Description
CREATIVE AND PROFESSIONAL POWER POINT FACEBOOK SECURITY BREACH
2 attachmentsSlide 1 of 2attachment_1attachment_1attachment_2attachment_2
Unformatted Attachment Preview
Running head: OUTLINE
Facebook Security Breach
1. Introduction
a. Facebook is widely used throughout the world. According to reports, there were about
2.37 billion active Facebook users in 2019.
b. Unfortunately, Facebook has had a history of a security breach and unlawful access to
user information.
1
OUTLINE
2
c. One major occurrence is the security breach that occurred in July 2017 but wasn’t
realized until September 2018. However, this breach could have been prevented, as will
be explained in this paper.
2. The major security breach
a. On September 25, Facebook discovered a foreseen security breach that affected about 50
million accounts.
b. The attackers discovered a vulnerability in the Facebook platform in July 2017, but the
management did not realize it until it was too late. A spike in malicious activity is what
led to the discovery of the attack.
c. This vulnerability enabled hackers to fully take over the user’s account. The attackers
exploited FB bugs, which allowed them to access all contents posted in the attacked
account.
d. According to the Vice President of Product Management, Guy Rosen, Facebook
unconsciously created three weaknesses in the video upload option. The feature, “View
As” enabled a user to view another user’s profile without having to log in their account.
3. Classifying the security breach
a. According to chapter 11 of the coursebook, when an activity is considered a computer
crime, the computer is used as the object of a crime. The computer is the object, or it is
the victim of the crime.
b. The attacker and the victim obviously used different computers. The attacker, from a
different computer, managed to access the users’ accounts.
4. Recommendations
OUTLINE
3
a. Facebook had a lot of options to prevent the security breach. These include the protection
of passwords, user awareness, and the use of firewalls.
b. The feature video uploader creates an access token that permits Facebook users to remain
logged in even when they are not using the account. Therefore, Facebook should remind
the users to always log out of their Facebook once they were not using the accounts.
5. In conclusion, Facebook has had many encounters of security breach. Considering that
this even occurred few years after the Cambridge Analytica case, which cost it huge
lawsuits, the company should have learnt by now that protection of user information is
vital and tighten up its control measures, ensuring that it leaves no space for
vulnerabilities.
Running head: FACEBOOK SECURITY BREACH
Introduction
Facebook is widely used throughout the world. According to reports, there were about
2.37 billion active Facebook users in 2019. People use Facebook for different functions; some
accounts are business, while others are personal accounts. About 60 million are business
accounts. Regardless of whether the account is business or private, user privacy is essential
(Clement, 2020). Unfortunately, Facebook has had a history of a security breach and unlawful
access to user information. One major occurrence is the security breach that occurred in July
1
FACEBOOK SECURITY BREACH
2
2017, but wasn’t realized until September 2018. However, this breach could have been
prevented, as will be explained in this paper.
The major security breach
On September 25, Facebook discovered a foreseen security breach that affected about 50
million accounts. The attackers discovered a vulnerability in the Facebook platform in July 2017,
but the management did not realize it until it was too late. A spike in malicious activity is what
led to the discovery of the attack. This vulnerability enabled hackers to fully take over the user’s
account. The attackers exploited FB bugs, which allowed them to access all contents posted in
the attacked account. However, FB did not confirm if the attacker could access the private
message or if some data was misused. The management also did not confirm if private
information such as credit card information was taken, but there is a likeliness that it wasn’t
(Wired, 2018).
According to the Vice President of Product Management, Guy Rosen, Facebook
unconsciously created three weaknesses in the video upload option. The feature, “View
As”enabled a user to view another user’s profile without having to log in their account. When the
“video uploader”option came to be, it created an access token using the victim’s account.After
obtaining the token, then the attacker can use the victim’s identity to get access into another
person’s account. This was a form of impersonification. These events forced Facebook to shut
down about 90 million user accounts to correct the vulnerability. Fifty million accounts were
already affected, and 40 million were also suspected of having been affected. Unfortunately,
Facebook hasn’t found the attacker yet. It is still working with the FBI to identify the attacker,
but Guy Rosen states that it is likely that they may never find out (Wired, 2018).
FACEBOOK SECURITY BREACH
3
Classifying the security breach
According to chapter 11 of the coursebook, when an activity is considered a computer
crime, the computer is used as the object of a crime. The computer is the object, or it is the
victim of the crime. Also, the attacker targets specific networks. On the other hand, computer
fraud is explicitly when the computer is used as an element in carrying out the offence. The
vulnerability was, therefore, computer crime, and it can be categorized as pure computer crimes.
This is because the computer was the primary object of the crime and targeted a specific network
which is Facebook (Simkin et al., 2015).
The attacker and the victim obviously used different computers. The attacker, from a
different computer, managed to access the users’ accounts. The coursebook also explains that
there are three types of computer crimes, and one of them is compromising valuable information.
This crime involves illegal access to or misuse of the information in an AIS. The hackers
illegally accessed information from the user accounts by taking full control of the accounts. It is
not clear that they stole credit card information, but there are chances that they could have
(Simkin et al., 2015).
This type of crime is registered under Federal Legislation. The Criminal Law
Improvement Act of 1987 is an act that focuses on criminal activities that involve computers.
The act addresses the unauthorized use of computers and networks. The Federal Laws also
address the intention to illegally obtain personal accounts through the use of computers. The
attackers illegally accessed the users’ accounts and obtained information illegally. Moreover, the
Federal laws address impersonification which the attackers did (Simkin et al., 2015).
Recommendations
FACEBOOK SECURITY BREACH
4
Facebook had a lot of options to prevent the security breach. These include the protection
of passwords, user awareness, and the use of firewalls. The feature video uploader creates an
access token that permits Facebook users to remain logged in even when they are not using the
account. This means that for the attacker to impersonate the account, it has to be logged
in.Therefore, Facebook should remind the users to always log out of their Facebook, once they
were not using the accounts. This locks out the hacker, and they can’t impersonate their
accounts. Also, the protection of passwords is essential. Facebook should ensure that before a
user is allowed to access an account, they have to be verified first. The hackers exploited the
vulnerability of FB bugs to hack into people’s accounts. Facebook should, therefore, tighten its
control measures. It can use the firewalls, or the Intrusion Detectors System to detect any fishy
activities in the platforms (Simkin et al., 2015).
In conclusion, Facebook has had many encounters of security breach. Considering that
this even occurred few years after the Cambridge Analytica case, which costs it huge lawsuits,
the company should have learnt by now that protection of user information is vital and tighten up
its control measures, ensuring that it leaves no space for vulnerabilities.
References
Clement, J. (2020). Number of monthly active Facebook users worldwide as of 4th quarter of
2019. Retrieved from https://www.statista.com/statistics/264810/number-of-monthlyactive-facebook-users-worldwide/
Simkin, M. G., Rose, J. M., & Norman, C. S. (2015). Core concepts of accounting information
systems.
FACEBOOK SECURITY BREACH
Wired. (2018). Everything We Know About Facebook’s Massive Security Breach. Retrieved
from https://www.wired.com/story/facebook-security-breach-50-million-accounts/
5
Purchase answer to see full
attachment
Explanation & Answer:
8 Slides
User generated content is uploaded by users for the purposes of learning and should be used following Studypool’s honor code & terms of service.
Reviews, comments, and love from our customers and community: