Prepare a detailed written report discussing the potential security threats and vulnerabilities of a fictitious organization, Adventure Scuba and Diving Institute (ASDI). Please see the Specification section for more details on assignment submission requirements. Scenario: Adventure Scuba and Diving Institute (ASDI) is located in the United States and offers training and certification programs for scuba and deep sea diving. ASDI is a premier training school in the area of diving and scuba and has developed a wealth of proprietary training resources, videos, guides and manuals. The school suspects that competitors have tried to breach the organization’s computer systems to gain access to these training materials. ASDI’s network is comprised of two web servers, two file servers, one email server, 50 employee workstations, and a 50-workstation student computer lab. The school also has public and private Wi-Fi availability throughout the campus. Your firm has been hired as the IT security analyst to review, evaluate, and make recommendations with respect to maintenance of security of the organization’s computer and network systems. You have been charged by your supervisor to prepare a preliminary report documenting the most critical security threats that ASDI faces.
Below are three links that can help with the research and analysis:
1. https://www.helpnetsecurity.com/2010/11/15/top-10-security-threats-for-2011/
2. http://cve.mitre.org/find/index.html
3. https://www.flexerasoftware.com/enterprise/
Your supervisor has asked you to consider and account for the following questions as you shortlist the threats and prepare your report:
What threats are new this year and which have become more prevalent?
Why are these threats more common and why are they important?
What threats remain constant from year to year? Why?
What threats do you believe will become more critical in the next twelve months? Why?
Has an exploit been released?
What is the likelihood of an exploit?
How widely used is the software or system?
What threats are new this year and which have become more prevalent?
- this year, we expect to see a growing awareness to security incidents of an “insider job” nature. Attention will grow as a consequence of an increased flow of incident reports where data theft and security breaches are tied to employees and other insiders.
Also, Man in the browser attack sophistication is going to increase, as well as moving forward to more types of online applications. the Man in the browser attack is one of the most dangerous types of attacks a cyber criminal can use. This method employs the usage of a Trojan Horse or similar malware to gain important information from users of websites, especially banking and credit card information. It is a piece a code that alters and adds different input fields to a webpage you are visiting. Since the URL is not changed, you believe that the site needs that information, you simply fill it in.
Then , we expect social platforms to invest more resources in improving the security posture of the platform. These measures will provide improved protection against application layer attacks, stronger authentication and account control features, as well as better malware detection systems.
We expect to see a growing number of data breaches where compromised data is in the form of files rather than database records. Consequently, organizations will rush to look for the proper tools to control access to repositories of unstructured data, mainly file servers. We estimate that the number of compromised files, and the number of organizations that suffer a massive file related security breach, will rise.
Why are these threats more common and why are they important?
In today’s social networking platform, both security and trust are in danger. Cross-site scripting (XSS) and cross-site request forgery (CSRF) vulnerabilities are quickly translating into massive worm out brakes.
Our enterprise most common secuirty threat will be from the breach of the company's database.
memory dump attack
A memory dump attack is the capture and use of RAM content that was written to a storage drive during an unrecoverable error, which was typically triggered by the attacker. Since, the design of the enterprise consists of so many intermediate networks, it is likely that a hacker can temporarily shut down systems and gain access to valuable cacche memory.
then we'll need to address the risks presents in workstations.
First,we must protect company information on the workstation from theft and disclosure by someone who gains physical access to the computer through theft or loss.
Second, we need to prevent the workstation from becoming infected with malware, which can wreak havoc on the workstation as well as your network and expose confidential information.
Thirdlly, we need to protect the workstation from the end user, who might disable security settings or install unauthorized software, both of which could expose the computer to the problems I previously mentioned, as well as expose the company to legal liability associated with software license violations.
then, we need to protect against network attacks where an intruder on the network actively breaks into the workstation through an open port or insecure application.
also , we will encounter email related threats like
Spam and Viruses- they are slowly becoming one and the same. they can slow our servers or completely shut them off, like a "zombie".
"dictionary attacks," this technique steals proprietary information from corporate directories. During a DHA, spammers attempt to deliver messages to multiple addresses, such as [email protected], [email protected], and [email protected]. Addresses that are not rejected by the receiving mail server are determined to be valid. A successful DHA can net a spammer thousands of corporate email addresses in just a few minutes.
What threats remain constant from year to year? Why?
basic IT sector which remain common from year to year shall be
Viruses - most companies receive lots of infected emails or files. Worms or trojans are the most maligned.
Then , after effects of virus attacks are also dangerous. The vulnerability here is the back doors viruses leave in their wake, or the chinks in the corporate armour that later generations of code can exploit. Students in campus connected to the same wifi networks or even remotely based hackers can access our important files!
Hacking in general, will remain a constant threat. with us being deployed in and around campus, leads to us being more open to potential hacks!
What is the likelihood of an exploit?
An exploit happens when that flaw, or software/hardware vulnerability, is exploited and attackers release malware before a developer has an opportunity to create a patch to fix the vulnerability.
No, as per the information provided here, exploit has not yet been released!
The likelihood of an exploit in this case is moderate ranging to being probable. Given the conjusted and the people in co-ordance with the students and the campus while there is a greater chance of mischief.
How widely used is the software or system?
The system is in use regulaly, whilst it can see a rise in usage if the schools decides to held diving competitions or activities! As it is ,we can expect continuous usage of out platform by students who are in to the sport and can continue to believe that the usage numbers would only go up given the nature of the sport continuously catching the eye of school generations!
--------------
Get Answers For Free
Most questions answered within 1 hours.