摘要:本篇是information management课程作业,要求在在美国广播公司的一份文件基础上,关于海外的黑客针对重要的的联邦政府部门和澳大利亚的主要企业的攻击事件写一份解决方案报告
Originated from the 1960s to 1970s, network hackers once gathered in the fortress of technological elite, namely Massachusetts Institute of Technology and Stanford University. They worshiped technology and resisted authority. They were of opinions that hacking activities means the intellectual freely exploration to the greatest potential for the computer system, means making the using of computer and the accessibility of information to be free of charge and open as much as possible. They are some of absolute technical staff. However, any irresponsible, disoriented power without restriction is dreadful, the control of the computer system included. With hackers increasingly keeping their eyes on the confidential databases that company secrets and national insider situation involved, the terror of the “hacker” has a new interpretation.
Current “hacker” has a very broad meaning and is also a general word. However, according to its common features, most of the definitions involve the superb programming techniques as well as the strong desire for problem solving and limitation overcoming in. They are the people who deliberately spoil computer and information system security. People also call the hacker as cracker. Today’s hackers unscrupulously do what they want, they tamper with information, replace the web, download or steal sensitive information, inject virus and Trojans into the computer system, attack the host and network, send mail bombs or make the network paralyzed. Therefore, if people are not vigilant and take preventive measures, it would cause serious consequences. It is not hard to imagine that once hackers attack succeed, from the small perspective, they just steal a portion of secrets or fund, paralyze certain network service, but in the big picture, they would cause the paralysis of the entire network and cannot be restored within a short period of time, thus causing huge economic losses, even undermining social stability and endangering national security.
2.1 Vulnerability identification in the context of the video
Vulnerability refers to a weakness of an asset or group of assets that can be exploited by one or more threats. (ISO/IEC 13335-1:2004) The vulnerability of the information system is one of the properties of information system. The malicious subjects (attacker or attack program) can take advantage of this property to get unauthorized access to the resource by authorized means and methods, thus obtaining sensitive information or damaging the system.
As for vulnerability classification, Bishop and Krsul are pioneers and make enterprising efforts. Since 1970s, when the America Research in Secured Operating System (RISOS) and Protection Analysis (PA) planned to study on the classification of vulnerability, securities experts have come up with dozens of schemes related to vulnerability classification. Before taking any action to issues regarding information security, risk assessment is a must. In the video, first we need to identify what the risks really are, and then evaluate the potential damages they may cause; based on the risk analysis and risk evaluation, we can identify the vulnerability.
In the video context, an Australian company was attacked by hackers located overseas. In order to know the vulnerabilities of the company, we first need to identify assets of the company. From the video, we can find the main assets of company attracting interests of overseas
本论文由英语论文网提供整理,提供论文代写,英语论文代写,代写论文,代写英语论文,代写留学生论文,代写英文论文,留学生论文代写相关核心关键词搜索。