Module 4 – SLP
Starting in the spring of 2014, eBay was subjected to a series of security intrusions into its database of user passwords. The breach occurred when hackers compromised some employee login credentials, giving them access to the eBay system. It took over two months for eBay to know it had been compromised. The eBay hack came on the heels of the massive Target hack. Target’s security center was warned of the invasion but did nothing. At Neiman Marcus, alarms were set off as credit card data was being stolen. Sony with its enormously large and successful Cloud-based gaming system, the PlayStation network, also was attacked. Intrusions resulted in compromising financial data, including credit card numbers, for literally millions of participants. Moreover, this was not a single giant assault, but a series of recurring attacks (apparently conducted by a collective) that Sony’s security experts seem to have been unable to stem. The result has been huge financial losses for the company and, potentially more seriously, damage to its reputation that it may never be able to repair.
You can read about these hacks in the following articles.
Mac, Ryan (2014). California joins other states in investigation of EBay hack. http://www.forbes.com/sites/ryanmac/2014/05/23/as-ebay-notifies-users-of-hack-states-launch-investigation/
Riley M., Elgin, B., Lawrence, D., and Matlack. C. (2014). Missed alarms and 40 million stolen credit card numbers: How Target blew it. March 13, 2014. http://www.businessweek.com/articles/2014-03-13/target-missed-alarms-in-epic-hack-of-credit-card-data
Elgin, B., Lawrence, D., and Riley, M. (2014). Neiman Marcus hackers set of 60,000 alerts while bagging credit card data, Feb 21, 2014. http://www.businessweek.com/articles/2014-02-21/neiman-marcus-hackers-set-off-60-000-alerts-while-bagging-credit-card-data
Mills, E. (2011) Attacks on Sony, others show it’s open hacking season. CNET News. Retrieved June 13, 2011, from http://news.cnet.com/8301-27080_3-20069995-245/attacks-on-sony-others-show-its-open-hacking-season/#ixzz1PHwIH7dt
Mills, E. (2011) Who is behind the hacks? (FAQ). CNET News. Retrieved June 14, 2011, from http://news.cnet.com/8301-27080_3-20071100-245/who-is-behind-the-hacks-faq/?tag=rtcol;inTheNewsNow
Undoubtedly, you will wish to do some further research on this situation. A good place to begin would be googling a search term such as “Sony security problems” or some variant on that theme, and then following leads as they seem interesting to you.
Now you should consider some of the things that the security experts say about such challenges. Here are two useful articles that discuss information security in the context of Cloud-based systems, and how to respond to incidents:
Rudman, R.J. (2010). Incremental Risks in Web 2.0 Applications. The Electronic Library, 28(2), 210-230. [ProQuest]
Lanois, Paul. (2011). Privacy in the age of the cloud. Journal of Internet Law. 15(6), 3-17. [ProQuest]
In addition, the optional readings expand on many of the central points; you may also want to do some independent research of your own to clarify any issues that concern you.
As we noted before, if you don’t really pay attention to this material, it’s really unlikely that you can write an acceptable paper on the topic below, let alone an exceptional one. We spend quite a lot of time trying to identify useful sources for you that bear on our topics for analysis; while we strongly encourage you to conduct your own further research and identify additional useful sources, this should be an add-on to the basic material rather than a substitute for it.
When you have read through the articles and related material and believe that you have a reasonable understanding of the hacking situations, compose a 4- to 6-page critical analysis paper, on the topic:
· The best alternative(s) available to these firms who have been hacked and how to resolve their security crisis
Clearly, there are multiple possible answers that you probably will find during your research on this issue; there’s no one necessarily best answer, although it is pretty clear that good solutions will have to be both social and technical (i.e., sociotechnical) in nature. Your paper will be assessed primarily on how well you are able to support your viewpoint with the literature and the evidence. Obviously, as noted below, this will obligate you to actually be able to present such evidence in an academically respectable manner.
SLP Assignment Expectations
Length: Follow the number of pages required in the assignment excluding cover page and references. Each page should have about 300 words.
Assignment-driven criteria (14 points): Demonstrates clear understanding of the subject and addresses all key elements of the assignment.
Critical thinking (6 points): Demonstrates mastery conceptualizing the problem. Shows analysis, synthesis, and evaluation of required material. Conclusions are logically presented.
Scholarly writing (3 points): Demonstrates proficiency in written communication at the academic level of the course.
Assignment Organization (3 points): Assignment is well organized and follows the required structure and organization of the assignment.
Citing and using references (4 points): Uses relevant and credible sources to support assertions; uses in-text citations; properly formats references.