AMERICAN INTERNATIONAL

UNIVERSITY-BANGLADESH
Faculty of Business Administration

Assignment Cover Page

Assignment Title: Compare Data with a Hash & What was Taken
Assignment No: 1 Date of Submission:
Course Title: Internet Security (MIS)
Course Code: 01052 Section: A
Semester: Fall 2020 Course Teacher: DANILO G. MORGIA

Declaration and Statement of Authorship:

1. I/we hold a copy of this Assignment/Case-Study, which can be produced if the original is lost/damaged.
2. This Assignment/Case-Study is my/our original work and no part of it has been copied from any other student’s work or from
any other source except where due acknowledgement is made.
3. No part of this Assignment/Case-Study has been written for me/us by any other person except where such collaborationhas
been authorized by the concerned teacher and is clearly acknowledged in the assignment.
4. I/we have not previously submitted or currently submitting this work for any other course/unit.
5. This work may be reproduced, communicated, compared and archived for the purpose of detecting plagiarism.
6. I/we give permission for a copy of my/our marked work to be retained by the Faculty for review and comparison, including
review by external examiners.
7. I/we understand thatPlagiarism is the presentation of the work, idea or creation of another person as though it is your own. It
is a formofcheatingandisaveryseriousacademicoffencethatmayleadtoexpulsionfromtheUniversity. Plagiarized material can be
drawn from, and presented in, written, graphic and visual form, including electronic data, and oral presentations. Plagiarism
occurs when the origin of them arterial used is not appropriately cited.
8. I/we also understand that enabling plagiarism is the act of assisting or allowing another person to plagiarize or to copy my/our
work.

* Student(s) must complete all details except the faculty use part.
** Please submit all assignments to your course teacher or the office of the concerned teacher.

Group Name/No.:      

No Name ID Program Signature

1 Ananya,Swapnil Sultana 16-32923-3 BBA

Faculty use only

FACULTYCOMMENTS

Marks Obtained

Total Marks
STEP 1 STEP 2
My surname is SULTANA My title name is SULTANA
13f339050149ae7350b1d85a2b40f018 ddec567dfb84b74d5b71d26ddb583634
STEP 3

Notice that many of the hash types create a hash of a different length. Why?
Answer: A long length hash can provide more security.

Hash bits differ in length due to specified algorithms so any collision can be
avoided. Algorithm is a set of rules that are followed in case of calculating,
problem-solving operations by a computer.

Incident Affected How many victims? What exploits were used? Ref
Date Organization So
What was Taken? How do you protect yourself?
28/07/2020 Avon.com Both the customer and  7GB worth of exposed data on
 organization was victim the servers constituted “all
as attacker got access to production server information. SC M
customer details and Hackers would be able to
internal network data. establish full server control and
conducting actions that
permanently damage the brand
 more than 40,000
exposed security This attack shows how important it is
tokens for organizations to ensure that every
server and endpoint is properly
 19 million monitored and secured From back-end
exposed infrastructure to end-user mobile
documents devices.
22/10/2020 Microsoft 5,500 compromised  After an account is
Sharepoint online Microsoft tenants. compromised, the attackers
upload a malicious file SC M
Onedrive  5.9 million email
messages  Changing the sharing
permissions to “public” to
capture the contacts or other
targeted individuals.

Provide help to users in understanding

that trusted websites can be used in
phishing attacks as well . Investment
in identity and access management,
multi-factor authentication for
endpoints in recommended.

26/10/2020 Psykotherapiakeus Ten thousand patients.  Emails from alias

Vaastamo “ransom_man” asking for $200
 Records related to ransom (in bitcoin) editio
therapy sessions
 Patients' social It can be said that not responding to
security number the email and contacting police would
 Patient’s address be the only appropriate way as this is
not a case of personal data breach but
organizational .

27/10/2020 Enel Group Enel being the 87th

 Ransomware operators asking
among fortune global
a $14 million ransom.
500 with a revenue of
$90 Billion is facing a secur
 Enel never replied to the
great threat .
message, for this reason, the
 attackers started leaking a
 Attacker stole
portion of the stolen data as
several terabytes
proof of the data breach.
from the company
and threaten to
leak them
24/05/ 2019 Canva 137 million users.  An attack that exposed email csoon
addresses, usernames, names,
 137 million user cities of residence, and salted
accounts were and hashed with passwords
viewed by
attacker Invalidating unchanged passwords and
notifying users with unencrypted
 4million account passwords.
passwords were
decrypted and
shared online

Reflection
After reading about the security breaches, what can you do to prevent these
types of breaches?

Answer: These 5 steps mentioned below could help in prevention of data breaches

 Strengthen data security policies.

 Emphasize on multi-factor authentication.
 Practice regular penetration testing where in-house IT team will simulate a
cyber attack to identify weaknesses in security.
 Know where the risk is, so that required action can be taken to mitigate or
avoid it.
 Vigillance in looking for new ways to protect organizational data