Aircraft Solutions (AS), located in Southern California helps customers through all phases of new product development from prototypes to final large-volume production and assembly. Aircraft Solutions is a leader is design and fabrication of component product and services for companies in the electronics, commercial, defense and aerospace industry. AS’s mission is to provide customer success through machined products and related services and to meet cost, quality and schedule requirements.
Potential Security Weakness I: Hardware Vulnerability
Aircraft Solution has a firewall vulnerability that weakens the network infrastructure. There are insufficient firewalls protecting AS’s headquarters, currently there is only one Firewall between the Defense Division (DD) router and the main router. A firewall establishes a barrier between a trusted, secure internal network and another network (e.g., the Internet) that is not assumed to be secure and trusted. The Chula Vista site lacked a firewall connection resulting in a direction connection to the Internet. Without a firewall in place, all of the company computers are directly accessible to anyone on the Internet.
Possible network infrastructure threats arise from two sources, …show more content…
external and internal sources. In recent years, a growing best practice has been to deploy firewalls not only at the traditional network perimeter-where the private corporate network meets the public Internet-but also throughout the enterprise network in key internal locations, as well as at the WAN edge of branch office networks (Deploying Firewalls Throughout Your Organization, 2014). This distributed-firewall strategy helps protect against internal threats, which have historically accounted for a large percentage of cyber losses, according to annual studies conducted by the Computer Security Institute (CSI) (Tyson, 2014). External threats are still a matter of concern, considering most external attacks focus on crashing computers and networks by using Denial of Service (DoS) attacks. Hackers are searching for confidential data that they can abuse for profit, such as sales contacts, financial data, or customer account information. Still others might be amassing hundreds or thousands of computers from which to launch a distributed attack against a single network on the Internet (2013 Threat Report, 2014).
More than ever, AS’s network infrastructure is vulnerable to cyber threats; according to Websense.com, 2012 was a significant year in cyber-attacks on businesses and governments, on average 70 percent of its customers experienced a weekly average of 1,719 attacks per 1,000 users. These attacks include web threats initiated through social media, mobile devices, email and other attack vectors.
Should Aircraft Solution not reinforce its company’s firewall, their financials and their customer’s financial and intelligence data may be compromised or stolen. The negative effects of that this may have to their business reputation could devastate the company financially to the point of removing themselves from the market.
Recommendation:
As a recommendation for
Potential Security Weakness II: Policy Vulnerability
Aircraft Solutions weak security policy, requires that all firewalls and router rule sets are evaluated every two years.
Firewall rules set reviews are performed to significantly strengthen an organization’s perimeter security and network segmentation, and to verify that the network segmentation meets best practices and supports the client’s/ customer needs. Frequent and thorough firewall audits are critical to reduce business risk exposures on an on-going basis, and are also required for to demonstrate compliance with many information security regulations and best practices (technet.microsoft.com, 2014). A cycle of every two years seems dangerous and reckless since technology and attacks with technology are evolving
daily. The likelihood of a threat is high, because the assessment are done every two years. It’s necessary to review the firewall log, it may reveal unauthorized access attempts from within or outside the network.
Unsuccessful logins to AS’s firewall or to other critical servers could be a sign of a penetration attempt, and may prompt AS to block or drop all connections from that domain or IP address as a rule. The same goes for unexpected outbound connection, it may be a sign that an unauthorized user has gained access to the system and is using it as a launching pad for spam or to attack other computers from AS servers (Deploying Firewalls Throughout Your Organization, 2014).
The consequence of not evaluating the firewall and router rules is the amount of time and money that AS would have to spend to repair and assess the damage created by adware. If the adware aids the attacker access the Headquarter servers where then it may compromises the company files giving access to customer’s designs. If the systems main communication is impaired then is may cause system malfunction and loss of functionality and operational effectiveness.
Compromising client data and their designs could open the door to legal battles and loss of competitive edge and clients. The loss of financial capital in an attack of sorts could prevent AS from gaining or retaining investor or new clients; which could put Aircraft Solutions out of business. References
2013 Threat Report. (2014, January 22). Retrieved from http://www.websense.com/: http://www.websense.com/assets/reports/websense-2013-threat-report.pdf
(2014, January 25). Retrieved from technet.microsoft.com: http://technet.microsoft.com/en-us/library/cc700820.aspx
Deploying Firewalls Throughout Your Organization. (2014, January 21). Retrieved from http://www.cisco.com: http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5708/ps5710/ps1018/prod_white_paper0900aecd8057f042.ht
Five Critical Rules for Firewall Management. (2014, January 24). Retrieved from Secureworks.com: http://www.secureworks.com/assets/pdf-store/articles/five_critical_rules_for_firewall_management
Tyson, J. (2014, January 25). How Firewalls Work. Retrieved from HowStuffWorks.com: http://computer.howstuffworks.com/firewall.htm