• Home
  • Blog
  • Information pulled from, if information needed, would be best to utilize this so

Information pulled from, if information needed, would be best to utilize this so



Information pulled from, if information needed, would be best to utilize this source but any can be used.Corporate Computer Security, 4th EditionCorporate Computer Security, 4th Edition.Analyze the case study titled “Application Front-running” on pp. 468–469 in the textbook.For this assignment, you will need to provide the information below.Analyze the events of the hacked Twitter account.Explain the organizational impact of not having strong policies and procedures for securing applications and data.Develop five web application policies and five data protection policies based on the information found in the case.Address the methods an information technology (IT) security manager can use to increase organizational awareness ofpolicies and procedures in information security.Summarize your findings in a two- to three-page paper.Textbook Case Study:Case StudyApplication Front-runningWhat would it take to cause $200 billion in damages to U.S. corporations in a few seconds? You might think a nuclear, biological, or chemical attack. However, there is a simpler, easier, and much more unsuspecting answer—hack a single Twitter account.On April 23, 2013, a group called the Syrian Electronic Army hacked the Associated Press’ (AP) Twitter account and posted the following message just before 1:08 PM:“Breaking: Two Explosions in the White House and Barack Obama is injured”The result was an instantaneous 145-point drop in the Dow Jones Industrial Average. The selling lasted for two minutes until the AP and the White House confirmed that there hadn’t been any explosions. The near-instant selling was likely the result of high-frequency algorithms configured to scan news feeds for key words.The stock market quickly recovered its losses, but the psychological impact of the hacked Twitter account remained. Financial professionals wondered how the world’s largest stock markets could be so drastically affected by the failings of a social media application.Wall Street Journal reporters quoted R.J. Grant, associate director of equity trading at Keefe, Bruyette & Woods, as saying, “It’s frustrating and scary that a tweet can erase hundreds of billions from the market in a short time, but that’s the world we live in.”1111 Tom Lauricella, Christopher S. Steward, and Shira Ovide, “Twitter Hoax Sparks Swift Stock Swoon,” The Wall Street Journal, April 24, 2013. http://finance.yahoo.com/news/twitter-hoax-sparks-swift-stock-swoon-142013719.html.The case illustrates the level of interdependence of information systems, if only indirectly, in the larger business environment. It also shows how a weakness in one system may propagate to systems in other businesses. The “weakest-link” effect may be especially concerning when it comes to IT security.In Websense’s annual Threat Report 12 they look at organizational threats coming from the Web, social media, mobile devices, e-mail, malware, and data theft. The following are six key points from their report:12 Websense Inc., Websense Threat Report, February 13, 2013. https://www.websense.com/content/websense-2013-threat-report.aspx.Web Threats —The Web became significantly more malicious in 2012, both as an attack vector and as the primary support element of other attack trajectories (e.g., social media, mobile, e-mail). Websense recorded a nearly sixfold increase in malicious sites overall. Moreover, 85 percent of these sites were found on legitimate web hosts that had been compromised.Social Media Threats —Shortened web links used across all social media platforms hid malicious content 32 percent of the time. Social media attacks also took advantage of the confusion of new features and changing services.Mobile Threats —A study of last year’s malicious apps revealed how they abuse permissions. Especially popular was the use of SMS communications, something very few legitimate apps do. Risks also increased as users continued to change the way they used mobile devices.E-mail Threats —Only 1 in 5 e-mails sent was legitimate, as spam increased to 76 percent of e-mail traffic. Phishing threats delivered via e-mail also increased.Malware Behavior —Cybercriminals adapted their methods to confuse and circumvent specific countermeasures. Fifty percent of web-connected malware became significantly bolder, downloading additional malicious executables within the first 60 seconds of infection. The remainder of web-connected malware proceeded more cautiously, postponing further Internet activity by minutes, hours, or weeks, often as a deliberate ruse to bypass defenses that rely on short-term sandboxing analytics.Data Theft/Data Loss —Key changes in data theft targets and methods took place last year. Reports of intellectual property (IP) theft increased, and theft of credit card numbers and other personally identifiable information (PII) continued to grow. Hacking, malware, and other cyber threats continued to be a common method of attack.

About the Author

Follow me

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}