Computer Security Breaches and Hacking Report

Hackers gain access to RSA tokens

1. The attack on RSA is in a class known as APTs (Advanced Persistent Threats). These threats are mainly aimed at stealing valuable information and unlike other forms of attacks; these are implemented over a period of time. First the attacker makes a series of trials before gaining access to the system and then once access is gained, information siphoning is done over time quietly in the background to avoid being noticed by legitimate users. This makes it difficult to determine what compromised the system at the start, but generally, spear phishing is the most common method that is used by hackers in this type of attack.
2. It may be pretty difficult to avoid such attacks completely but it is important to keep measures in place to detect them in their earliest stages. However, we cannot sit back and wait for it to happen so that we can detect it and do something. Precautionary measures such as these listed below should be implemented. Strong passwords and PIN policies coupled with regular changing of the same should be enforced while at the same time monitoring changes in user privileges and system access both remotely and locally. The security and use for social media applications should be placed on high priority. The target victims of these hackers are mostly those high in authority as they are likely to have better privileges, therefore the rule of least privilege should be followed in role assignment. Operating systems and security applications should be maintained up to date and employees should be educated on social engineering tactics and how to avoid them.
3. The time loss associated with this attack includes the time spent trying to figure out the weak points in the system and the time spent communicating with clients and discussing mitigation measures. These processes also involve monetary expenses that otherwise could not have been incurred.
4. It may be difficult to fend off this type of attack by any hardware device implementation but some antimalware software have capabilities such as anomaly detection, pattern discovery, malicious IP tracking and many others which can help detect an upcoming threat.
5. No. All are equally susceptible, what matters is the precautionary measures in place.
6. The local user should avoid opening emails and messages from suspicious senders as well as pop up windows and links. He should also avoid giving out information except to authorized personnel only, (William, 2011).

Peer-to-peer app DC++ hijacked for denial-of-service attacks

1. This attack is known as a Distributed Denial Of Service attack. From the given information, it is clear that the computers that were used to implement the attack are those whose IP addresses had been compromised through out of date client applications. This means that the Initial problem was failure to update the client application.
2. To avoid such an attack in the future, it is advisable to keep both the client and server applications up to date. Also using self updating applications especially when it comes to third party applications, such as the peer to peer application in this case. Packet filtering techniques should be employed to ensure that all packets that get into the network are legitimate. Use of IP verification features on the interface, to verify the legitimacy of the source of requests is advantageous.
3. The monetary or time value lost in the attack may not be clearly quoted, but we know that in any DOS attack, there is a major system downtime involved. This time has got monetary value in terms of IP hosting, system restore, employee idle time and many more. Also there may be need to hire experts to help in system restoration which translates to additional monetary expenses. In cases where the attacker is after extortion benefits then the organization under attack may be in for bigger losses. The affected companies may not have been exceptional.
4. Packet filters, Firewalls and Software patches are measures that can be put into place to fend off such an attack in the future.
5. No. All systems are equally susceptible.
6. The local user should ensure that third party applications that he is using are maintained up to date. Also any abnormal delays in server access should be reported to the person in charge, (Jeremy, 2007).

63 percent of schools suffer IT security breaches

1. This is not about a specific case but a general study hence it is hard to determine what went wrong. However, we can be justified to conclude that many school attacks are malware and virus attacks propagated through the social media networks. This means that the major compromise of such systems is lack of proper antivirus programs and firewalls.
2. To avoid future attacks, it is important for schools to put self updating antivirus and antimalware applications in place. External media introduction into the network should be discouraged and in the event that they have to be used, then security measures should be enhanced. Internet usage should be monitored and any suspicious websites blocked. Use of firewalls and IP filters should be emphasized. User authentication measures should be employed while at the same time educating users on the benefits of securing the network as this encourages user responsibility.
3. Significant system downtime is experienced every time there is an attack and time meant for other businesses especially education related issues which is the core business for schools, is sometimes spent in restoration. Also there is monetary value incurred in system recovery, that is, money spent to hire experts and sometimes to replace parts such as hard drives that have been completely destroyed by viruses.
4. Installation of Firewalls, antimalware and Antivirus software can help fend off such attacks in the future.
5. Yes. Certain operating systems like Linux are less vulnerable to virus attacks.
6. The local user can avoid use of vulnerable external media such as USB devices if the organization does not have proper mitigation measures in place to control virus transmission into the network. Also they can avoid connecting personal computers and laptops to this network. (Panda Security, 2011)

References

Jeremy R. (2007). Peer-to-peer app DC++ hijacked for denial-of-service attacks. Ars technica. Web.

Panda Security. (2011) Study: 63 Percent of Schools Suffer IT Security Breaches Twice a Year. Security Products. Web.

William J. (2011). Hackers gain access to RSA’s SecurID security tokens. Government Computer News. Web.