Application Front-running

Case Study

            Application Front-running

              

               What would it take to cause $200 billion in damages to U.S. corporations in a few seconds? You might think a nuclear, biological, or chemical attack. However, there is a simpler, easier, and much more unsuspecting answer—hack a single Twitter account.

               On April 23, 2013, a group called the Syrian Electronic Army hacked the Associated Press’ (AP) Twitter account and posted the following message just before 1:08 PM:

              

                  “Breaking: Two Explosions in the White House and Barack Obama is injured”

              

               The result was an instantaneous 145-point drop in the Dow Jones Industrial Average. The selling lasted for two minutes until the AP and the White House confirmed that there hadn’t been any explosions. The near-instant selling was likely the result of high-frequency algorithms configured to scan news feeds for key words.

               The stock market quickly recovered its losses, but the psychological impact of the hacked Twitter account remained. Financial professionals wondered how the world’s largest stock markets could be so drastically affected by the failings of a social media application.

              

                  Wall Street Journal reporters quoted R.J. Grant, associate director of equity trading at Keefe, Bruyette & Woods, as saying, “It’s frustrating and scary that a tweet can erase hundreds of billions from the market in a short time, but that’s the world we live in.”11

               11 Tom Lauricella, Christopher S. Steward, and Shira Ovide, “Twitter Hoax Sparks Swift Stock Swoon,” The Wall Street Journal, April 24, 2013. http://finance.yahoo.com/news/twitter-hoax-sparks-swift-stock-swoon-142013719.html.

               The case illustrates the level of interdependence of information systems, if only indirectly, in the larger business environment. It also shows how a weakness in one system may propagate to systems in other businesses. The “weakest-link” effect may be especially concerning when it comes to IT security.

              

               In Websense’s annual Threat Report

                  12 they look at organizational threats coming from the Web, social media, mobile devices, e-mail, malware, and data theft. The following are six key points from their report:12  Websense Inc., Websense Threat Report, February 13, 2013. https://www.websense.com/content/websense-2013-threat-report.aspx.

              

                    

                     Web Threats —The Web became significantly more malicious in 2012, both as an attack vector and as the primary support element of other attack trajectories (e.g., social media, mobile, e-mail). Websense recorded a nearly sixfold increase in malicious sites overall. Moreover, 85 percent of these sites were found on legitimate web hosts that had been compromised.

                 

                    

                     Social Media Threats —Shortened web links used across all social media platforms hid malicious content 32 percent of the time. Social media attacks also took advantage of the confusion of new features and changing services.

                 

                    

                     Mobile Threats —A study of last year’s malicious apps revealed how they abuse permissions. Especially popular was the use of SMS communications, something very few legitimate apps do. Risks also increased as users continued to change the way they used mobile devices.

                 

                    

                     E-mail Threats —Only 1 in 5 e-mails sent was legitimate, as spam increased to 76 percent of e-mail traffic. Phishing threats delivered via e-mail also increased.

                 

                    

                     Malware Behavior —Cybercriminals adapted their methods to confuse and circumvent specific countermeasures. Fifty percent of web-connected malware became significantly bolder, downloading additional malicious executables within the first 60 seconds of infection. The remainder of web-connected malware proceeded more cautiously, postponing further Internet activity by minutes, hours, or weeks, often as a deliberate ruse to bypass defenses that rely on short-term sandboxing analytics.

                  

                    

 

                     Data Theft/Data Loss —Key changes in data theft targets and methods took place last year. Reports of intellectual property (IP) theft increased, and theft of credit card numbers and other personally identifiable information (PII) continued to grow. Hacking, malware, and other cyber threats continued to be a common method of attack.

Collepals.com Plagiarism Free Papers

Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.

Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS

Why Hire Collepals.com writers to do your paper?

Quality- We are experienced and have access to ample research materials.

We write plagiarism Free Content

Confidential- We never share or sell your personal information to third parties.

Support-Chat with us today! We are always waiting to answer all your questions.

Related Posts

All Rights Reserved Terms and Conditions
College pals.com Privacy Policy 2010-2018