Group items tagged

M12 analysis M13 brief sept 12-13 jen max

1. Identify the scenario. Business 2. Describe a social/ethical concern and the relationship of one primary stakeholder to the IT system in the article. Security is a social/ethical concern because it regards the security of the Database Servers that are used to store the Domain Names and IP addresses. With insufficient security, the database security can be breached by outsiders and be altered. The primary stakeholder is Group NBT, and is the domain name management firm of NetNames and Ascio whose DNS Databases were compromised in this attack. Their SQL commands were infiltrated by the hackers, so that the information stored on their DNS Database was altered, that made website visitors be re-directed to spam websites. 3. Describe the IT concepts and processes. Domain Name System (DNS) - The address book for the website that links the URL of websites to IP address numbers that computers use to visit a website. IP Address - The numbers that are separated by period dots that make up a website's numerical address of its location. (DNS) Database - A database is a massive spreadsheet with numerous data types and forms used to store large amounts of data (in this case, websites' domain names URL and their respective IP addresses.) SQL Injection - SQL stands for Structured Query Language, used for database manipulation. This is a hacking method by using the various layers present in SQL commands, by 'injecting' a hidden command that enables to create a loop hole for access and change the database information. This includes changing strings of commands in the original SQL command into malicious commands, that are executed when the altered SQL command is executed. http://msdn.microsoft.com/en-us/library/ms161953.aspx

4. Explain the relationship between the IT system referred to in the article and the concern presented above. The security of the DNS Databases run by NetNames and Ascio (two subsidiaries of domain name management firm Group NBT) is a concern. Their SQL commands were being altered and compromised, which resulted in the altered domain names and IP address links. Their relationship is that the concern is the IT system's (in this case the Database's) security. The IT system, Group NBT's Database, has a concern over it's security. The DNS Database system has a security concern because the hackers were able to alter the paths of redirecting certain websites to scam websites instead through a SQL Injection attack that manipulates the SQL command used to manipulate the domain name database. 5. Describe and evaluate the impact of a social/ethical issue on the stakeholders The social/ethical issue is security. The stakeholders are Vodafone, the Daily Telegraph, UPS, and four other websites, Turkish hackers (Turkguvenligi), and internet users who visited those seven websites within the hacking duration. This has an impact on their security issue because their database has already been compromised once, and unless they create a new system of security to prevent SQL injections, they will never be able to know when someone is changing their SQL command strings. They need to have someone constantly monitoring their SQL to see if there are any changes. The security issue impacts Group NBT because it makes their customers that use their services doubt the secure service because hackers were able to alter the redirection of customers to scam websites instead of their respective website. Therefore security, to a large extent, has an impact on Group NBT. 6. Explain and evaluate one solution to the issue identified. A solution to the issue identified by NBT was to further review their Database system to ensure customers of a more secure service, since it is impossible for a

Describe the different ways that iphones and android phones are being hacked. all sept 5 soo

Malicious Applications that log details about incoming/outgoing phone calls, as well as recording the calls. They can create unwanted service charges subscriptions to phone users. The users may or may not even receive the "service" that was subscribed, and paid for. They cab intercept text messages, compromise emails, photos and private content. Malicious applications that appear to be games, calculators, or pornographic photos and videos are downloaded to smartphones. Malware that replies incoming text messages with spam links. E-mail based phishing - because the phone screens are smaller than computers, it is harder to tell apart phishing links and scams in the url. iPhone's unencrypted file of location logs for iPhone users. Jailbroken iPhones that run unauthorized content is also a gap where malware can get through. Because these apps are unauthorized, they haven't gone through Apple's authorization process, and can contain malware, and can hack the user's phone. o By Malicious Application= The Applications which Apple and Android offers to customer, sometimes have malicious worms or viruses. Sometimes, malicious applications masquerade to games, calculators, or pornographic photos and videos. Hackers made their own malicious app and phishing people to download. The payment will charge to the victim's phone bills. o By Phishing Texting= Personal texting sometimes contain spam and malicious links which lead to the hacking site o By Advertisement link= Viruses might attach to the advertisement link o By Weak Security= Weak security of iPhone and Android phone therefore, find the weak part of the phone and hack. o By E-mail= Users tend to be less caring on phones, as the words and the screen itself are small

Explain the problem. How can a hacker get your social network's password? If hacked, explain the method to restore your account. Describe ways to prevent your email being hacked. all Feb 29 Tik

Explain problem. - The issue of this article is that the hackers that hacked social network account, to steal or get your personal information on the account whish are the personal information, that could be danger to the account owners. How can a hacker get your social network's password? - They could get the password by just clicking the forget password button and remake you account your password, for example the email account that we could change the password if we lost them. If hacked, explain the method to restore your account - To restore the social network account, firstly you should remake the password, that hard to guess, and send the request or message to the providers that provide the social network. or using the link that is on the social network to restore your account. Describe way to prevent your email being hacked. - Use the hard password which they can't guess for example, don't use 123456789, because it's too easy. - Do not let the social network remember you password. - Keep the account and password with you, and do not tell anyone. - Do not use or share or do anything with you account or password while you are using the public network. - Do not post or share you personal information.

How was the attack done? How did they know an attack happened? Why is this an important issue? Describe a possible solution. all nov 23 Chut

How was the attack done? The hackers were able to obtain credentials from a company that makes software used to control the industrial systems. How did they know an attack happened? They knew that there was an attack because one of the pumps that is used to deliver water to the city was turned off. Why is this an important issue? This is an important issue because it indicates the amount of attention the United States government is giving to cyber-attacks. A terrorist attack like the one happened on September 9th 2001 can be said to be the faults of those who were monitoring the cyber activity. If the government aren't able to connect the dots to why they are doing this and the patterns of the attacks it might cause the US to be under attack like what happened over ten years ago. Describe a possible solution. Since that the credential software are saved on the clients' server, the employees can do a part in protecting the software. The staffs can help support the software.

article analysis march 25 soobin

1. Identify the area of impact the scenario relates to. -- Leisure, Business 2.Identify all ITGS terminology and phrases (IT and Social/Ethical) -- Twitter, Trojan, Facebook, E-mail spamming, Botnet, messaging service, social inbox, spam, e-mail, networks, online-security firms, junk e-mails, blacklisted addresses, output, domain names, .cn, internet registrars, fraud, web-hosting, cybercrime, hard drives. 3.Describe one ITGS social/ethical concern in the article. --Security is a concern in this article where users and spam is concerned. The security of the users' sensitive information is at risk when users click on spam links no matter from what source, from e-mails (which are decreasing now) to Twitter tweet links. By clicking onto these harmful links, users set free spam that can infiltrate the user's hard drive in search for sensitive information for example bank account numbers. 4.Describe the relationship of the main stakeholders to the IT system. ---The main stakeholder will be hackers and people who are using e-mail and social networking. The relationships between them are, normally hackers used spam mail to spend virus or hack their computer with Trojan horse, but as the email security develop hackers slowly moved to social network which is Facebook, and other many programs. They know that people are currently using social networking a lot and their privacy is open and they could easily get people's email too. Therefore by using Koobface, they could hack people's computer and information 5. Explain the relationship between the IT system and the social/ethical issue identified in question 3. -- The problem with the security is that the security of the users of their personal and public communications are at risk where spam is concerned. Spam is nowadays being planted in almost every corner of the internet, no matter where, in order to try and trick users into clicking on the harmful links in order to spread malware, such as Trojans. Spam is comm

Are any corporate databases and networks safe? Should consumers be wary about providing personal data online? How valuable is data stored online? May 11 soo

Are any corporate databases and networks safe? According to the article, they mentioned that no corporation databases are not completely safe and secure enough to protect personal information. There are too much false which makes network perfectly safe. It is very large storage and contains a lot of personal information. If the network is too big, they can't manage the network well and all the weaknesses will occur. The hackers will aim to hack the corporate databases because it has a lot of information therefore; it is not actually very safe. Should consumers be wary about providing personal data online? Yes, consumers should be wary about providing personal data online, because all services that store the online data are all under risk of being hacked, and the data compromised. Once the sensitive information is compromised, the user is more vulnerable to scam attacks through e-mails, as well as have their bank accounts or other user accounts online hacked. consumers should be a warning to be wary about providing personal data online because no corporate networks are frequently attacked by hackers and no matter how diligently their administrators work to protect them or how many protections are put n place, no network is perfectly secure. Even Sony' security systems are not perfect at all. Therefore, people have to be wary about providing personal data online How valuable is data stored online? Data stored online is very valuable, especially sensitive information such as ID numbers and bank/credit card numbers. Other personal data such as names, passwords, and security question answers are useful for hackers, and can be easily used for impersonation on other sites to hack into user accounts for further bad intentions.

1. ITGS 2. Security 3. Sony 4. Database 5. Network 6. Digital net networking

How does the attack work? Suggest ways to prevent pop-up windows.

Leisure, Business Internet

May 23

List the precautions Mr. Lieberthal takes when visiting China. Define digital espionage. Why is it easy to steal information remotely? How was the US Chamber of Commerce hacked? Explain the reason for thwarting the cybertheft of trade secrets. all feb 16 soo paulo

List the precautions Mr. Lieberthal takes when visiting China. * He leaves his cellphone and laptop at home. * He brings "loaner" devices. * He erases information before and after the trip. * He disables Bluetooth and Wifi. * He turns off his phone, and takes the battery out. * He only connects to the internet through an encrypted password protected channel. * He copies and pastes his password from a USB. Define digital espionage. Digital Espionage - The spying on digital information including corporate secrets and government secrets. These secrets are stored as digital data, and can be spied on and stolen. Why is it easy to steal information remotely? Because digital devices today are mostly connected to an internet network, and through this network, information can be stolen remotely if the hacker is able to hack into the system. Smart phones and digital personal devices are very common today. These devices are connected into workplace networks and carry information around. Hackers are able to hack into these devices and get onto the corporate network and steal information. How was the US Chamber of Commerce hacked? The US Chamber of Commerce was hacked through four of their employees, Asia policy experts' devices who travelled frequently to China. The Chamber's office digital devices including its printer and thermostat had a connection to an internet address in China. Through these remote connections to the digital devices, China could penetrate the inside information of the Chamber. Explain the reason for thwarting the cybertheft of trade secrets. Thwarting the cybertheft of trade secrets is to the benefit of the owner of those trade secrets. If cybertheft of trade secrets is not prevented, then other corporations would be able to use stolen trade information to their benefit, and possibly come out with the same product with slight modifications in order to gain more profit from other companies' ideas. This would also ruin the product

Eun Young  October 17th  BAA

1. Identify the area of impact the scenario relates to. The area of impact the scenario relates to is 'business and employment'. 2. Identify the main stakeholders to the IT system. The main stakeholders to the IT system from this article are the RBA (Reserve Bank of Australia) and customers. 3. Identify and describe one ITGS social/ethical concern in the article. The social/ethical concern that has been identified in this article is 'security'. Security refers to the protection of hardware, software from unauthorized access. Security tries to prevent the access by hackers. In this article, the RBA has been hacked (cyber attacked). For an example, the malware has embedded in the emails. They think it is China to blame because they thought that China has already been through a similar cyber attack, which aimed to get the information out of it. The staffs in the RBA have opened several malware emails. This malware application has managed to go through the computer system. 4. Describe ITGS terminology and systems. * Malware: Malware refers to software programs that are designed to damage or do other unwanted actions on a computer system. * Cyber Attack: Cyber attackers use malicious code to alter computer code,logic or data, resulting in disruptive consequences that can compromise data and lead to cyber-crimes (information and identity theft). * Computer Viruses: Small but insidious piece of programming-code that attacks computer and network systems through infected data files, introduced into a system via disks or Internet. 5. Describe the solution stated in the article or find a solution to the concern (issue) discussed in the article. Even though the RBA did not lose any of their information, it's better to have a safe security system/software to protect their information. The RBA needs to be more careful when opening email files, and for a better protection, they would need to find a better way to secure. I would suggest them to have an encryp

article analysis march 29 soo

1. Identify the area of impact the scenario relates to. This article is related to Heath problems 2. Identify all the ITGS terminology and phrases (IT and Social/Ethical) Video conferencing system=A form of synchronous learning in which two or more locations are connected through live video to facilitate collaboration and information sharing, unified communications, Wi-Fi, Mobile IP, RFID, translator, smart phones, Telemedicine, electronic, portable camera 3. Describe one ITGS social/ethical concern in the article. Internet access and privacy problems, digital divide and internet access equality 4. Describe the relationship of the main stakeholders to the IT system. Main stakeholders : doctors, patients Doctors can now look at each patient over the system, without physically being there with their patient. What this basically means that it can input the symptoms of the patient through a computer, rather than writing it up on paper. The advantage of the system is that doctors and patients don't need to travel to each others' place just to get looked at, because it can all be done via video conferencing. 5. Explain the relationship between the IT system and the social/ethical issue identified in question 3. The issue of reliability is related to the IT System (software and internet) in which the software relies on the internet connection. Therefore, if the internet connection fails to work properly, the software would not be efficient, and thus not reliable. 6. Discuss at least one problem that relates to the impacts of the social/ethical issue. The major problem that will arise from the impact of the reliability concern are the patients' lives. The patients lives would be in danger if the doctor diagnoses the illness incorrectly, and prescribes medication incorrectly. Wrong doses of certain medical treatments would be a threat to the patients' lives. 7. Evaluate one solution that addresses the problem identified. A solution that has been done is

M13 List and describe the guidelines for PC security. M12 Describe additional guidelines that should be considered for PC security. August 31 Chut Jenny

Additional Guidelines: Password locking/encrypting important, sensitive information containing files and folders. Using a proxy or a VPN, to access the internet through the tunnel that can also include encryption. A Proxy and a VPN can scramble your IP address so the website cannot track you.

Types of Securities. Firewall is a program that protects against intrusions and it helps ensure privacy. Anti-virus protects against computer viruses. A computer virus is a program that can multiply itself and infect a computer without the owner of the computer knowing or permissions. Anti-whatever else, malware, adware, spyware, Trojans etc. Why do you need it? People should have security programs to protect their computer from viruses or hackers. If you don't have any type of protection for your computer for your computer, your valuable information maybe stolen by hackers or erased by viruses. If you get viruses on your computer, you may need to take it to shops to repair it and need to pay for it. When do I need to use security programs? It depends on the activities that you do on your computer. How can I get viruses? There are several ways that you can get viruses. Opening attachments from anonymous emails, downloading torrents, movies, pictures, music and porn can give you viruses. Where can I get the right programs for my computer? download.com sourceforge.net majorgeeks.com Computer forums

brief all sept 7 Az

1. Identify the area of impact the scenario relates to. Business, Goverment 2. Identify the main stakeholders to the IT system. Mozilla, Google, DigiNotar, CIA, MI6, Mossad, Microsoft, Yahoo, Skype, Facebook, Twitter, and Microsoft's Windows 3. Identify one ITGS social/ethical concern in the article. Security 4. Describe ITGS terminology and systems. SSL- Secure socket layer certificates used for transmitting private documents via the Internet. It creates an encrypted connection between your web server and you web browser that will protect transmitted private information from eavesdropping, data tampering, or message forgery. Man in the Middle- is the type of attack where attackers intrude into an existing connection to intercept the exchanged data and inject false information. It involves eavesdropping on a connection, intruding into a connection, intercepting messages, and selectively modifying data. DigiNotar= DigiNotar is registered by the OPTA as a CSP that delivers qualified certificates that comply with the Dutch act on electronic signatures with respect to the European directive on electronic signatures. Sinces 2004 DigiNotar has entered the PKI hierarchy of the Dutch Government: PKIoverheid. This allows DigiNotar as Certificate Services Provider (CSP) to issue certificates complying with PKIoverheid specifications to government organisations. HTTPS: Hypertext Transfer Protocol Secure (HTTPS) is a combination of the Hypertext Transfer Protocol (HTTP) with SSL/TLS protocol to provide encrypted communication and secure identification of a network web server. HTTPS connections are often used for payment transactions on the World Wide Web and for sensitive transactions in corporate information systems. 5. If possible, describe a solution to the concern (issue). Increase the security of the data for issuing a digital certificate to websites, and have updates of digital certificate periodically to check whether or not it has been compromised. Delete mo

Explain what happened. Describe the issues. May 9 jen

1.Explain what happened. Sony suffered a hack on their PC games network, which lead to theft of online user's data from its PlayStation video game network. The theft involved 77 million user information. Sony is now hiring various outside firms to investigate on the matter, and try to find the offenders to this hacking. Cyber-security detectives from Guidance Software and consultants from Robert Half International Inc's subsidiary Protviti were brought in to help with the clean-up. 2.Describe the issues. Issues from this includes the reliability and integrity, as well as the security of Sony's protection system and online user's sensitive information which include credit card numbers as well as passwords. The reliability is the reliability of Sony's software. It might have failed to function properly, thus being a loop hole of the hackers to get through. The integrity is keep users' data complete and unaltered without their permission by the hackers. There is also a privacy issue because user's sensitive data was stolen.

1.2_security 2.1_online_bus 3.7_databases 3.6_multimedia_digital_media

Explain the issue with Path. Evaluate Apple's solution.  Should services such as Path take or hold our data? all feb 21 johnroy

Explain the issue with Path. When you take apps by log in from your iOS device then it would take you personal information and put it into the Apple server. It does this without permission of the user. The reason why is doing this to locate the user where you are at and your friends. Evaluate Apple's solution. Their solution is just to add new feature so you would be aware that apps would take your private information and put into the main server apple server. When you're downloading or getting apps you need to approve that they get you privacy information. Should services such as Path take or hold our data? I believe that they shouldn't because it's hard to trust large companies. The information that they have could be sold to other person that interest about your privacy. Another possible solution is that the data that is stored could be hacked anytime and when this occurrence happens. The hacker can sell my privacy to someone or he directly knows where I live, what's my name and etc.

Taiwan plans to beef up its cyberwar capabilities to counter a perceived threat from Chinese hackers targeting government and security websites, local media reported Sunday. Photo illustration of keyboard with both Roman letters and Chinese "radicals" or "particles" - parts of Chinese charactures.

Why are governments focus on cyber war nowadays? (Both defense and offense)

Explain the ways these networks are being hacked. How could you know if your facebook account had been hacked? all jan 17 jang

Explain the ways these networks are being hacked. It is explained in the article that these networks are being hacked by using the stole credentials to log into the user's Facebook account. When the hackers logs into the Facebook account, it is used to transmit malicious links to other people such as friends. Friends would be a trustworthy person so the link would be visited. This would increase the speed of the malware's speed. Also, some users use the same password for many accounts which can be used by ill-intentioned people on the web. How could you know if your facebook account had been hacked? For you to know if your Facebook account had been hacked, users should run an anti-virus software to check and get rid of any malware that is hacking your account.

Describe the kinds of attacks. Explain the security measures. all feb 9 kevin

Describe the kinds of attacks. - First attack is called "Upgraded Security System." On the webpage of the bank, this kind of trick is shown. and when the user is attracted by the offer, money is moved out of the account but this hidden from the user without knowing owner. Second attack is called "Man in the Browser." A malware sticks between the connections of the user and the webpage. It shows the users false pages. Explain the security measures. - Secure keys are used these days. For an example, in order to log in on a website, you have to insert correct numbers or letters shown not really clearly on the side. It prevents other softwares to use your account.

Identify the issue and scenario. Describe 3 incidents of cyberattacks by China. List some of the most desired data. Describe how the US is responding to these cyberthreats. all nov 10 kuni

Identify the issue and scenario. China and Russia have been accused of cyber espionage, stealing technological and commercial information from The USA and its Allies. Describe 3 incidents of cyberattacks by China. 1. Google allege that intellectual property was stolen in a computer attack that also targeted at least 20 other large companies. And earlier this year Mountain View, Calif.-based Google said it believes hackers in China broke into the Gmail accounts of several hundred people, including senior U.S. government officials, military personnel and political activists. 2. Mandiant reported that data was stolen from a Fortune 500 manufacturing company during business negotiations when the company was trying to buy a Chinese company. 3. McAfee traced an intrusion to an Internet protocol address in China and said intruders took data from global oil, energy and petrochemical companies. List some of the most desired data. Data from global oil, energy and petrochemical companies, Fortune 500 manufacturing company, U.S. Government officials, and military's gmail accounts. Describe how the US is responding to these cyberthreats. The Pentagon has begun a pilot program that is working with a group of defense contractors to help detect and block cyberattacks. They have called for greater communication about cyberthreats among the government, intelligence agencies and the private sector.

Avik and last pass, etc.