Case Studies and Assignments: Gawker.com

Case Studies and Assignments

Summary

Gawker.com aims at boosting the security system in relation to the breach. The case of Gawker is an effective illustration of how lack of people, processes, and technology would make the system of an organization to be vulnerable. This is a representation of unprepared organization and minimum or lack of mature information security infrastructure. The classification of this attack is in relation to the advanced persistent threats just like in modern public threats. The attackers consistently invaded the organization with the aim of compromising the security of its network. The attackers adopted traditional attack methods to inflict the invasion (Sickle flow and baffle flow).

The first target of the attackers was in relation to invasion of the local file inclusion then the content management system directly. The attackers had the opportunity to move to other parts of the system because of the vulnerability. One of the key weaknesses during this breach was the exposure of the password file and source code for the content management system. The organization plans to adopt B-crypt password to minimize the opportunity by attackers to crack the password. The application of strong password in the presence of the weak ones proves to be a liable process thus is an ineffective protection method in the future. This is because if the attacker has access to the root system, he or she has the opportunity to capture the password as entered into the system. The best method to prevent attacks is to ignore the use of passwords. The organization needs to adopt protocols to initiate authorization processes. Other preventive measures would include implementation of the patch management system, penetration test or web code review, and web application firewall with the aim of eliminating vulnerability of the content management system and local file inclusion. The organization also has the opportunity to implement vulnerability management procedures and intrusion detection or prevention system.

Emergence of advanced viruses and worms renders antivirus less effective in the modern technological market. Antivirus only provides close to 20 percent of protection to the system. It is ideal to offer protection to the desktop, client system, and the server itself. The organization needs to adopt greylisting, whitelisting, comprehensive patching, firewalls, lay listing, Synbox, and IDS­­-­­IPS security system. There is the minimal value in the prediction of threats in relation to information system. This is because the trends or threats take much time to evolve thus reflecting minimal opportunity of a pattern to enhance effective prediction.

Was the information provided in the podcast beneficial to you?

The information was beneficial in that it reflects on accurate preventive measures in relation to breach of the system. The information provides effective knowledge of enhancing performance with antivirus through implementation of other technologies such as lay listing, greylisting, and whitelisting. These technologies enable organizations to reduce or eliminate vulnerability that might result in relation to the local file inclusion and content management systems. This would contribute towards achievement of mature organization with reference to information security infrastructure.

Was the information accurate? Why/Why not?

The information is accurate since it entails effective and valid research studies. Information in the podcast can undergo falsification to prove that they are accurate. Information is also accurate since its delivery was by an individual with extensive qualification in relation to technology and protection of the systems from external and internal intrusion.

Would you recommend them to someone else?

I would recommend the information from the podcast to someone else in order to enhance protection of the system from malicious attackers and other relevant intrusion both externally and internally. The information would also enhance the organization to prepare effectively and efficiently to curb future invasion by attackers thus proving useful towards protection of the system. Information would also enable an individual to enhance prevention of attacks through other technologies to supplement efforts by Antivirus to eliminate advanced viruses and worms.

Should tracking be restricted?

Tracking of the web users should be restricted to enhance privacy rights of the individuals visiting the websites. It is ideal for individuals to enjoy privacy while visiting the web to prevent malicious use of personal information by the online organizations and attackers. Restriction would involve that individuals would provide an opportunity to enable users understand that their steps are under critical watch. The users need to perform authorization process to enable website operators monitor their actions online with their consent. This would enable users to decide on the type of viewership to adopt while visiting the web. Since different users possess unique intentions while visiting the webs, it is ideal to track them through authorization process. This will provide accurate process towards prevention of web attacks by malicious attacks and other relevant external intrusion. Web privacy should not make websites vulnerable for attacks thus the operators need to conduct extensive restriction of tracking through authorization process.

 

Would you sacrifice viewing your favorite web sites in return for no tracking?

If the websites wish to prevent web attacks by malicious hackers, I would not sacrifice my favorite website in return for no tracking. The main point of question rests with the intention of visiting the website. Tracking is an authentic aspect of protecting the website from attack from malicious attacks from the internal and external sources. It is necessary for the organization to protect their website from malicious attacks. I would not sacrifice viewing my favorite site just to evade tracking. This reflects putting my favorite site in danger of attacks that might be malicious in nature. In order to participate in the protection of the website, it is ideal to contribute by encouraging tracking of users of the site. This makes it a mandatory process as a preventive measure towards the elimination of the attacks by external and internal sources.

Should web sites be able to restrict the content that you view based on your choices regarding tracking?

Websites should have the opportunity to restrict the content of view by users in order to enhance the need for privacy. Since users need and continue to advocate for privacy, it is ideal for the organization or websites to restrict the view of users by tracking their steps during the online visits. This would enhance protection of the website from attacks by malicious hackers who would infect data within the system and the server. The users should view less sensitive content in return for no tracking thus eliminating threats from outsiders and insiders. Full view of the content of the website would require extensive tracking of users to identify and address their intensions accurately. This makes it ideal towards prevention of attacks by malicious attackers.

 

 

If this were not the solution, what would you propose?

I would propose the adoption of web code review and web application firewalls. These technologies would enhance the security of the website and its content from malicious hackers and threats (external and internal). Web code review and web application firewalls play critical roles in identifying vulnerability of the content management system and local file inclusion. The identification process enables the organization to adopt accurate and valid information system infrastructure to deal with looming threats with reference to the networking systems.

 

 

 

 

 

 

 

 

 

 

 

 

References

Threat Monitor. (January 20, 2011). Data breach procedures to stop Gawker-type Web password       security leaks.

http://cdn.ttgtmedia.com/audioCast/SECURITY/TM_Lewis_databreach.mp3

Threat Monitor. (February 17, 2011). Enterprise antivirus protection: Is signature AV worth the             money?

http://cdn.ttgtmedia.com/audioCast/SECURITY/TM_Lewis_SigAV_021711.mp3

Security Squad. (January 20, 2011). Threat predictions and browser wars

http://cdn.ttgtmedia.com/audioCast/SECURITY/SecuritySquad01202011.mp3

 

 

Latest Assignments