Assignment 1: Identifying Potential Malicious Attacks

William

Professor Chintan Thakkar

CIS 333: Network Security Fundamentals

April 30, 2017

Malicious Attacks, Threats, and Vulnerabilities

Introduction

            As an “Information Security Engineer” in a video game company, present the information about the malicious attacks, threats, etc. that the company faces. The CIO of the company sees reports of malicious activity being on the ascent and has turned out to be extremely worried about the insurance of the intellectual property, and profoundly delicate information kept by the organization.  Information Systems Security has been, and keeps on being a noteworthy worry for organizations, as technology additions force each moment (Axel Buecker, 2011). Data is a key asset inside an organization, and along these lines, it contains the possible arrangements for the achievement of the firm. The security system does not try to secure just part or a few fragments of the framework yet comprehensively introduce measures to shield it from any damage or vindictive exercises. The CIO of the company will utilize firewalls, intrusion detection systems, infection scanners and other protective software to give some affirmation that the security arrangements for the site are legitimately actualized (David Kim, 2016). Firewalls are the premise of PC and system security guard. They are difficult to design legally, and individuals who arrange them may not know the present threats and assaults.

Potential Malicious Attacks

            One particular attack that could compete for this network would be an attack to the Firewall. The way this could be completed is by Media Access Control (MAC) address parodying. MAC addresses resemble identifiers for gadgets on a system. Somebody might need to copy a MAC address with a specific end goal, to degenerate documents or take transfer speed on a system (Bogdan Vamanu, 2008). MAC address could likewise be utilized as an approach to lead different attacks later on, or interface the target’s IP address with the MAC address they utilize.

            Another attack that could be performed on the system would be at the application layer. The application-layer attack focus as an approach to routine upset operations of a working framework as well as its applications (Reddick, 2009). It could give an attacker a chance to get to the security controls on the scientific framework, enabling them to make attacks later on.

            Not only can application-layer attack typically upset operations, but it can intrude on getting to the controls, applications, system settings, the system, and additionally permit infections and malware into the system, adjust, include or erase information and present different sorts of risky software (Axel Buecker, 2011).

            Another attack that could be launch against the network would be an attack on the Wireless Access Point (WAP). An example of this would be a Denial of Service assault (DoS), which purpose is to keep a client from accessing their data on the system. A DoS attack lead by flooding a system with defective bundles, which confines real movement and makes a framework inert (Aquilina, 2016). The attacker is blocking authentic movement on a network by sending a huge amount of defective demands on that network.

Impact of Malicious Attacks

            MAC address spoofing can bring about an aggressor accessing other data they can use to share in various assaults. For instance, the assailant can take in the casualty's IP address on the network, and after that, take information implied for the victim's PC to send to the aggressor. In an Address Resolution Protocol (ARP) spoofing assault, the assailant conveys a progression of caricature ARP messages, which can connect the IP address of a client on a network with their MAC address (sans, 2009). They are likewise ready to utilize an ARP spoofing assault to help them have the capacity to lead different sorts of assaults, including DoS attacks. Since an ARP spoofing attack happens on a system, it can get and alter information that is in travel and stop activity on LAN.  MAC address spoofing may likewise enable an aggressor to take an honest to goodness MAC address and utilize it as their address by some cloning utility or by using Windows registry (Bogdan Vamanu, 2008).

            Application layer attacks use as a way to degenerate and objectives operating system or applications. They can then bypass access controls and access the objectives framework, system, and information. The attacker can then alter, erase, or include information, including programming and infections on the framework and the system (computer weekly, 2007). They can likewise change the operating system and alter security controls, which can thus enable them to do different types of attacks and execute malware programming. With application layer attacks, the attacker can degenerate your whole framework.

            Denial of Service attacks (DoS) block good traffic by flooding the system. It can bring about intrusions in joint action on a system, and at times can totally close down a system. These sorts of attacks can focus on various layers of the OI show, one of which incorporates the physical layer. DoS attacks are difficult to find, since they don’t show any proof that an assault has happened (Bogdan Vamanu, 2008).

            Notwithstanding utilizing encryption like Wired Equivalent Privacy (WEP) verification won't keep this sort of attack because the assailant can catch traffic on the system and use it to decide the WEP key.DoS attacks can intrude on normal operations on a system making issues for individuals attempting access benefits that the real PC needs to access.

Security Controls

            To prevent such occurrences from happening the system should shield from any potential danger of data theft or misuse. Both the physical as well as a logical system to anticipate passage by unapproved workforce ought to be improved which will avoid specialized exposures.

            There should be appropriate information given, in order for the staff to knows the set of current rules and limit natural exposures. The web security ought to be the first concern of the organization's security division (Reddick, 2009). There ought to measure like review trail, recognizable proof entrances and standard and conventions set up with the assistance of programming that secures the data systems. Keeping in mind that the end goal is to secure against DoS assaults, the association ought to execute firewalls, and IP switch WAN interfaces that piece open organizations. Documentation of the network plan and the reason for it can likewise be utilized as a part of review of circumstances to depict changes and monitor the subtle elements of a system.

Potential concerns for Data Loss/Theft

            Potential concerns for data loss and or theft on the documented system could incorporate social blunder, assaults against servers, or malware that taints PC networks. There is potential for human error regardless of what number of steps you take to ensure a system is protected. The human error is one of the most difficult things to control. A few cases of human error that could bring about information misfortune is usually by opening spam email messages and tapping on an undermined or malicious document connection (Bogdan Vamanu, 2008).

            It is disregarding the set computer safety protocols that contribute to these infestations.  Such human errors such as going to unauthorized sites, opening span email, clicking open attachments from unknown senders contribute to these attacks.To secure against DoS attacks the association ought to implement stateful firewalls and IP switch WAN interfaces that square open organizations. Documentation of network design and reason can likewise be utilized as a part of review circumstances to depict changes and monitor the points of interest of a network.

Impact of Selected Concerns of Data Loss/Theft

            Losing data can bring about loss profitability. One client not following a well-plannedinformation security system, can lead to compromised data and loss of money.  Opening a malicious document could mean giving an assailant access to your whole system and the data on that system. Server attacks, such as surreptitious give aggressors access to data transmission on the network that they can then take or change (cisco, 2014). Trojan attacks can duplicate themselves, open indirect accesses in systems and PCs, or allows the transfer or download of records, and information on a framework. Trojan attacks are fit for various distinctive acts that could be conceivably disastrous to the network. They give an aggressor authorization to do what they need on your network, contingent upon what the code composed for the Trojan permits.  Some Trojan virus are: Trojan-Mailfinder, Trojan-GameThief, Trojan-FakeAV, Trojan-Ransom, Trojan-Spy, etc.

Controls for Preventing Data Loss/Theft

            One approach to secure a network against human error is to give instructions to clients to help them understand why the security protocols are set up and give them a motivating force to follow those strategies. For instance, you can make it clear that infringement of following those protocols will bring about the end of their benefits or loss of their job(Gibson, 2015). In order to shield servers from various sorts of assaults like listening in, would execute encryption and cryptography for interchanges over the network. One approach to ensure against malware attack is to have antivirus and antimalware programs installed, like Norton Internet Security. Staying up-to-date with the latest updated in antimalware programs and informed on various sorts of malware and vulnerabilities, can guarantee that they are more observant (Gibson, 2015).

            Firewalls and Network Intrusion Detection Systems can likewise be executed to diminish the danger of assaults on a network. It is imperative to implement layered security, to guarantee a system is ensured crosswise over various layers.

References

Aquilina, A. (2016). D/Dos: Denial of Service Attacks. Retrieved from incapsula: https://www.incapsula.com/ddos/denial-of-service.html

Axel Buecker, K. B. (2011). IBM Security Solutions Architecture for Network, Server and Endpoint.

Bogdan Vamanu, M. M. (2008). Understanding Malicious Attacks against Infrastructures.

cisco. (2014). Data Leakage Worldwide: Common Risks and Mistakes Employees Make. Retrieved from cisco: http://www.cisco.com/c/en/us/solutions/collateral/enterprise-networks/data-loss-prevention/white_paper_c11-499060.html

computerweekly. (2007). Top seven data loss issues. Retrieved from computerweekly: http://www.computerweekly.com/feature/Top-seven-data-loss-issues

David Kim, M. G. (2016). Fundamentals of Information Systems Security.

Gibson, D. (2015). SSCP Systems Security Certified Practitioner All-in-One Exam Guide, Second Edition.

Reddick, C. G. (2009). Homeland Security Preparedness and Information Systems: Strategies for Managing Public Policy: Strategies for Managing Public Policy.

sans. (2009). Protecting Against Insider Attacks. Retrieved from sans: https://www.sans.org/reading-room/whitepapers/incident/protecting-insider-attacks-33168