News‎ > ‎

Anonymous hackers claim ISP user data stolen from AAPT: Marking Guidelines

posted Oct 10, 2012, 7:56 PM by Unknown user   [ updated Oct 14, 2012, 1:23 PM by Eddie Woo ]
a. Identify who Anonymous is trying to target and why 
Marking Criteria Mark 
Identifies who Anonymous is targeting and why 
Identifies one of the above only 

Sample answer:

Anonymous is targeting the ISP’s and the federal government. They are trying to send a message to all ISP’s and the customers, that their databases with sensitive information is not secure and should not be kept. The attack is part of a campaign protesting against proposed changes to privacy laws which would force ISPs to store user data and make it available to intelligence agencies for up to two years.

b. Identify the type of database used, and justify why it’s suitable.
Marking CriteriaMark
Correctly identifies the type of database with one reason why it is suitable. 2
Only identifies the type of database.


Incorrectly identifies the database, with justification

Sample answer:
It is a relational database which was hacked, with mostly details of AAPT customers being taken. The details of customers is a large variety of personal information, which would potentially harm customers if leaked out, emphasising the value and sensitivity of the data being kept.

c. Construct a data dictionary detailing the data that might be stored by ISPs
Marking CriteriaMark
Contains at least 5 of the rows of the data dictionary below (answers may vary a little)3
Contains 3 - 4 rows (answers may vary a little)2
Contains 1 - 2 rows1

Sample answer:
Field NameData TypeSize of dataDescriptionExample
Unique customer IDText and Number10ID identifying a customerXCU0269
NameText20name of customerJoe
AddressNumber and Text20address10 Campbell Street
Email AddressText20Email
Account/financial  detailsNumerical50personal account details eg. bank account number 9023 123 234
Amounts owingCurrency20Any amount owing on bills$0.00
Plan start/endDate 20starting time and ending time of plan5/8/12 - 5/8/13

d. Discuss social and ethical issues with regards to letting ISP’s store user data
Marking CriteriaMark
Identifies AND describes at least 3 social and ethical issues, with positive and negative. 5
Identifies and describes 2 social and ethical issues4
Identifies 3 social and ethical issues 3 - 2
Identifies 2 social and ethical issues1

Sample answer:
Social and ethical issues include:
  • Data ownership: the data belongs to the customers of AAPT, and they should have control of what is being stored.
  • Privacy of information: Details such as address and bank accounts are being poorly secured and can be easily accessed by hackers.
  • Data security: Historical data which is not used by the company is being stored in an insecure location, with inadequate measures to secure the data.
  • Data mining- the large amount of historical data was no doubt, for data mining. However, privacy of the data, and accuracy of data trend predictions need to be considered by AAPT when data mining.
  • Ease of access- data belonging to users can now be easily accessed and searched online, with no need for large areas of paperwork.