A Cyber Security Case Study on eBay February 2014 Data Breach
Abstract
This report is an overview of some basic security associated services, that guard against risks to security of a system, using the ecommerce trading platform eBay February 2014 data breach, as case study. It covers some security policies, that not only detect the risks, but also outlines the conditions for a guaranteed protected system. Security procedures spot and stop incidents, therefore evaluating the security of a system demands an awareness of the procedures that implement the security policies. Correspondingly, basic knowledge of certain theories and trust, which lead to the risks and the extent to which they may likely be executed, is equally required. Human beings are the most vulnerable link in the security procedures of any system, and so should be taken into account while establishing policies (Matt Bishop, 2002).
Keywords
Download Options
Introduction
Computer security deals with computer associated assets. it could simply be defined as mechanisms used to ensure confidentiality, Integrity, and availability of information system. This includes hardware, software, and information being communicated, managed and saved. Information is key which is why big organizations like Marriott, Google, Amazon, eBay and many more are often the major targets of cyberthieves. This report will be discussing the February 2014, eBay data breach; the methods used by the hackers to breach their system, their intentions, the vulnerabilities that may have led to the breach, and the countermeasures taken by eBay to reduce the damage. It will also reflect what eBay did right or wrong and how they were able to resolve the breach.
eBay is an American international e-commerce business established by Pierre Omidya, in September 1995, and has its headquarters in San Jose, California. The business arranges a client-to-client retail sales via online marketplace, and is used by organizations, individuals, and governments to trade and acquire items. In 2014, a group of hackers got access to the login identifications of three of eBay’s employees, providing them entrance to the internal network of the company.
Conclusion
One cannot assume a system is secured because it was created by them. Every man-made system is bound to have a flaw, and it doesn’t take long before someone discovers it. Computers and the internets have changed virtually all outlook of our lives both professionally and personally. Safeguarding information is an essential issue for any organization; therefore, they should make computer security a priority. Why is computer security essential? It is essential because knowledge of computer security fundamentals can help prevent your information from getting into wrong hands. Delicate information is indispensable, and this has made computer systems bull’s eye to cyberthieves and hackers. Computer security experts must make effort to incorporate best computer security approaches in their organization. This includes overseeing computer and network security, and designing a security-oriented values in their organization.
There are various kinds of computer security that effect different sections of an organization’s digital and physical arrangement. Security experts should concentrate on these forms of security: Network security, Application security, Endpoint security and Information security. Every single one of these kinds of computer security comprises of various elements and can most likely be studied as their own expert fields. Network security concerns the physical elements of a network like the Servers, Routers and the software elements like the firewalls and security policies. Computer security professionals need to be well informed on extensive computer security issues, so as to safeguard their organizations from the progressing cyber threats they are faced with on a daily basis. Computer security safeguards people and organizations from loss of essential information and cyberthreats.