Threats And Vulnerabilities Paper
Identifying Potential Malicious Attacks, Threats, and Vulnerabilities
Identifying Potential Malicious Attacks, Threats, and Vulnerabilities As a videogame development company, the network currently set is a sound system. However, security concerns are always present in an ever-changing technology. With 100 desktop / laptop computers connected to one server the potential threats and malicious attacks are a possibility. This report will analyze, identified and assess the potential impact of all vulnerabilities and malicious attacks and threats associated with the network. A threat is any action that could result in damage to the company’s asset, in this case, the network. For network computer threats can be malicious codes, viruses and …show more content…
unauthorized access. For a threat to materialize there must be vulnerabilities within network. Vulnerability is a weakness in the network system that can be exploit (Kim & Solomon, 2012). The first vulnerability is the email server. Our videogame company has a large list of customers, suppliers and employees. There are thousands of emails transmitted and received daily. This is vulnerable to phishing attack. Phishing attack is where the cyber attackers send email pretend to someone familiar to the receiver and tricked the user into taking an action. It can be clicking on a link or opening an attachment. These tricksters gathered information such as password and user name to get in the network. They can also infect the system with malicious link or malicious attachments to slow down or crash the system (Wyman, Scrivens, Hoffman, & Spitzner, 2013). In most cases the attacks are aiming at the individual’s personal information. However if the malicious attachments have virus or spyware the impact to the network can be major. The system may crash or the virus will wipe out all the customers and suppliers information. Network wise, we could be facing the three types of threats: Denial or Destruction, Alteration and Disclosure.
The most vulnerable point of our network is the Wireless Access Point. Unlike hard wired network, wireless does not have a physical boundary to ward off intrusion and exploitation from unauthorized users. Hackers use variety of methods to exploit this vulnerability such as sniffling, denial of service, bluesnarfing, bluejacking, Elvin twin and war drivers. Sniffling is where hackers use software to scan the open ports or vulnerable spot of the network so they can enter without permission. Denial of Service through the interfering with the wireless network frequency. This caused slow down on the network or sometimes no network activity. Combination of bluesnarfing and bluejacking will allow hackers to enter the portable device and steal data from the network. Elvin twin created false access point which the enable the hackers to monitor the network traffic from the user. War drivers is where the hackers through the use of laptop detecting SSIDs and security setting of the wireless network (Frankk, 2012).
On desktops and laptops the number one concerns is USB thumb drives. The vulnerability with this is most computers default to accept USB automatically. Any thumb drives including ones brought from home can be inserted to company’s network. These thumb drives can be easily infected or intentional coded scripts with malware such as Conficker worm (Manky, 2010). Conficker worm, also known as Downadup and Kido, main purpose is to allow hackers instant control of the network. It hides its track thus made it very difficult to remove. It disables security services such as third party firewall and anti-virus program. The Common Vulnerability Scoring System rated the Conficker worm 10.0 for its high impact and high exploitability (Burton, 2013).
Internal network connection presents another vulnerability. Network connection inside the offices intended for guests and temporary workers to connect. Cyber attackers can use these connection to log in to the networking. Giving enough time hackers can use Brutal-Force to access the network. This attack is based on trying all possible combinations and password to break the security (Kim & Solomon, 2012). This is especially vulnerable if the password is not changed regularly and the access levels are non-existence. Another type of attack is Insider attack. This normally carry out by disgruntle employees who would use their access to destroy or altered the sensitive information.
Smartphones and other digital devices are potential vulnerability in the work place. These portable devices are full functioning computers equipped with Wi-Fi connectivity. Hackers exploit the vulnerabilities that came with portable devices and combined it with the ease of connecting to the network to access the network. The danger here is these portable devices can capture any vital information within the company through its video camera or connecting to the network via wireless network.
Impact of these vulnerabilities and subsequent attacks can be devastating to the company. As a videogame company, our trade secrets must be kept securely. Our server for the online videogame must be available at all time. The optimum downtime is zero. Through the attacks such as denial of service the hackers can flooded the server with meaningless tasks causing the server to slow down or crash. The downtime will increase. Our customers will find other online service. Conficker worm or spyware in the email can intrude on our network and forward the company’s trade secrets to the hackers or competition companies.
To prevent these attacks we must establish a security policy and make it known to employees and our customers. Our network administrator must assigned level access on need to know basis. We must also implement firewall, anti-virus program in addition to the intrusion detection system. Regular update will ensure the latest virus definitions are identified. Encrypted sensitive data and control over endpoints that enter and exit the internal system will prevent internal hacking.
There are no perfect security networking system.
By identifying the vulnerabilities and potential attacks we can mitigate the risks to minimal. The recommendations stated above will improve our security and by continuous monitoring and updating we will keep the attacks to acceptable level. Our defined acceptable level should be no leakage from our company’s sensitive data.
References
Burton, K. (2013, Jan 20). The Conficker worm. Retrieved from SANS Network: http://www.sans.org/security-resources/malwarefaq/conficker-worm.php
Frankk, D. (2012, May 25). Important Security Issues in Wireless Networks. Retrieved from Examiner.com: http://www.examiner.com/article/security-issues-wireless-networks
Kim, D., & Solomon, M. G. (2012). Fundamentals of Information Systems Security. Burlington: Jones & Bartlett Learning.
Manky, D. (2010, November 8). Top 10 vulnerabilities inside the network. Retrieved from NetworkWorld: http://www.networkworld.com/news/tech/2010/110810-network-vulnerabilities.html?page=1
Wyman, B., Scrivens, W., Hoffman, P., & Spitzner, L. (2013, Feb 01). Email Phishing Attacks. Retrieved from SANS Institute:
http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-201302_en.pdf
Identifying Potential Malicious Attacks, Threats, and Vulnerabilities As a videogame development company, the network currently set is a sound system. However, security concerns are always present in an ever-changing technology. With 100 desktop / laptop computers connected to one server the potential threats and malicious attacks are a possibility. This report will analyze, identified and assess the potential impact of all vulnerabilities and malicious attacks and threats associated with the network. A threat is any action that could result in damage to the company’s asset, in this case, the network. For network computer threats can be malicious codes, viruses and …show more content…
unauthorized access. For a threat to materialize there must be vulnerabilities within network. Vulnerability is a weakness in the network system that can be exploit (Kim & Solomon, 2012). The first vulnerability is the email server. Our videogame company has a large list of customers, suppliers and employees. There are thousands of emails transmitted and received daily. This is vulnerable to phishing attack. Phishing attack is where the cyber attackers send email pretend to someone familiar to the receiver and tricked the user into taking an action. It can be clicking on a link or opening an attachment. These tricksters gathered information such as password and user name to get in the network. They can also infect the system with malicious link or malicious attachments to slow down or crash the system (Wyman, Scrivens, Hoffman, & Spitzner, 2013). In most cases the attacks are aiming at the individual’s personal information. However if the malicious attachments have virus or spyware the impact to the network can be major. The system may crash or the virus will wipe out all the customers and suppliers information. Network wise, we could be facing the three types of threats: Denial or Destruction, Alteration and Disclosure.
The most vulnerable point of our network is the Wireless Access Point. Unlike hard wired network, wireless does not have a physical boundary to ward off intrusion and exploitation from unauthorized users. Hackers use variety of methods to exploit this vulnerability such as sniffling, denial of service, bluesnarfing, bluejacking, Elvin twin and war drivers. Sniffling is where hackers use software to scan the open ports or vulnerable spot of the network so they can enter without permission. Denial of Service through the interfering with the wireless network frequency. This caused slow down on the network or sometimes no network activity. Combination of bluesnarfing and bluejacking will allow hackers to enter the portable device and steal data from the network. Elvin twin created false access point which the enable the hackers to monitor the network traffic from the user. War drivers is where the hackers through the use of laptop detecting SSIDs and security setting of the wireless network (Frankk, 2012).
On desktops and laptops the number one concerns is USB thumb drives. The vulnerability with this is most computers default to accept USB automatically. Any thumb drives including ones brought from home can be inserted to company’s network. These thumb drives can be easily infected or intentional coded scripts with malware such as Conficker worm (Manky, 2010). Conficker worm, also known as Downadup and Kido, main purpose is to allow hackers instant control of the network. It hides its track thus made it very difficult to remove. It disables security services such as third party firewall and anti-virus program. The Common Vulnerability Scoring System rated the Conficker worm 10.0 for its high impact and high exploitability (Burton, 2013).
Internal network connection presents another vulnerability. Network connection inside the offices intended for guests and temporary workers to connect. Cyber attackers can use these connection to log in to the networking. Giving enough time hackers can use Brutal-Force to access the network. This attack is based on trying all possible combinations and password to break the security (Kim & Solomon, 2012). This is especially vulnerable if the password is not changed regularly and the access levels are non-existence. Another type of attack is Insider attack. This normally carry out by disgruntle employees who would use their access to destroy or altered the sensitive information.
Smartphones and other digital devices are potential vulnerability in the work place. These portable devices are full functioning computers equipped with Wi-Fi connectivity. Hackers exploit the vulnerabilities that came with portable devices and combined it with the ease of connecting to the network to access the network. The danger here is these portable devices can capture any vital information within the company through its video camera or connecting to the network via wireless network.
Impact of these vulnerabilities and subsequent attacks can be devastating to the company. As a videogame company, our trade secrets must be kept securely. Our server for the online videogame must be available at all time. The optimum downtime is zero. Through the attacks such as denial of service the hackers can flooded the server with meaningless tasks causing the server to slow down or crash. The downtime will increase. Our customers will find other online service. Conficker worm or spyware in the email can intrude on our network and forward the company’s trade secrets to the hackers or competition companies.
To prevent these attacks we must establish a security policy and make it known to employees and our customers. Our network administrator must assigned level access on need to know basis. We must also implement firewall, anti-virus program in addition to the intrusion detection system. Regular update will ensure the latest virus definitions are identified. Encrypted sensitive data and control over endpoints that enter and exit the internal system will prevent internal hacking.
There are no perfect security networking system.
By identifying the vulnerabilities and potential attacks we can mitigate the risks to minimal. The recommendations stated above will improve our security and by continuous monitoring and updating we will keep the attacks to acceptable level. Our defined acceptable level should be no leakage from our company’s sensitive data.
References
Burton, K. (2013, Jan 20). The Conficker worm. Retrieved from SANS Network: http://www.sans.org/security-resources/malwarefaq/conficker-worm.php
Frankk, D. (2012, May 25). Important Security Issues in Wireless Networks. Retrieved from Examiner.com: http://www.examiner.com/article/security-issues-wireless-networks
Kim, D., & Solomon, M. G. (2012). Fundamentals of Information Systems Security. Burlington: Jones & Bartlett Learning.
Manky, D. (2010, November 8). Top 10 vulnerabilities inside the network. Retrieved from NetworkWorld: http://www.networkworld.com/news/tech/2010/110810-network-vulnerabilities.html?page=1
Wyman, B., Scrivens, W., Hoffman, P., & Spitzner, L. (2013, Feb 01). Email Phishing Attacks. Retrieved from SANS Institute:
http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-201302_en.pdf