Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Anonymous - ACG 6415
Document related concepts
Cross-site scripting wikipedia , lookup
Cyberwarfare wikipedia , lookup
Mobile security wikipedia , lookup
Security-focused operating system wikipedia , lookup
Computer security wikipedia , lookup
Distributed firewall wikipedia , lookup
Cyberattack wikipedia , lookup
Transcript
Conley, Justin Glenn, Cassady Zhang, Fan Anonymous ACG 6415 History Concepts In its early form, the concept had been adopted by a decentralized online community acting anonymously in a synchronized manner, usually in the direction of a loosely group-chosen goal, but the primary focus was to entertain them. Began in 2008 as a decentralized network of individuals, and became focused on promoting access to information, free speech, and transparency. History Membership if you identify with or say you are Anonymous, you are Anonymous and no one has the authority to say you are not except yourself. History Activities in 2012 Anti-ACTA activism in Europe Jan. 21st, a series of DDoS attacks on Polish government websites took place. Syrian Government Email Hack Feb. 6th, Anonymous broke into the mail server of the Syrian Ministry of Presidential Affairs, accessing some 78 inboxes of Bashar al-Assad's staffers. AntiSec Leak and CIA Attack. Feb. 10th, Anonymous claimed responsibility for taking down the Central Intelligence Agency's website for more than 5 hours. AIPAC Attack March 4th, Anonymous took down the American Israel Public Affairs Committee website. Vatican website DDoS Attacks March 12th, Anonymous took down the Vatican’s website History Reactions from the Society Media: Reports People: Comments Law enforcement: Arrest History Habbo Hotel Attack African-American, grey suits, afros “Closed due to AIDS” Claimed Habbo was racist 5/25/2017 History Project Chanology Church interviews Tom Cruise Copyright violation claim DoS attacks, prank calls, worldwide protest 5/25/2017 History Epilepsy Foundation Attack Posted flash videos Evidence points to Anonymous Anonymous says it was Church of Scientology 5/25/2017 History HB Gary Federal Hack Aaron Barr announces infiltration of Anonymous Anonymous hacks: Website E-mail & Phone System Twitter Greg Hoglund fires back 5/25/2017 History Operation Payback (#opsony) George Hotz and Alexander Egorenov Breach of freedom of speech Took down PS Network and related sites Personal action against employees and families 5/25/2017 Controls Main attacks are SQL injections and distributed denial of service attacks. Hardening applications to prevent SQL injections. Public key authentication Controls Routers and firewalls should be configured to stop invalid IP addresses and filter out protocols that are not needed Intrusion detection/prevention system Incident plan Multi-cast Source Delivery Protocol or anycast. Specialty security company Controls DDOS attacks are hard to stop and prevent A large enough attack will take down a website no matter how much security is in place Sarbanes-Oxley Section 302 – Financial statements and internal controls surrounding them must be certified. Section 404 - Effectiveness of its internal controls must be assessed and reported annually to the SEC. PCAOB - IT controls should only be part of the SOX 404 assessment to the extent that specific financial risks are addressed Sarbanes-Oxley Security is not patched or updated Relevance of IT to financial statements
