Sunday, March 3, 2019
Identifying Potential Malicious Attacks Essay
We reach been tasked by the CIO to draft a report identifying strengthly beady-eyed attacks, brats, and vulnerabilities specific to our organization. Further, the CIO would the likes of us to briefly explain each token and potential tint it could have on the organization.Malicious cyberspace Attacks internet attack is usually defined as an intrusion on your profits infrastructure that will runner analyze your environment and collect selective information in order to exploit the existing open ports or vulnerabilities this may include as well unauthorized access to your resources (Symantec, 2013). We will first have to analyze the potential attacks we need to protect against, and the potential impact those attacks could have on the network. The majority of threats we will encounter are separate as computer viruses, hacks, and mingle attacks. 1. Viruses. A Virus is a program that is activate by attaching copies of itself to execut fit objects. Viruses can reach your com puter from other infect computers, via data medium (CD, DVD, etc.) or through a network (local or Internet). (Symantec, 2013). Due to the shear frequency of virus attacks, we shall list them number one. fit in to a Department of Trade and Industry (DTI) survey, 72% of all companies authorized infected e-mails or files last year and for larger companies this rose to 83% (Vernon, 2004). The potential impact of the network becoming infected with a virus could be devastating.File destruction, file corruption, disabling user programs, loss of precise data and overloading the network are just a few of the potential impacts of a virus. Viruses can be introduced in to the network in many ways. Employees downloading /using unauthorized programs, opening and executing infected email attachments, rescue infected files from home on a thumb drive or CD, accessing the network with their smart forebode, etc. According to a survey of IT mangers doed by SupportSoft, 75% said their companies a re notadequately protected from, or able to prevent, computer virus attacks, and 74% said their companies are fall upon monthly with one or more computer viruses. (SupportSoft, 2005)2. Hacking. Despite the continuing problem of Denial of Service (DOS), and Dedicated Denial of Service (DDoS) attacks, the modish threat is SQL injection attacks.This type of attack takes advantage of improper cryptogram of web applications that allow outside users (hackers) to inject SQL commands that allow access to the smart sets database. This results in secure information beingness confused with non secured information. In other words, passwords, classified or proprietary information is confused with humankind information such as product details or contacts by the database, allowing hackers to access the secure information. A report by the Center for strategic and International Studies in Washington estimated that it exist the global economy $ three hundred billion a year and cyber insurance is the fastest-growing specialty insurance eer worth around $1.3b billion a year in the US. (Lawson, 2014). It is not solely the cost of information that should be considered, but also the cost of lost employee productivity, network downtime, and increased IT personnel cost.3. Blended Attack.A blended threat is a multi-pronged attack against networked computers. Symantec describes a blended threat as an attack that combines viruses, worms, Trojan Horses, and bitchy code with server and Internet vulnerabilities to initiate, transmit, and propagate an attack. Blended threats are knowing to propagate quickly, like worms, but sort of of relying on a single-attack vector (such as email), blended threats are designed to use whatever propagation path exists. (Piscitello, n.d.).A blended threat usually takes over the administrative privileges on the computer and is thus able in theory to perform any operation available, thus enable keystroke logging file copying, removal or modificat ion communications observe and modification and unauthorized service operation (Piscitello, n.d.). The use of the Bring Your deliver Device (BYOD) policy by many companies, has led to the escalation of blended attacks cod to the often lackadaisical approach that most users take concerning mobile phone gage. With a lack of anti-virus and anti-malware software installed, these doohickeys post a real guarantor risk when attached to the play along network. With most employees using their mobile device for both work and private use, stored business contacts and texts could be compromised.certificate Controls (Personnel) alone three of the network risks identified above pose not only the threat of malicious attacks, but also the threat of data stealing and loss. We must mitigate the risk to our network and the adroit property and extremely sensitive data contained within that network. The first step would be to dish out a review or audit of our user and network warranter pol icies. An annual user fosterage session should be instituted containing the following sanctioned policies No installation of unauthorized software on company machines. neer provide someone else your user name or password. Log sour of the computer when not in use neer provide intellectual or sensitive information to unknown users, especially through email. Never open email attachments, especially executable files, from unknown sources. Implement a strong password policy with mandatory changing of passwords within legitimate timeframes.These company policies can help mitigate internal threats that can elapse by accident or intentionally. Users should also be trained in the identification of malware and the proper reporting procedures after it has been identified. All IT personnel should have knowledge of the latest threats and responses to those threats. If it is identified that IT personnel require additional training/certification, this should be provided if financially feas ible.Security Controls (Hardware/Software)The first step would be to conduct a thorough audit of network security department hardware and software. A reconnaissance and probing test could be performed with Zenmap GUI (Nmap) to identify security deficiencies such as open ports. The best defense against malicious attacks is a multi-layered approach. A Host Intrusion Detection System (HIDS) to complement the Network Intrusion Detection System (NIDS) should be installed. An additional NIDS should be installed at bottom the firewall which would detect any attacks that may get by the firewall. Host computers connected to the internet should be isolated from the rest of the network. We should also harden our software/hardware, which is a configuration where unnecessary services are turned by and protected ones are left running. A review of the anti-virus and anti-malwaresoftware should be done.All software should be up to date with the latest virus/malware definitions and updates. Perfo rm virus and malware scans on all network devices and computers on a consistent basis. Wireless Access Points (WAP) should have the latest encryption installed to promise only authorized users have access. A BOYD security policy should be implemented, whereas all mobile devices under the BOYD program are susceptible to the kindred security policies as company assets. A policy much like Cisco has implemented should be considered.Their policy requires all users to have at least a four-digit PIN, and the device to have an auto-lock setting that triggers in 10 minutes or less. Cisco also reserves the right to pass through any device remotely if its lost or stolen. The company controls corporate data on its network, using a combination of security access PINs, encryption tools and read-only features that prevent highly confidential data from being copied, downloaded or emailed. It also uses monitoring tools to scan all Web requests for malicious content if a device starts behaving str angely, the IT team can quarantine it or kick it off the network. (Gale, 2013).ConclusionWith an ever evolving, infinite amount of threats to a network, there are many available solutions to attempt to mitigate that risk. provision personnel on best security practices, creating a secure network with firewalls including intrusion detection and anti-virus/malware software, to performing security audits will help hold the best possible defense against a malicious attack against the network. kit and caboodle CitedGale, S. F. (2013, April 2). BYOD Brings Security Risks for Companies. Retrieved July 14, 2014, from workforce http//www.workforce.com/articles/byod-brings-security-risks-for-companies Lawson, A. (2014, May 23). Businesses need to wake up and smack the hackers. Retrieved July 23, 2014, from The Independent http//www.independent.co.uk/news/business/analysis-and-features/businesses-need-to-wake-up-and-smell-the-hackers-9422300.html Piscitello, D. (n.d.). What is a blended thre at? Retrieved July 23, 2014, from The Security Skeptic http//securityskeptic.typepad.com/the-security-skeptic/what-is-a-blended-thr
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment