IPad's Security Breach - Coursework Example

?iPad's Security Breach Introduction A security hole in Apple’s iPad, stormed the technology industry about the threats which can affect an individual or an entire nation. AT&T, the service provider for Apple iPad accounted for a security breach as the email-ids’ of more than 1,00,000 users got exposed by a group of hackers called Goatse Security. The group claims to work for the betterment of the society with the aim to expose the security vulnerabilities of different gadgets (NPR, 2011). This issue has a great impact on the technological industry as leakage of information and personal data is an unethical practice under law which can create serious threat if not dealt seriously by the security authority. This report is concerned with understanding the practice of hackers and justification of their act and also how companies can deal with security issues like this for a more secured approach to maintain the privacy of individuals. 1. Determine if hacking into a Web site is ever justifiable, applying your theory to a real-world case in which someone hacked into a system, including the name of the company and details. Hacking is the technique of acquiring information or modification of data from a system or website. Hacking involves several purposes and it’s not always an illegal issue for acquiring information from the websites. Hacking can be conducted for several activities where it can be justifiable for the act as it might not harm anybody or might sometimes be done for the betterment of more secured approach. Hacking can be a justifiable action when all information of the system is free to access which don’t need any intellectual property and security permission. Sometimes hacking is done by people for solely learning purposes to know the system how they operate and the programming techniques used into a system or website. Breaking into a system by programmers can solve certain security flaws of a system which are needed to be fixed to protect them from illegal use of information. These issues cannot be considered as illegal as it can save the website or system from different unethical practices from different people of the world to gain power over the big names of the computer world (NC State University, n.d.). In a case Nintendo and Sony faced an issue of hacking the information of the customers from the websites and the Play station security of the company. The hacker group Lulz Security used a simple SQL overloading technique to hack the systems and retrieve the passwords of the customers (Debatewise, 2011). The explanation of the hackers regarding the issue explains how the companies are less concerned about the information protection and their act is to find the loop hole of the system so that the company can rectify and review their system security to protect important information of customers who can be an important personality who rely on their system to provide information to the websites (BBC Technology, 2011). 2. Create a corporate ethics statement for a computer security firm that would allow or even encourage activities like hacking. As a corporate ethical statement from a computer security firm the statement should be like ‘Good offence is the best defense for the firm’. Computer firm encouraging hacking can influence the hackers to hack their own system and the competitors system to understand the loop hole of the security system. This can give a stronger base to the company to identify the threats to a system from the unethical hackers of the world who can be a possible threat at any point of time. Being offensive to identify the gaps and loops in the system can develop a more secured system which allows hackers to penetrate into different system and implement security programs to void those issues. These types of hackers are known as white hackers. To catch the thieves and employing the same technique of the thieves can recognize and defend the security threats of the firm (Mathew, n.d.). A person knowing the technique of hacking and implementing those techniques to cope with hacking and protect the system is generally employed for the purpose. The company encourages them to hack the system and provide the possible solution for the sake of maintaining the ethics of computer security system. White hackers’ hacks into black hackers’ computer to retrieve information for a good cause thus computer security with an ethical statement as stated above is best suited to encourage hacking activities. 3. Discuss if it is important for organizations like Gawker Media to be socially responsible. Gawker Media is an American blog and online media company which is considered by the user as the most visible platform of the different issues of the society and the environment. Gawker is a big name in the blogging platform as it owns 10 different blogs under it and run very successfully for the type of information it provides to the readers. While verifying the loophole in the security threat of iPad where the email ids of the users are exposed by a group of hackers called Goatse Security the media did not acted in a socially responsible manner. In spite of the hacking done by the group they did not exposed the email ids of the important personalities to the general public rather informed the media about the loop holes of the system so that the service provider AT&T can act accordingly to stop this kind of threats. But for the purpose of business the media published the email ids and the news to the blog with the gossip and news for the general public without any information provided to the hacked company. Gawker Media promised the group that they will not expose the ids’ of the users to the public but later denied and were responsible for engaging into socially harmful activity for accomplishing their own social goal for the business purpose. Being a media the company should make people aware of the news and notify AT&T about the issue and act as a socially responsible company rather than benefiting their own organization by exposing the public information directly into their websites. 4. Based on this incident, determine what factors CEOs should consider when responding to a security breach. In the modern era of technological development information are stored in a distributed database system into the network which is accessed by the companies for their business process. Information stored can be very confidential for the business along with competitor information. Thus the security level is needed to be under full control and protected from any threat. Companies hire other companies to look after their information or build their own security system. But this process incurs a huge investment for the company. Thus to cope with the basic security threats the CEO should keep few factors in their mind to respond to the security breach issue. The company should implement latest technologies to act against the global technological advancement and protect the system against the threats implemented from new systems. Updating the system software can help the company to guarantee against security issues from the environment. Data leak prevention and monitoring the system is another action should be taken by the CEO to protect its information. Discovering errors from eliminating them can help the company to be at a strong position in the technological platform. Protection against virus and Trojan horse is another essential activity of the firm to secure the system from the treats. Web users are often affected by the virus attack from hackers to steal information from the system. The employees are required informed by the company to be very careful while accessing web contents. Regular research and development on the new threat issues is very important for the company to understand the latest security issues in the modern technological platform. If these actions are performed carefully, the CEO of the company, to great extent will be able to cope with the type of security breach that occurred at AT&T. 5. Create an email script to be sent to AT&T customers informing them of the security breach and a plan to resolve the issue. Explain your rationale. Customers being the core of any business process AT&T need to apologize for the fault in their system and should also inform the customer with a brief of the issues occurred and suggest some action to cooperate with the company for resolving the issue. The email script from the company can be like – Dear Customer, This is to inform you that we have observed some unusual activities in our system which we are trying to resolve at the earliest. Please do not share your personal contact or any information through our network until we get back to you with a confirmation mail on the issue. We apologize for the inconvenience caused by the issue and we hope this co-operation can develop an even stronger relationship between us in future. Thanking You. AT&T. References BBC Technology. (2011). Sony investigating another hack. Retrieved on: August 25th 2011 from http://www.bbc.co.uk/news/business-13636704. Debatewise. (2011). HACKING CAN BE JUSTIFIED. Retrieved on: August 25th 2011 from http://debatewise.org/debates/3452-hacking-can-be-justified. Gawker. (2010). FBI Investigating iPad Breach (Update). Retrieved on: August 25th 2011 from http://gawker.com/5560542/fbi-investigating-ipad-breach. Mathew, R. (No date). The Need of Ethical Hacking Course. Retrieved on: August 25th 2011 from http://www.businesshighlight.org/computers-and-internet/site-security/the-need-of-ethical-hacking-course.html. NC State University. (No date). Can hacking be justified? Ethics in Computing. Retrieved on: August 25th 2011 from http://ethics.csc.ncsu.edu/abuse/hacking/discussion.php. NPR. (2011). Apple's iPad Breach Raises Alarms. Retrieved on: August 2nd 2011 from http://www.npr.org/templates/story/story.php?storyId=127747618. Bibliography The Wall Street Journal. (2010). AT&T Blames iPad Incident on ‘Malicious’ Hackers. Retrieved on: August 25th 2011 from http://online.wsj.com/article/SB10001424052748703389004575305611381540180.html?KEYWORDS=ipad. Clevenger, N. (2011). IPad in the Enterprise: Developing and Deploying Business Applications. John Wiley and Sons. Read More