Computer Security Think Critically: Chewy 123 Read real-world scenario to help u

Question

Computer Security

Think Critically: Chewy 123 Read real-world scenario to help understand and apply the theory. Chewy 123 You would think that the FBI's most wanted cybercriminal, who was the mastermind behind multiple successful high-profile attacks would be smart. Well, when it comes to picking out strong passwords it turns out not so much. Jeremy Hammond was a renowned hactivist for ten years who had worked with the movement Anonymous. Hammond and Anonymous were responsible for disrupting the networks of Sony Pictures, the Public Broadcasting Service (PBS), the Arizona Department of Public Safety and many other high-profile sites. The high point of Hammond's work was breaking into a U.S security "think tank" known as Stratfor. Stratfor's clients include the U.S. Department of Homeland Security and the Defense Department. Hammond helped steal and then publicly post emails between Stratfor employees and these clients. They also stole credit card numbers from other Stratfor clients that included the U.S. Marine Corps, Northrop Grumman, and Time Warner Cable and then used the cards to donate money to the Red Cross In early 2012, with the help of an inside informant, federal agents kicked down the door of Hammond's house and tossed in a "flash bang" grenade. However, Hammond was still able to run into his bedroom and slam the lid shut on his Mac laptop that was using whole disk encryption, locking the incriminating contents. But yet federal agents were able to get into Hammond's encrypted laptop and use its contents in their successful prosecution of Hammond How did they get into Hammond's laptop? It was too simple. Hammond used as his password the name of his cat "Chewy" followed by the digits "123." It didn't take long for federal agents guessing obvious passwords to access the contents of Hammond's Mac Smart computer users know that you should never use any personal information like the name of a pet-in a password, and that appending characters in an obvious sequence-like 123-makes for an incredibly weak password. Evidently Hammond never learned this. He's now in a federal prison in Kentucky folding laundry until at least 2020

Explanation / Answer

Here Question One is being addressed ie. risks in sharing password at workforce:

We do a myriad of tech things, among those the most critical part is the networking. Security over the network is highly sensitive since personal information is shared across the network with is always vulnerable to attacks. Recent high-profile security breach scandals, like the Target credit card information breach and the Adobe hack, have more business owners and companies taking steps to ensure that their network, and the sensitive information stored on it, is safe and secure.The most common weakness of these hacks or attacks is the password.

In a workforce, we’ve been hearing warnings about password security all around. Few of these are like never share your password., never use the default password e.g. admin etc., never use an easy-to-guess password (like password123 or 123456789). But while most people do their best to adhere to their employers’ password security guidelines, many are still unsure of why these password protocols are even effective. A US Court of Appeals issued an opinion that found, that sharing passwords can be grounds for prosecution under the Computer Fraud and Abuse Act (CFAA). The decision, according to a dissenting opinion on the case, risks making millions of people who share passwords into “unwitting federal criminals.” The decision came in the case of David Nosal, an employee at the executive search (or headhunter) firm Korn/Ferry International. Nosal left the firm in 2004 after being denied a promotion. Though he stayed on for a year as a contractor, he was simultaneously preparing to launch a competing search firm, along with several co-conspirators. Though all of their computer access was revoked, they continued to access a Korn/Ferry candidate database, known as Searcher, using the login credentials of Nosal’s former assistant, who was still with the firm. Nosal was eventually charged with conspiracy, theft of trade secrets, and three computer fraud counts, and was sentenced to prison time, probation, and nearly $900,000 in restitution and fines.

A research report titled ‘From Brutus to Snowden: a study of insider threat personas‘ highlights that in fact, the majority of employees (52%) in the US and UK see no security risk in sharing passwords and logins. However, Insider threats represent one of the greatest risks to a business. Organisations must level up to deal with the risk of insider threats or attacks that may arise by sharing or acquiring coworker's credentials.

Related Questions

Navigate

• Browse (All)
• Browse C
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.