IS4560 Unit 1 Assignment 1 
Randy Murphy
IS4560
Unit 1 Assignment 1
In this assignment we are asked to identify the major threats and security concepts from a whitepaper located on the internet: http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_internet_security_threat_report_xv_04-2010.en-us.pdf. This report stated that: “There are a number of recent and growing trends in the threat activity landscape that were observed by Symantec in 2009.” These threats are identified as:
* Malicious code activity
* Tends to increase in countries experiencing rapid growth in broadband infrastructure and connectivity, , readily available malicious code kits are making it simple for attackers to mount attacks, the online underground economy and malicious activity are benefiting from the downturn in the global economy.
* Web-based targeted attacks on enterprises are increasing
* Targeted attacks using advanced persistent threats (APT )
* Designed to remain undetected in order to gather information over prolonged periods. This type of attack has been observed in other large-scale data breaches that caused large numbers of identities to be exposed
* Hacking attack using an SQL-injection attack
* The hackers can gain access to a company’s payment processing network. The attackers then installed malicious code designed to gather sensitive information from the network, which allowed them to easily access the network at their convenience.
* Researching publically available information about a company or its employees
* Creating phishing emails messages, also referred as spear phishing, that will be sent to the company or even specific staff employees.
* Messages often contain attachments that exploit weaknesses in client-side applications, or links to websites that exploit vulnerabilities in Web browsers or browser plug-ins.
* A successful attack could give the attacker access to a company’s network.
IS4560
Unit 1 Assignment 1
In this assignment we are asked to identify the major threats and security concepts from a whitepaper located on the internet: http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_internet_security_threat_report_xv_04-2010.en-us.pdf. This report stated that: “There are a number of recent and growing trends in the threat activity landscape that were observed by Symantec in 2009.” These threats are identified as:
* Malicious code activity
* Tends to increase in countries experiencing rapid growth in broadband infrastructure and connectivity, , readily available malicious code kits are making it simple for attackers to mount attacks, the online underground economy and malicious activity are benefiting from the downturn in the global economy.
* Web-based targeted attacks on enterprises are increasing
* Targeted attacks using advanced persistent threats (APT )
* Designed to remain undetected in order to gather information over prolonged periods. This type of attack has been observed in other large-scale data breaches that caused large numbers of identities to be exposed
* Hacking attack using an SQL-injection attack
* The hackers can gain access to a company’s payment processing network. The attackers then installed malicious code designed to gather sensitive information from the network, which allowed them to easily access the network at their convenience.
* Researching publically available information about a company or its employees
* Creating phishing emails messages, also referred as spear phishing, that will be sent to the company or even specific staff employees.
* Messages often contain attachments that exploit weaknesses in client-side applications, or links to websites that exploit vulnerabilities in Web browsers or browser plug-ins.
* A successful attack could give the attacker access to a company’s network.