Wednesday, July 17, 2019

Identifying Potential Malicious Attacks Essay

We eat up been tasked by the CIO to gulp a report identifying capabilityly despiteful violates, terrors, and vulnerabilities specific to our organization. Further, the CIO would like us to shortly explain each item and potence opposition it could comport on the organization. venomous Network AttacksNetwork round out is commonly defined as an infringement on your interlock infrastructure that depart outset collapse your environment and collect tuition in order to exploit the animated open ports or vulnerabilities this may take on as well illegitimate devil to your resources (Symantec, 2013). We will first have to analyze the potential attacks we need to protect against, and the potential impact those attacks could have on the communicate. The bulk of threats we will encounter argon classified ad as viruses, hacks, and intermix attacks. 1. calculator viruses. A Virus is a course of study that is activated by attaching copies of itself to viable objects. Viru ses send packing reach your reckoner from other give calculators, via selective information potent point (CD, DVD, etc.) or through a profit (local or Internet). (Symantec, 2013). Due to the shear absolute frequency of virus attacks, we shall list them number one. check to a Department of Trade and industry (DTI) survey, 72% of all companies received infected e-mails or registers last social class and for large companies this rose to 83% (Vernon, 2004). The potential impact of the electronic net becoming infected with a virus could be devastating.File destruction, file corruption, disabling user programs, loss of tiny data and overloading the internet ar expert a few of the potential impacts of a virus. Viruses preserve be introduced in to the network in m whatsoever ways. Employees downloading /using unauthorized programs, opening and executing infected e-mail attachments, bringing infected files from home on a thumb drive or CD, finding the network with their smart phone, etc. tally to a survey of IT mangers conducted by SupportSoft, 75% said their companies are notadequately protected from, or able to embarrass, computer virus attacks, and 74% said their companies are hit monthly with one or more computer viruses. (SupportSoft, 2005)2. Hacking. Despite the chronic problem of Denial of Service (DOS), and use Denial of Service (DDoS) attacks, the latest threat is SQL injection attacks.This type of attack takes service of improper coding of web applications that allow outside users (hackers) to inject SQL commands that allow access to the companys database. This results in insure selective instruction creation confused with non estimab conduct information. In other words, passwords, classified or branded information is confused with public information such(prenominal) as product detail or contacts by the database, allowing hackers to access the secure information. A report by the halfway for Strategic and International Studies in capital of the United States estimated that it comprise the global economy $ three hundred billion a year and cyber indemnity is the fastest-growing specialty insurance ever worthy around $1.3b billion a year in the US. (Lawson, 2014). It is not only the cost of information that should be considered, barely as well the cost of muddled employee productivity, network downtime, and increase IT personnel cost.3. Blended Attack.A blended threat is a multi-pronged attack against networked computers. Symantec describes a blended threat as an attack that combines viruses, worms, Trojan Horses, and malicious code with innkeeper and Internet vulnerabilities to initiate, transmit, and spread an attack. Blended threats are designed to propagate quickly, like worms, tho instead of relying on a single-attack vector (such as email), blended threats are designed to use whatever propagation rails exists. (Piscitello, n.d.).A blended threat ordinarily takes over the administrative priv ileges on the computer and is and so able in possibility to perform any surgical operation available, thus enabling keystroke logging file copying, remotion or modification communications monitor and modification and unauthorized service operation (Piscitello, n.d.). The use of the Bring Your Own gubbins (BYOD) form _or_ system of government by umpteen companies, has led to the escalation of blended attacks due to the often languorous approach that nigh users take concerning wide awake phone surety. With a lack of anti-virus and anti-malware bundle installed, these dodges post a real warrantor risk when connected to the company network. With most employees using their mobile device for some(prenominal) work and private use, stored business contacts and texts could be compromised.Security Controls (Personnel)All three of the network risks identified above pose not only the threat of malicious attacks, but besides the threat of data stealth and loss. We must mitigate t he risk to our network and the intellectual property and highly clarified data contained within that network. The first feel would be to conduct a check out or analyse of our user and network security measures policies. An annual user instruction session should be instituted containing the following staple fiber policies No installation of unauthorized parcel on company machines. neer succeed someone else your user name or password. Log arrive at of the computer when not in use Never offer intellectual or sensitive information to unknown users, especially through email. Never open email attachments, especially executable files, from unknown sources. Implement a strong password policy with mandatory changing of passwords within certain timeframes.These company policies put up help mitigate internal threats that can occur by accident or intentionally. Users should also be trained in the identification of malware and the proper reporting procedures by and by it has been identified. All IT personnel should have acquaintance of the latest threats and responses to those threats. If it is identified that IT personnel look additional training/certification, this should be provided if financially feasible.Security Controls (Hardware/Software)The first step would be to conduct a thorough audit of network security hardware and software. A reconnaissance and probing test could be performed with Zenmap GUI (Nmap) to identify security deficiencies such as open ports. The best falsifying against malicious attacks is a multi-layered approach. A server Intrusion Detection transcription (HIDS) to accompaniment the Network Intrusion Detection System (NIDS) should be installed. An additional NIDS should be installed within the firewall which would detect any attacks that may pass away by the firewall. Host computers connected to the network should be isolated from the rest of the network. We should also harden our software/hardware, which is a var. where unnecessary services are turned off and protected ones are left(a) running. A review of the anti-virus and anti-malwaresoftware should be done.All software should be up to date with the latest virus/malware definitions and updates. practise virus and malware contemplates on all network devices and computers on a consistent basis. radiocommunication Access Points (WAP) should have the latest encoding installed to ensure only authorized users have access. A BOYD security policy should be employ, whereas all mobile devices under the BOYD program are susceptible to the same security policies as company assets. A policy much like Cisco has implemented should be considered.Their policy requires all users to have at least a four-digit PIN, and the device to have an auto-lock setting that triggers in 10 minutes or less. Cisco also reserves the right to wipe any device remotely if its lost or stolen. The company controls corporate data on its network, using a compounding of security access PINs, encryption tools and read-only features that prevent highly confidential data from being copied, downloaded or emailed. It also uses monitoring tools to scan all Web requests for malicious electrical capacity if a device starts behaving strangely, the IT team can quarantine it or kick it off the network. (Gale, 2013).ConclusionWith an ever evolving, infinite add of threats to a network, there are many available solutions to attempt to mitigate that risk. culture personnel on best security practices, creating a secure network with firewalls including intrusion detection and anti-virus/malware software, to performing security audits will help ensure the best workable defense against a malicious attack against the network.Works CitedGale, S. F. (2013, April 2). BYOD Brings Security Risks for Companies. Retrieved July 14, 2014, from workforce http// Lawson, A. (2014, may 23). Businesses need to wake up and sense the hackers. Retrieved July 23, 2014, from The Independent http// Piscitello, D. (n.d.). What is a blended threat? Retrieved July 23, 2014, from The Security disbeliever http//

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.