evaluation T.docxNR-351 Transitions in Professional NursingWebsite Evaluation T.docx
NR-351 Transitions in Professional NursingWebsite Evaluation T.docx
 
Ntc 362 Week 2, Integrative Network Design Project , Part 1By Alucar.docx
Ntc 362 Week 2, Integrative Network Design Project , Part 1By Alucar.docxNtc 362 Week 2, Integrative Network Design Project , Part 1By Alucar.docx
Ntc 362 Week 2, Integrative Network Design Project , Part 1By Alucar.docx
 
NTHEMIND OF GREATCOMPANIESBy Scott BlanchardThe.docx
NTHEMIND OF GREATCOMPANIESBy Scott BlanchardThe.docxNTHEMIND OF GREATCOMPANIESBy Scott BlanchardThe.docx
NTHEMIND OF GREATCOMPANIESBy Scott BlanchardThe.docx
 
nR E E 693 5T o c o m p l e t e th i s e x a m y o u n.docx
nR E E 693 5T o c o m p l e t e th i s e x a m y o u n.docxnR E E 693 5T o c o m p l e t e th i s e x a m y o u n.docx
nR E E 693 5T o c o m p l e t e th i s e x a m y o u n.docx
 
NSG6001 Advanced Practice Nursing I Page 1 of 5 © 2007 S.docx
NSG6001 Advanced Practice Nursing I Page 1 of 5 © 2007 S.docxNSG6001 Advanced Practice Nursing I Page 1 of 5 © 2007 S.docx
NSG6001 Advanced Practice Nursing I Page 1 of 5 © 2007 S.docx
 
NR360 We Can But Dare We.docx Revised 5 ‐ 9 .docx
NR360 We Can But Dare We.docx Revised 5 ‐ 9 .docxNR360 We Can But Dare We.docx Revised 5 ‐ 9 .docx
NR360 We Can But Dare We.docx Revised 5 ‐ 9 .docx
 
ns;,eilrlt.lnterviewing is one HR function.docx
ns;,eilrlt.lnterviewing is one HR function.docxns;,eilrlt.lnterviewing is one HR function.docx
ns;,eilrlt.lnterviewing is one HR function.docx
 
NR443 Guidelines for Caring for PopulationsMilestone 2 As.docx
NR443 Guidelines for Caring for PopulationsMilestone 2 As.docxNR443 Guidelines for Caring for PopulationsMilestone 2 As.docx
NR443 Guidelines for Caring for PopulationsMilestone 2 As.docx
 
NRB Dec’99 1WHITHER THE EMERGENCY MANAGER 1Neil R Bri.docx
NRB Dec’99 1WHITHER THE EMERGENCY MANAGER 1Neil R Bri.docxNRB Dec’99 1WHITHER THE EMERGENCY MANAGER 1Neil R Bri.docx
NRB Dec’99 1WHITHER THE EMERGENCY MANAGER 1Neil R Bri.docx
 
Now, its time to create that treasure map to hide the treasur.docx
Now, its time to create that treasure map to hide the treasur.docxNow, its time to create that treasure map to hide the treasur.docx
Now, its time to create that treasure map to hide the treasur.docx
 
NR361 Information Systems in HealthcareInterview with a Nursing.docx
NR361 Information Systems in HealthcareInterview with a Nursing.docxNR361 Information Systems in HealthcareInterview with a Nursing.docx
NR361 Information Systems in HealthcareInterview with a Nursing.docx
 
NR360 Information Systems in Healthcare Team Technology Pr.docx
NR360 Information Systems in Healthcare Team Technology Pr.docxNR360 Information Systems in Healthcare Team Technology Pr.docx
NR360 Information Systems in Healthcare Team Technology Pr.docx
 
NR443 Guidelines for Caring for PopulationsMilestone 2 Assess.docx
NR443 Guidelines for Caring for PopulationsMilestone 2 Assess.docxNR443 Guidelines for Caring for PopulationsMilestone 2 Assess.docx
NR443 Guidelines for Caring for PopulationsMilestone 2 Assess.docx
 
Nowak Aesthetics, was founded by Dr. Eugene Nowak in 1999, in Ch.docx
Nowak Aesthetics, was founded by Dr. Eugene Nowak in 1999, in Ch.docxNowak Aesthetics, was founded by Dr. Eugene Nowak in 1999, in Ch.docx
Nowak Aesthetics, was founded by Dr. Eugene Nowak in 1999, in Ch.docx
 
NR305 Health Assessment Course Project Milestone #2 Nursing Di.docx
NR305 Health Assessment Course Project Milestone #2 Nursing Di.docxNR305 Health Assessment Course Project Milestone #2 Nursing Di.docx
NR305 Health Assessment Course Project Milestone #2 Nursing Di.docx
 
Nova Southeastern University H. Wayne Huizenga School of Busin.docx
Nova Southeastern University H. Wayne Huizenga School of Busin.docxNova Southeastern University H. Wayne Huizenga School of Busin.docx
Nova Southeastern University H. Wayne Huizenga School of Busin.docx
 

Recently uploaded

The byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxThe byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxShobhayan Kirtania
 
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...Pooja Nehwal
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...Sapna Thakur
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 

Recently uploaded (20)

The byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxThe byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptx
 
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 

NT2580 Week 1 Understanding IT Infrastructure Security An.docx

  • 1. NT2580: Week 1 Understanding IT Infrastructure Security Analysis 1.1 Case Study 1 In March 2010, 28 year-old Albert Gonzalez was sentenced to 20 years in federal prison for breaching security measures at several well-known retailers and stealing millions of credit card numbers, which he then resold across a variety of shadow “carding” Web sites. Using a fairly simple packet sniffer, Gonzalez was able to steal payment card transaction data in real time, which he then parked on blind servers in places such as Latvia and Ukraine—countries formerly part of the Soviet Union. Gonzalez named his activities “Operation Get Rich or Die Tryin'” and lived a lavish lifestyle by selling stolen credit card information. He was eventually tracked down by the U.S. Secret Service, which was investigating the stolen card ring. Operation Get Rich or Die Tryin' took place for more than two years and cost major retailers, such as TJX, OfficeMax, Barnes &
  • 2. Noble, Heartland, and Hannaford, more than $200 million in losses and recovery costs. It is the largest computer crime case ever prosecuted. At first glance, Operation Get Rich or Die Tryin' seems to be an open-and-shut case. A hacker commits a series of cybercrimes, is caught, and is successfully prosecuted. Fault and blame are assigned to the cybercriminal, and justice is served for the corporations and the millions of people whose credit card information was compromised. Unless you ask the shareholders, banking partners, and some customers of TJX, who filed a series of class- action lawsuits against the company claiming that the “high- level deficiencies” in its security practices make it at least partially responsible for the damages caused by Albert Gonzalez and his accomplices. The lawsuits point out, for example, that the packet sniffer Gonzalez attached to the TJX network went unnoticed for more than seven months. Court documents also indicate that TJX failed to notice more than 80 GB of stored data being transferred from its servers using TJX’s own high-speed network. Finally, an audit performed by TJX’s
  • 3. payment-card processing partners found that it was noncompliant with 9 of the 12 requirements for secure payment card transactions. TJX’s core information security policies were found to be so ineffective that the judge presiding over sentencing hearing of Gonzalez reviewed them to determine whether TJX’s damages claim against him of $171 million is valid. Apart from lawsuits, TJX faced a serious backlash from customers and the media when the details of the scope of the breaches trickled out. Customers reacted angrily when they learned that nearly six weeks had passed between the discovery of the breach and its notification to the public. News organizations ran headline stories that painted a picture of TJX as a clueless and uncaring company. Consumer organizations openly warned people not to shop at TJX stores. TJX’s reputation and brand image was shattered in the wake of Operation Get Rich or Die Tryin', and only a small portion of the damage was actually Albert Gonzalez’s fault. NT2580: Week 1 Understanding IT Infrastructure Security
  • 4. Analysis 1.1 Case Study 2 The real lesson of Operation Get Rich or Die Tryin' may not be the crime itself, but how a lackluster security policy was chiefly responsible for it happening in the first place. Source: David, K., & Solomon, M. G. (2010). Fundamentals of information systems security (1st ed.). Sudbury, MA: Jones & Bartlett