SlideShare una empresa de Scribd logo

Stellar University's Diverse IT Infrastructure Led to Data Breach

Descargar como PPTX, PDF
E
ericwinn

Stellar University had a data breach due to lax security practices and siloed departments. A suspicious folder was found and deleted on a system, but a new folder was created and processor usage spiked, indicating a potential compromise. The system was disconnected from the network and security was notified. The breach exposed weaknesses like a short password policy and lack of training. The university analyzed the incident and strengthened security policies and account management going forward.

Tecnología
1 de 9
 Stellar University  diverse urban university  multitude of different technologies in use  servers can be set up by any department or individual  everyone did not work together
 Several changes occurred prior to the breach  management shift in focus  department restructure  financial difficulties
 Suspicious folder  Upon deletion of initial folder  new folder was created  processor usage spiked  multiple DOS windows opened in succession
 Disconnect the system from the network  Notify security personnel  Conduct a more in depth check of system to determine scope and severity of compromise
 Password policy (6 characters)  1 hour lockout after 5 failed attempts to logon  All password change at next logon
 Post-hack exam was handled informally  Summary write-up (management)  Analysis of how to prevent in the future (system administrators)  Page or email notification  Temporary password policy made permanent  Invalid account identification
 Why didn’t the university implement any form of training for its personnel?
 Dhillon, G. (2007). Principles of information system security: Text and cases. Hoboken, NJ. John Wiley and Sons, Inc.
Stellar University's Diverse IT Infrastructure Led to Data Breach

Recomendados

Security threats and trends-topic 2
Security threats and trends-topic 2Security threats and trends-topic 2
Security threats and trends-topic 2Neha Raju k
 
OPERATING SYSTEM
OPERATING SYSTEMOPERATING SYSTEM
OPERATING SYSTEMrenukarenuka9
 
operating system
operating systemoperating system
operating systemrenukarenuka9
 
Security threats and trends topic-3
Security threats and trends topic-3Security threats and trends topic-3
Security threats and trends topic-3Neha Raju k
 
Malware Defense-in-Depth 2.0
Malware Defense-in-Depth 2.0Malware Defense-in-Depth 2.0
Malware Defense-in-Depth 2.0Ayed Al Qartah
 
Welcome to my presentation
Welcome to my presentationWelcome to my presentation
Welcome to my presentationRakibul islam
 
Research Group Presentation
Research Group PresentationResearch Group Presentation
Research Group PresentationKunlakan (Jeen) Cherdchusilp
 
A system to filter unwanted messages from osn user walls
A system to filter unwanted messages from osn user wallsA system to filter unwanted messages from osn user walls
A system to filter unwanted messages from osn user wallsEcwaytech
 

Recomendados

Security threats and trends-topic 2
Security threats and trends-topic 2Security threats and trends-topic 2
Security threats and trends-topic 2Neha Raju k
 
OPERATING SYSTEM
OPERATING SYSTEMOPERATING SYSTEM
OPERATING SYSTEMrenukarenuka9
 
operating system
operating systemoperating system
operating systemrenukarenuka9
 
Security threats and trends topic-3
Security threats and trends topic-3Security threats and trends topic-3
Security threats and trends topic-3Neha Raju k
 
Malware Defense-in-Depth 2.0
Malware Defense-in-Depth 2.0Malware Defense-in-Depth 2.0
Malware Defense-in-Depth 2.0Ayed Al Qartah
 
Welcome to my presentation
Welcome to my presentationWelcome to my presentation
Welcome to my presentationRakibul islam
 
Research Group Presentation
Research Group PresentationResearch Group Presentation
Research Group PresentationKunlakan (Jeen) Cherdchusilp
 
A system to filter unwanted messages from osn user walls
A system to filter unwanted messages from osn user wallsA system to filter unwanted messages from osn user walls
A system to filter unwanted messages from osn user wallsEcwaytech
 
Os lecture 6
Os lecture 6Os lecture 6
Os lecture 6Dr. Ahmed J. Obaid
 
Secure lab setup for cyber security
Secure lab setup for cyber securitySecure lab setup for cyber security
Secure lab setup for cyber securityBirju Tank
 
Ch10 system administration
Ch10 system administration Ch10 system administration
Ch10 system administration Raja Waseem Akhtar
 
Ch10
Ch10Ch10
Ch10Raja Waseem Akhtar
 
System security by Amin Pathan
System security by Amin PathanSystem security by Amin Pathan
System security by Amin Pathanaminpathan11
 
Understanding operating systems 5th ed ch11
Understanding operating systems 5th ed ch11Understanding operating systems 5th ed ch11
Understanding operating systems 5th ed ch11BarrBoy
 
Operating Systems R20 Unit 1.pptx
Operating Systems R20 Unit 1.pptxOperating Systems R20 Unit 1.pptx
Operating Systems R20 Unit 1.pptxPrudhvi668506
 
SA Chapter 13
SA Chapter 13SA Chapter 13
SA Chapter 13Nuth Otanasap
 
Chapter 02
Chapter 02Chapter 02
Chapter 02Dolly Bhateja
 
Chapter 02
Chapter 02Chapter 02
Chapter 02m25farid
 
Chapter02
Chapter02Chapter02
Chapter02Downloadssu Fullmaza
 
An operating system (OS) provides a virtual execution environment on top of h...
An operating system (OS) provides a virtual execution environment on top of h...An operating system (OS) provides a virtual execution environment on top of h...
An operating system (OS) provides a virtual execution environment on top of h...jeronimored
 
Countering Computer Hacks-Sandy Suhling
Countering Computer Hacks-Sandy SuhlingCountering Computer Hacks-Sandy Suhling
Countering Computer Hacks-Sandy Suhlingsuhlingse
 
Information systems lifecycle
Information systems lifecycleInformation systems lifecycle
Information systems lifecyclefiona_rozario
 
Machine Learning for automated diagnosis of distributed ...AE
Machine Learning for automated diagnosis of distributed ...AEMachine Learning for automated diagnosis of distributed ...AE
Machine Learning for automated diagnosis of distributed ...AEbutest
 
Upgrade To Microsoft Office System 2007 2
Upgrade To Microsoft Office System 2007 2Upgrade To Microsoft Office System 2007 2
Upgrade To Microsoft Office System 2007 2dylanmcneill
 
Hostel management
Hostel managementHostel management
Hostel managementMini Gupta
 
Attivio Active Security Technical Brief
Attivio Active Security Technical BriefAttivio Active Security Technical Brief
Attivio Active Security Technical BriefAttivio
 
Information systems lifecycle
Information systems lifecycleInformation systems lifecycle
Information systems lifecycleRizwan Kabir
 
Pankaj Kh_Updated
Pankaj Kh_UpdatedPankaj Kh_Updated
Pankaj Kh_UpdatedPankaj Khobragade
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxnull - The Open Security Community
 

Más contenido relacionado

Similar a Stellar University's Diverse IT Infrastructure Led to Data Breach

Secure lab setup for cyber security
Secure lab setup for cyber securitySecure lab setup for cyber security
Secure lab setup for cyber securityBirju Tank
 
System security by Amin Pathan
System security by Amin PathanSystem security by Amin Pathan
System security by Amin Pathanaminpathan11
 
Understanding operating systems 5th ed ch11
Understanding operating systems 5th ed ch11Understanding operating systems 5th ed ch11
Understanding operating systems 5th ed ch11BarrBoy
 
Operating Systems R20 Unit 1.pptx
Operating Systems R20 Unit 1.pptxOperating Systems R20 Unit 1.pptx
Operating Systems R20 Unit 1.pptxPrudhvi668506
 
Chapter 02
Chapter 02Chapter 02
Chapter 02m25farid
 
An operating system (OS) provides a virtual execution environment on top of h...
An operating system (OS) provides a virtual execution environment on top of h...An operating system (OS) provides a virtual execution environment on top of h...
An operating system (OS) provides a virtual execution environment on top of h...jeronimored
 
Countering Computer Hacks-Sandy Suhling
Countering Computer Hacks-Sandy SuhlingCountering Computer Hacks-Sandy Suhling
Countering Computer Hacks-Sandy Suhlingsuhlingse
 
Information systems lifecycle
Information systems lifecycleInformation systems lifecycle
Information systems lifecyclefiona_rozario
 
Machine Learning for automated diagnosis of distributed ...AE
Machine Learning for automated diagnosis of distributed ...AEMachine Learning for automated diagnosis of distributed ...AE
Machine Learning for automated diagnosis of distributed ...AEbutest
 
Upgrade To Microsoft Office System 2007 2
Upgrade To Microsoft Office System 2007 2Upgrade To Microsoft Office System 2007 2
Upgrade To Microsoft Office System 2007 2dylanmcneill
 
Hostel management
Hostel managementHostel management
Hostel managementMini Gupta
 
Attivio Active Security Technical Brief
Attivio Active Security Technical BriefAttivio Active Security Technical Brief
Attivio Active Security Technical BriefAttivio
 
Information systems lifecycle
Information systems lifecycleInformation systems lifecycle
Information systems lifecycleRizwan Kabir
 

Similar a Stellar University's Diverse IT Infrastructure Led to Data Breach (20)

Os lecture 6
Os lecture 6Os lecture 6
Os lecture 6
 
Secure lab setup for cyber security
Secure lab setup for cyber securitySecure lab setup for cyber security
Secure lab setup for cyber security
 
Ch10 system administration
Ch10 system administration Ch10 system administration
Ch10 system administration
 
Ch10
Ch10Ch10
Ch10
 
System security by Amin Pathan
System security by Amin PathanSystem security by Amin Pathan
System security by Amin Pathan
 
Understanding operating systems 5th ed ch11
Understanding operating systems 5th ed ch11Understanding operating systems 5th ed ch11
Understanding operating systems 5th ed ch11
 
Operating Systems R20 Unit 1.pptx
Operating Systems R20 Unit 1.pptxOperating Systems R20 Unit 1.pptx
Operating Systems R20 Unit 1.pptx
 
SA Chapter 13
SA Chapter 13SA Chapter 13
SA Chapter 13
 
Chapter 02
Chapter 02Chapter 02
Chapter 02
 
Chapter 02
Chapter 02Chapter 02
Chapter 02
 
Chapter02
Chapter02Chapter02
Chapter02
 
An operating system (OS) provides a virtual execution environment on top of h...
An operating system (OS) provides a virtual execution environment on top of h...An operating system (OS) provides a virtual execution environment on top of h...
An operating system (OS) provides a virtual execution environment on top of h...
 
Countering Computer Hacks-Sandy Suhling
Countering Computer Hacks-Sandy SuhlingCountering Computer Hacks-Sandy Suhling
Countering Computer Hacks-Sandy Suhling
 
Information systems lifecycle
Information systems lifecycleInformation systems lifecycle
Information systems lifecycle
 
Machine Learning for automated diagnosis of distributed ...AE
Machine Learning for automated diagnosis of distributed ...AEMachine Learning for automated diagnosis of distributed ...AE
Machine Learning for automated diagnosis of distributed ...AE
 
Upgrade To Microsoft Office System 2007 2
Upgrade To Microsoft Office System 2007 2Upgrade To Microsoft Office System 2007 2
Upgrade To Microsoft Office System 2007 2
 
Hostel management
Hostel managementHostel management
Hostel management
 
Attivio Active Security Technical Brief
Attivio Active Security Technical BriefAttivio Active Security Technical Brief
Attivio Active Security Technical Brief
 
Information systems lifecycle
Information systems lifecycleInformation systems lifecycle
Information systems lifecycle
 
Pankaj Kh_Updated
Pankaj Kh_UpdatedPankaj Kh_Updated
Pankaj Kh_Updated
 

Último

"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 

Último (20)

"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 

Stellar University's Diverse IT Infrastructure Led to Data Breach

  • 1.  Stellar University  diverse urban university  multitude of different technologies in use  servers can be set up by any department or individual  everyone did not work together
  • 2.  Several changes occurred prior to the breach  management shift in focus  department restructure  financial difficulties
  • 3.  Suspicious folder  Upon deletion of initial folder  new folder was created  processor usage spiked  multiple DOS windows opened in succession
  • 4.  Disconnect the system from the network  Notify security personnel  Conduct a more in depth check of system to determine scope and severity of compromise
  • 5.  Password policy (6 characters)  1 hour lockout after 5 failed attempts to logon  All password change at next logon
  • 6.  Post-hack exam was handled informally  Summary write-up (management)  Analysis of how to prevent in the future (system administrators)  Page or email notification  Temporary password policy made permanent  Invalid account identification
  • 7.  Why didn’t the university implement any form of training for its personnel?
  • 8.  Dhillon, G. (2007). Principles of information system security: Text and cases. Hoboken, NJ. John Wiley and Sons, Inc.