Cyber Security Assignment: Vulnerabilities of Information System
Task: Write a research report on cyber security assignment discussing about the vulnerabilities of information system that a business faces.
The present context of cyber security assignment focuses on the vulnerabilities in information systems which arise from all types of fundamental properties of objects. The standards are listed for all types of property related to infrastructure, cyber, and physical objects (Al-rimy, Maarof&Shaid, 2018). Vulnerabilities arise through certain attributes types like cyber, physical, social, or infrastructure.The quality of resources or any environment that realizes a threat. Many software and hardware of the data that are processed could be vulnerable to a wide variety of threats. Once the potential threat is examined, it determines the extent to which it is vulnerable. Many economies or societies may be affected due to a change in Information and Communication technologies. Many organizations and individuals have become dependent on proper functionality with highly complex and understandable ICT-systems with deviations in normal behavior (Sharma & Bashir, 2020). Many contemporary technologies are designed and implemented for safe and secure functioning. The system can be attacked easily by injecting viruses and worms on the Internet. It then propagates rapidly through malicious viruses and enters enterprises, schools', offices, and personal computers. Many a time young people don’t care about their data trail of personal behavior while they are surfing the websites through social content (Kibe, 2018).
1.2 Thesis Statement
The thesis of the report is based on the vulnerabilities that occur in technology. It’s the security concern that matters. The telecommunication, electric power, the computer-based network is the infrastructure of the information technology that targets criminals and enemies which heavily depends on network communications (Mejias et al., 2019).
Vulnerabilities come under various categories.
1. Environmental concern: This concern is mostly related to undesirable site-specific occurrences that relate to lighting, dust, fire, flood, smoke, rodents, chemical fumes, insects, earthquake, severe weather, sprinkler activation, tsunami, volcanic eruptions, water leakage, electrostatic discharge, electromagnetic interference, vibration, explosion (Meneghello et al., 2019).
2. Physical concern: This concern is mostly related to undesirable site-specific personnel actions, which are intentional or unintentional that are related to theft, sabotage, facility access that are unauthorized, extortion, bomb threat, unrest labor, unrest civil or war, improper transportation, improper storage or mounting, drop page or spillage, magnetic tools or magnets, trip hazards, fire hazard, collision and vandalism (Barrowclough &Asif, 2018).
3. Site-Support: This concern is mostly related to foundational site aspects that have electrical power, climate control, power outage, the temperature that are unstable or extreme, humidity that are unstable or extreme, the environment that is unsafe for human occupation, inaccessible facility, inability to cut power, background or electrical noise, improper maintenance, unavailability personnel, telephone service, trash disposal, and fire suppression.
4. Technical: This concern is mostly related to situations that are system-specific with improper system operation, inadequate procedure, improper configuration of hardware, improper configuration of software, unauthorized modification of hardware or software, unauthorized duplication of hardware and software, unauthorized logical software, exceeding or unsanctioned use of licensing, under classification or over classification, failure or error in hardware functionality and security, failure or error in software functionality and security, storage media failure, Remanence of data, reuse of the object, overload or failure in communication, error in communication that provide inaccurate service, error in data entry as legitimate, modification or deletion of accidental software, modification or deletion of accidental data, disclosure or accidental data, repudiation of transaction or process, masquerading, playback-recording message with legitimate transmission and gain unauthorized privileges, flooding of message by generating large quantity of transmissions, electronic emanations, geo-location, line tapping and malicious software.
In every business process, Information Technology (IT) has been integrated. Any company that uses computers creates more and more opportunities for cybercriminals. Many a time, the damage caused to cybercriminals is unrecoverable which forces many companies to close their organization.
There are various types of network security vulnerabilities:
1. System Updates
As technology develops, so the software gets updated which helps in improving cybersecurity. But many users use outdated software which allows criminals to take the advantage of IT vulnerabilities (Yaacoub et al., 2020).
An email can also cause a threat to security that contains malware and viruses. With automated email systems, email scanners could quarantine junk mail.
3. Login Information
To any company, unprotected account login information becomes the biggest threat to IT security. If attackers get the credentials, they can easily bypass the entire security system (Saeed, 2020).
4. Flash Drives
Through flash drives and devices that are similar to it, have easy opportunities to create places having malware and viruses that are into the computer systems.
This is another effective way through which attackers can bypass malicious software into the security system of the company's computers (Connolly& Wall, 2019).
6. Internet Access
On the internet, malware comes from different places. Some of the malware gets hidden in the web pages and is downloaded by itself while getting access to the page.
7. Bad User Practices
Bad user practices are the biggest threats to company cybersecurity. Even when all the systems are in place, it fails, when the staff has no idea how to use them. When any staff or user forget to lock or log out of the system while leaving their desks. This gives the attacker to access the computer systems and they don't even need the malware or other devices (Homoliak et al., 2019).
1.4 Recommended Countermeasures
It is recommended to follow certain rules to unwanted attacks:
- Avoid posting data on social media that are confidential.
- Promote education on various hacking tricks.
- Avoid unwanted friend requests accept through a social media platform.
- Loss of information needs to be configured properly to have a system configuration.
- Use strong authentication for user identity.
- No passing of credentials in plaintext over the wire.
- Get authentication cookies having Secure Sockets Layer (SSL).
- No secrets like passwords should be stored in plaintext.
- Use protocols having tamper-resistant to get cross-communication links.
- Use a digital signature and strong authorization and encryption.
- Need a secure communication link to get a protocol for message integrity.
- Use some throttling techniques that can be used for resource and bandwidth to validate and filter input.
Any network infrastructure needs primary components namely switches, routers, and firewalls. It will guard the servers and application from intrusions and attacks. It exploits poorly configured network devices (Bhatnagar, Som&Khatri, 2019).
To prevent information gathering the countermeasure to be included are:
- Routers configuration to restrict the responses of the footprint requests.
- Host the network software to configure the operating system and prevent footprinting through the disable unused protocols and unnecessary ports.
To prevent sniffing the countermeasure to be included are:
- Use networks that are segmented properly and use strong physical security. This prevents traffic from being collected locally.
- Use authentication credentials to encrypt communication fully and prevent sniffed packets that are usable to an attacker.
To prevent spoofing the countermeasures to be included are:
- Filter incoming packets that come from an internal IP address.
- Filter outgoing packets that originate from an invalid local IP address.
To prevent footprinting the countermeasures to be included are:
- Disabling unnecessary protocols.
- Having a firewall configuration to lock down the ports.
- For in-depth defense have TCP/IP and IPSec filters.
- Through banner grabbing, configure the IIS, and prevent disclosure of information.
- Pick up footprinting patterns and configure them by using IDS and reject the suspicious traffic.
To prevent password cracking the countermeasure to be included are:
- For any type of account, it is recommended to have a strong password.
- Limit the number of end-user accounts for lockout policies to make retry attempts and guess the password.
- No default names of accounts will be used nor any standard accounts to be rename namely the administrator's account and internet user account that has a web application.
- Attempts made for password hacking should be audit when logins failed.
To prevent denial of service, the countermeasures to be included are:
- Keeping the denial of service in mind, configure the operating system, services, and applications.
- Get updates with current patches and security.
- Harden the stack of TCP/IP.
- No exploitation of lockout policies of the accounts.
- High volumes of traffic are handled and place a threshold that could handle high loads abnormally.
- Review the failover functionality of the applications.
- Detect the denial of service attacks by using the IDS.
To prevent Viruses, Worms, and Trojan horses, the countermeasures to be included are:
- There are software patches and service packs for an operating system.
- Block unnecessary ports at the firewall and host.
- Disable protocols and services functionality that are unused.
- Make the default configuration settings hard.
From the above report, it can be concluded that for any company cybersecurity is a growing concern, and it is important for us to take cybersecurity seriously. The report has provided with clear knowledge about the various vulnerabilities that a business faces and what countermeasures are to be taken to avoid and prevent the business from such vulnerabilities.
Knowing the biggest threats of the business and protecting the company's sensitive data is a measure of concern for the business. To minimize the risks of cybersecurity, a lot of hard work, vigilance, and expertise is needed.
Al-rimy, B. A. S., Maarof, M. A., &Shaid, S. Z. M. (2018).Ransomware threat success factors, taxonomy, and countermeasures: A survey and research directions. Computers & Security, 74, 144-166.
Barrowclough, J. P., &Asif, R. (2018). Securing cloud hypervisors: A survey of the threats, vulnerabilities, and countermeasures. Security and Communication Networks, 2018.
Bhatnagar, D., Som, S., &Khatri, S. K. (2019, February). Advance Persistant Threat and Cyber Spying-The Big Picture, Its Tools, Attack Vectors and Countermeasures. In 2019 Amity International Conference on Artificial Intelligence (AICAI) (pp. 828-839).IEEE.
Connolly, L. Y., & Wall, D. S. (2019). The rise of crypto-ransomware in a changing cybercrime landscape: Taxonomising countermeasures. Computers & Security, 87, 101568.
Homoliak, I., Toffalini, F., Guarnizo, J., Elovici, Y., & Ochoa, M. (2019). Insight into insiders and it: A survey of insider threat taxonomies, analysis, modeling, and countermeasures. ACM Computing Surveys (CSUR), 52(2), 1-40.
Kibe, A. J. (2018). An Experiment to Determine the Effect of Ethical Hacking on It Administrator's Patch and Vulnerability Management Attitudes, a Case of a Leading Telecommunications Company (Doctoral dissertation, university of nairobi).
Mejias, R. J., Shepherd, M. M., Fronmueller, M., & Huff, R. A. (2019).Using Threat Vulnerability Asset (TVA) Methodology to Identify Cyber Threats and System Vulnerabilities: A Student Field Project Case Study.Business Education Innovation Journal, 11(1).
Meneghello, F., Calore, M., Zucchetto, D., Polese, M., &Zanella, A. (2019).IoT: Internet of Threats? A survey of practical security vulnerabilities in real IoT devices.Cyber security assignment IEEE Internet of Things Journal, 6(5), 8182-8201.
Saeed, A. (2020). Cross-VM network attacks & their countermeasures within cloud computing environments (Doctoral dissertation, Lancaster University).
Sharma, T., & Bashir, M. (2020, July). An analysis of phishing emails and how the human vulnerabilities are exploited. In International Conference on Applied Human Factors and Ergonomics (pp. 49-55).Springer, Cham.
Yaacoub, J. P. A., Noura, M., Noura, H. N., Salman, O., Yaacoub, E., Couturier, R., &Chehab, A. (2020).Securing internet of medical things systems: limitations, issues and recommendations. Future Generation Computer Systems, 105, 581-606.