Question

In: Computer Science

Case StudiesWhen the average person thinks of network security within a school, they often think of...

Case StudiesWhen the average person thinks of network security within a school, they often think of the student trying to hack into the system to change their grade, to see if they can take over their friend’s computer, or to put a prank up on the school website.

In light of the current network dangers these may be some of least of the school system worries.All of the following cases are based upon real situations. Read all of the case studies below and for answer the following questions for each of the three case studies:

 What should be the very first course of action?

 Should the public be informed about the situation? If so, how will their trust be regained?

 What steps should be taken to prevent similar attacks in the future?

 What are the ethical issues of this situation?

 How should students be dealt with if they were the people initiating the attack?

Breached Passwords

There are many ways for people to get passwords. What they do once they have them can be devastating. The important first step in data security is for everyone to take password security seriously. Choosing good passwords, not posting it on your computer, making sure no one is looking when you are typing it in are all simple steps in password security.

Brute force

Hackers used brute force password cracking program to break into the district’s computers and initiated a batch of bogus transfers out of the school’s payroll account. The transfers were kept below $10,000 to avoid the anti-money laundering reporting requirements. The hackers had almost 20 accomplices they had hired through work at home job scams. Over $100,000 was successfully removed from the account. Two days later a school employee noticed the bogus payments. Unfortunately, unlike consumers who typically have up to 60 days from the receipt of a monthly statement to dispute any unauthorized charges, organizations and companies have roughly two business days to spot and dispute unauthorized activity. This is because school organizations that bank online fall under the Uniform Commercial Code. Due to this law, the district was able to get less than $20,000 of the transfers reversed.

Shoulder surfing

A former student “shoulder surfed” (physically observed) the password of an employee while still in high school. After graduating, he used this information to get into the district’s student information system. From there, he gained access to a different district’s payroll data including birth dates, social security numbers, and bank account information of 5000 current and former employees. This information was then used for identity theft purposes including requesting and using credit cards, creating checks and altering bank account information. The perpetrator was caught and arrested after attempting to use a fake check at a local store. At a cost of $62,000 the district gave all of the affected employees fraud prevention and resolution services. According to the district superintendent, the district suffered “damage to our reputation with the public and our employees. Hundreds of hours were spent investigating the extent of the compromised data and developing the plans and procedures to protect staff from further exposure to fraud.... answering employee questions and preparing internal and external communications. It is impossible to measure lost productivity as employees worried about their financial security and work to change bank account and payroll information.

"Key logger

A group of students installed a keystroke-tracking program (this could also fall under malware or student hacking) on computers at their high school to grab the usernames and passwords of about 10% of the students, teachers, parents, and administrators that use the system. The students then used this password information to access the system to change grades for themselves and others. They did not seem to do anything else to the system while they had access.

Solutions

Expert Solution

The very first action that needs to be taken is report the concerned authorities and making them aware of the current situation and shutting down the system to prevent any further loss at the time.

Yes, the public needs to be imformed as it is the fundamental right of the citizen to have the right to imformation and thgey should be imformed regarding the same and should be made to believe that the authorities are working there level best to find the criminal and they will esnure that necessary action will be taken against them and future similiar scenario will be decreased by using latest and moe secure technique to protect data.

The ditrict should ask the user to not share and hide their password as anyone can use it for their use and can result in the loss of the someone , the district should also ask the citizen to use more complex password so that it wont be easy for anyone to guess and serve it purpose to provide security and district should implement proper encryption techniques for storing the data and use protcol like TCP/IP to protect the data while in transmission

The ethical issue of this situation is the protection of the data and confidentiality of the user which is being compromised here and the criminal should be charged accrodinglt for their crime and should be sentenced to jail.

If student are found indulging in this kind of activity they should be dealt with as a adult criminal but should be sentenced to jail and they should be made to learn what their action can cause to their life and what are privacy law that can they have been violating and what are the consequece of violating these laws and their electronice should be monitored for a interval of time.


Related Solutions

Case: Northridge Security Consultants, a security consulting company that specializes in network security for businesses, has...
Case: Northridge Security Consultants, a security consulting company that specializes in network security for businesses, has been using you as an outside contractor to provide research and customer service for their clients. A landscaping business, Sunset Landscapers, has contracted with NSC to help them implement cryptography to protect all documents and transmissions throughout their network. They have over twenty locations nationwide. NSC has found that even though the company would like this technology, the IT Director is resistant to any...
The average person thinks of the currency in her wallet or funds in her account when...
The average person thinks of the currency in her wallet or funds in her account when she thinks of the word “money,” but economists think about the concept of money in a much broader sense. What are the key features something needs to possess to be considered money, and what are some examples of things that have been used as money historically? Bitcoin and other cybercurrencies are frequently in the news now; do you think they should be considered money?...
As a special educator, you will often be the contact person for your administration, school counselors,...
As a special educator, you will often be the contact person for your administration, school counselors, and other general educators on your campus. Therefore, how could you use your position to help educate all staff on campus? What would you do to help promote a climate of collaboration? Why is this important, and who benefits from this type of school climate?
Create a policy for 802.11 Wi-Fi security in a wireless network in a five-person company with...
Create a policy for 802.11 Wi-Fi security in a wireless network in a five-person company with a one-access point WLAN. This is not a trivial task. Do not just jot down a few notes. Make it a document for people in your firm to read.
How often should IT security policies be reviewed within an organization? What is the impact if...
How often should IT security policies be reviewed within an organization? What is the impact if these policies are not reviewed on a regular basis?
Americans often think of themselves as quite diverse in their political opinions, within the continuum of...
Americans often think of themselves as quite diverse in their political opinions, within the continuum of liberal to conservative. Let’s use data from the 2006 GSS to investigate the diversity of political views. The percentage distribution shown displays respondents’ self-rating of their political position. Political Views Percentage Extremely liberal 3 Liberal 12 Slightly liberal 11 Moderate 38 Slightly conservative 17 Conservative 15 Extremely conservative 4 Total      100.0 What is the IQV for this variable?
How do you respond to users within your company who think that security measures just get...
How do you respond to users within your company who think that security measures just get in the way of their work? What could you do to help users view security policies in a more positive manner? 200 words or more, please.
The global average carbon footprint is 4 metric tons per person. Why do you think the...
The global average carbon footprint is 4 metric tons per person. Why do you think the US has a much higher average carbon footprint per person? The average world temperature has increased by 2 degrees fahrenheit over the last 140 years. Experts predict the average world temperature could increase by another 2-10 degrees fahrenheit by the year 2100. What are 3 possible consequences that could result from this warming? The US has one of the highest carbon footprints per capita...
On average, how would you think the typical person in the following socio-economic groups would view...
On average, how would you think the typical person in the following socio-economic groups would view an income redistribution scheme, and WHY? A single mother-of-color with two teenage children An unmarried computer engineer in San Francisco earning $100,000 per year An immigrant from abroad who has worked himself up form nothing to riches by starting a successful real estate company A democratic congresswoman from the inner city A republican senator from a rural state A 31-year-old foreign exchange trader in...
Case 4-19 Second Department-Weighted-Average Method [LO4-2, LO4-3, LO4-4] "I think we goofed when we hired that...
Case 4-19 Second Department-Weighted-Average Method [LO4-2, LO4-3, LO4-4] "I think we goofed when we hired that new assistant controller," said Ruth Scarpino, president of Provost Industries. "Just look at this report that he prepared for last month for the Finishing Department. I can’t understand it." Finishing Department costs: Work in process inventory, April 900 units; materials 100% complete; conversion 60% complete $ 8,561 * Costs transferred in during the month from the preceding department, 2,400 units 25,381 Materials cost added...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT