Security officer Essay Example | Topics and Well Written Essays - 2250 words

Security officer - Essay Example On November of this year, a teenager was charged with releasing separate DDoS attacks on Oxford University and Cambridge University. He was found to have conducted 17 counts of computer misuse, such as failing to offer passwords to the universities encrypted storage devices (Dunn, 2012). Also, nearly 100 universities servers across the globe were infringed by group of hackers identified as Team GhostShell. The group dumped students’ records onto the internet. The servers including those from Harvard University, Stanford University, University of Pennsylvania, as well as University of Michigan experienced the attacks on their Websites within their premises, and which were created autonomously for faculty members and departments. The group had managed to access over 120,000 students records from the breached servers, before publicly posting them online (Kingkade, 2002). The information included the names, cell-phone numbers, email addresses, and students’ login credential s. The hackers breached multiple servers within each of the universities thus accessing departmental Websites. Another instance is when a University of Nebraska, performed a data dump by gaining access to the university server that stores user passwords (DataBreaches.net, 2012). The cyber criminals targeted the university employees and students’ accounts, resulting in the targeted persons to spread the malware which then stole their personal information, as well as log-in credentials. The attacker had frequently phished for employees’ emails from LinkedIn, and sending students mass emails from social networking sites, before sending them emails asking for account information having attachments infected with a malware. The criminals then managed to come up with a Website that saw students and other faculty to view the data he had taken from the servers. In another incidence, the University of Arizona, experienced major computer breaches which saw student discovering the ir personal information they gave to the university by just conducting a simple Google search (Privacyrights.org, 2012). The hackers sent targeted emails or spear-phishing, with links to a Webpage that was designed to deceive the university employees responsible for student data, into inputting passwords. The emails comprised attachments which used an unknown gap in one of their flash software. Also, computer-protection issues at Ohio University saw the institution alumni being exposed to identity theft after hackers acquired their social security numbers. Some were not even able to conduct online shopping or obtain banking. The alumni data were compromised in a massive computer and security breach (Privacyrights.org, 2012). Question 2 The initial initiative is to educate employees and students on the various forms of cyber fraud scheme, such as informing them not to respond and even open attachments or links coming via unsolicited e-mails (Gallaher, Link, & Rowe, 2008). Secondly, w orkstation normally used for the institution online services are not used for common web browsing, e-mailing, or even social networking. The institutions internal and departmental activities are performed from more than one dedicated computer not used for online activities. There is also the constant use of spam filters, for instance SpamTitan costs as little $2 every user per year. The universities now use an IT security system that covers inside the institution, instead of the perimeter. Therefore, they employ consultants who understand what their users are conducting, and then locate any form of suspicious activities inside. Therefore, security information and event management referred to as SIEM by Wipro, deals with operational security, and log management requirements across an IT infrastructure. It cost $90 for a patch deployment for every system. It is offered in a managed services replica through its Soc-in-a-Box on a RSA platform. They monitor the university network traffic searching for any distrustful patterns (Wipro Technologies,