Twelve Security Attack Trends of 2011 - Essay Example

 Twelve Security Attack Trends of 2011 PART I 1. Twelve Security Attack Trends of 2011 The first security threat is from the man in the browser (MITB). It is the attack on browser software used for accessing internet. Leading browsers are Microsoft Internet Explorer 8.0, Chrome from Google, etc. People involved in the business of hacking widely adopt this attack. Security products are not yet able to launch any remedy for it (ComputerWeekly 2010) The second security threat is about file security which is from sharing of files, applications and database that is growing at the rate of 60% annually. File sharing is getting popular day by day specially after launching of Microsoft product Sharepoint. Expansion of Payment Card Industry (PCI) Data Security Standard (DSS) technology to organizations and files besides databases and web applications have open new doors for the attacks Careful measures are needed to protect attacks such as data thefts and files manipulations (ComputerWeekly 2010) The third security threat is from the growth of Smartphones market due to its integration with various web applications and global databases. Intimation to consumers about completion of each and every transaction in their account through SMS messaging services has generated new opportunities for hackers who could use the path of sending data outside the domain for attack. This path of data transition can be used by intruders for data theft and unauthorised access (ComputerWeekly 2010) The fourth security threat is from cloud computing as the large infrastructure of information technology is now rapidly shifting to cloud where hackers and intruders are already present. They will come side by side and the chance of security breach will increase. Opportunities for attacking will develop with the development of consumers and customers of cloud computing (ComputerWeekly 2010) The fifth security threat is from insider. The high rate of job loss due to economic recessions have built a huge source of people who are frustrated and disgruntled and ready to take revenge or make money. The economic pressure and opportunities for selling information may pose serious threats to their previous employers (ComputerWeekly 2010) The sixth security threat is from social networks which have attacked privacy of many people by collecting information in the name of personal profiles. Tricks such as false promises and incomplete information are used to attract people for collection of personal information (ComputerWeekly 2010) The seventh security threat is from convergence of regulations of most countries and to have global laws for data security and privacy. This can bring many more opportunities for intruders and hackers (ComputerWeekly 2010) The eighth security threat is from the separation of cyber security and business operations. Keeping cyber security apart from business operations has created huge opportunities for hackers and individuals. The trend of making cyber security the part of business operations is developing rapidly for example Intel Corporation made acquisition of McAfee and HP of Fortify (ComputerWeekly 2010) The ninth security threat is from the proactive approach of security practitioners which has although helped in catching more hackers, created strong professional ‘bar’ of hackers (ComputerWeekly 2010) The tenth security threat is from the attacks of hackers on industry. Success of industrialized hackers has encouraged many more hackers to learn and adopt this approach (ComputerWeekly 2010) Figure 1 shows the extract from (ComputerWeekly 2010) which describes the above ten security threats of 2011 Figure 1: Extract (ComputerWeekly 2010) The eleventh security threat is from cyber war which began with the leakages of Stuxnet and Wikileaks. It suggested that the Government of China was involved in cyber-attacks on Google and others. Government involvement in cyber-attacks on other countries’ data banks and critical information centers is one of the biggest threats for future (Panda Security 2010) The twelfth security threat is from social engineering. The spread of social networks like Facebook and Twitter and trust of people have provided excellent working environment to cyber-criminals. Creation of fake websites and positioning them in leading search engines allow cyber-criminals to reach many users who are trapped in fake deals which results in data theft and money loss (Panda Security 2010) Figure 2 shows the extract from (Panda Security 2010) which describes the above two security threats of 2011 Figure 2: Extract (Panda Security 2010) 2. Layer approach in Security Layer is the software components grouped logically and integrated to form a service or application. Figure 3 shows how US Aviation Security uses Layer approach to secure terrorist attack. Each layer is a group of activities arranged logically to perform security function. It may have resources other than software components like hardware, human beings, authentication and biometric verification systems, etc. (Course Handouts 2006) Figure 3: Layer approach in Security (Transport Security Association n.d.) Another example of Layer approach is shown in Figure 4. It illustrates an Application Layer having layers for Presentation, Business and Data. (Course Handouts 2006) Figure 4: Application Layer (Course Handouts 2006) Presentation layer represents web browsers and other interactive programs that communicate with the user. Business layer represents software components and program that implements business logic. They are mostly customized to used needs. Data layer represents software components like SQL server, etc. that store and retrieve users and systems data such as customer records, account records, users log, users rights, etc. (Course Handouts 2006) In security, the Layer Approach will have a set of software and hardware components grouped on the basis of their functionality with the common objective of providing strict security from all types of hazards and risks. 3. Eight Security Dimensions of ITU X.800 model for OSI Figure 5: Eight Security Dimensions for ITU X.800 model for OSI (International Telecommunication Union 1991) International Telecommunication Union (ITU) recommends X.800 as Reference Model for open systems interconnection (OSI) which is a framework for interconnection of systems. The eight dimensions of OSI framework consists Encipherment, Digital signature, Access control, Data integrity, Authentication exchange, Traffic padding, Routing control, Notarization and each one of these mechanisms employ different type of services as shown in Figure 5. (International Telecommunication Union 1991) 4. Cloud computing and associated risks Cloud computing as illustrated in Figure 6 is a rapidly developing utility like electricity, telephone, internet, etc., which can be bought and consumed by any users having a computer and internet services can without investing huge amount on infrastructure of hardware and software technologies (Buyya, R, & Yeo, CS, & Venugopal, S 2008) Figure 6: Illustration of Global Cloud (Buyya, R, & Yeo, CS, & Venugopal, S 2008) Information technology infrastructure that is hosted on internet and its services are also delivered on internet is known as cloud computing. In flowcharts and diagrams internet is mostly represented as cloud and therefore ‘cloud computing’ buzz word refers to the computing facilities on internet. The three distinct attributes of cloud computing that differs it from traditional hosing services are sale on demand by minute or hour, user has freedom to utilize as much time as he needs and the required services and technologies are fully provided and managed by the provider (TechTarget 2011) There are two types of cloud computing services; private and public. Public services are sold to general public; any one who access internet can get it. Amazon Web Services is the largest service provider of public cloud computing. Private services are sold to only specific people for their private use; it is normally proprietary cloud service. Virtual Private Cloud is created through an instance of public cloud (TechTarget 2011) Cloud computing has three categories; Infrastructure-as-a-Service (Iaas), Platform-as-a-Service (PaaS) and Software-as-a-Service. The Infrastructure-as-a-Service provides an instance of a server as Virtual Server which is fully managed on day to day basis by the provider. Services like configuring the server and storage devices, backup, power supply, start-up, stoppage, etc. are all supplied and controlled by the provider. Customer is built only for the time he utilizes. At times it is also called utility computing. (TechTarget 2011) Platform-as-a-service provides deployment of operating system, application packages and development tools as a service. APIs, gateway of portals are used to deploy client version of the software on the customer computer. Examples of PaaS service providers are Force.com and GoogleApps (TechTarget 2011) Software-as-a-service provides both the hardware and software as a service Customer is given access through a front-end portal. This service can be used from any where in the world as every thing from hardware to data are all managed by the provider. The user has nothing to worry about (TechTarget 2011) Cloud computing has many advantages but there are many threats as well which are associated with it. Figure 7 shows seven important threats posed by cloud computing services. Figure 7: Threats of Cloud Computing 5. Vulnerability of Network Services by UEL IT system Vulnerability of Network Services means faults or errors which result in the disruption of network services such as network slow down, non-functioning or hang-ups, unauthorized access, non-availability of access to authorized users and sudden break down resulting in unavailability of the server to any authorized users. There are number of factors that are responsible for the faults of network services based on the type of errors. Slowing down of network is mainly due to high trafficking, low bandwidth or some virus attack by hackers or unauthorized access. Access of intruders such as unauthorized user or hacker is possible due to improper security layers or design flaws in the underlying system software such as windows or web-servers. Non-availability of access to authorized users result from mistakes made either by users or by network administrator in configuration files. Sudden break down generally occur due to power failures, hardware failures or some natural disasters (Aluko n.d.) Vulnerability can be avoided by appropriate risks management plan, deployment of secured infrastructure, installation of security layers and automated network management by efficient staff and administrators. Physical security of the premises where the infrastructure of information technology is installed is also necessary for network safety. Attacks Matrix is given below:- Attacks Availability Confidentiality Integrity Social Engineering Yes Yes Yes Physical Break-in Yes No No War Dialing Yes No No Port Scanning Yes No Yes System Attack No YES YES Network Attack Yes No Yes PART II GSM GSM is an acronym from Global System for Mobile. It is a communication system of mobile phones that operate digitally. Europe and many other parts of world use GSM. There are two other types of digital wireless telephone technologies; TDMA and CDMA. The frequency bands in which the GSM operates are 900 MHz, 1800 MHz or 1900 MHz.. GSM user data is first digitalized and compressed and then sent via a channel in three streams; each stream in its own time slot (GSM Security n.d.) The de facto standard for wireless telephone in entire Europe is GSM. GSM mobile phones are used world wide and mobile of one country can be used to another country due to roaming agreements of GSM network operators (GSM Security n.d.) The main security issues of GSM technologies include theft of service, legal interception and privacy. Theft of service is crime of securing performance of a service through fraudulent means such as threat, deception, diversion, etc. Legal interception refers to the legal sanction to lawful authorities to access network communication data such as SMS, e-mails or phone call for security purposes, evidence or analysis. Privacy refers to a large number of concerns such as children safety on internet, unauthorized access of e-mail content, tracking of habit of internet usage, obtaining of personal information and its use, freedom of anonymous chatting and messaging, etc. These security issues raised important interest in the GSM community and to create awareness of security issues web-portal like GSM-security were launched (USLEGAL 2011) GSM technologies started mobile communications with plain voice calls in 1991. The continuous enhancement of mobile technology developed broad range of services. Today mobile services such as multimedia and broadband are used in more than 219 countries serving above three billion people globally. The family of GSM technologies as shown in Figure 10 includes GSM, EDGE, HSPA, Services, IMB, GPRS, 3G/WCDMA, LTE, and GSM Roaming (GSM World n.d.) Figure 10: The family of GSM Technologies (GSM World n.d.) GSM technologies are based on concepts of mobile radio. The Mobile radio concepts include following elements (CTO 2009):- 1. Elements of radio propagation 2. Modulation Techniques 3. Duplexing and multiple access 4. Receiver aspects: synchronization, equalisation, demodulation 5. Audio-visual Coding 6. Voice activity detection-DTX 7. Error control coding 8. Cellular concepts – frequency re-use, Spectral efficiency, power control, frequency hopping 9. Micro/macro-cells 10. Mobility management The GSM service provision include following elements (CTO 2009):- 1. Voice Telephony 2. Messaging 3. Roaming 4. Data transmission: Circuit versus packet switching 5. Call setup 6. Signalling 7. Intelligent networks The GSM network architecture include following elements (CTO 2009):- 1. Network Sub-systems a. Mobile Station b. GSM air interface c. Base Station Subsystem d. GSM A-bis interface e. Network and Switching System 2. Access network elements a. Radio planning b. Cell site location c. Cell repeat patterns d. Co-channel Interference e. Power control f. Adding capacity – cell splitting, secroisation g. Frequency hopping 3. Core network elements a. Mobile switching centre b. Home location register c. Visitor Location Register 4. Security and Privacy Figure 11 shows the extract of the course content on GSM Technologies organized by CTO (Commonwealth Telecommunications Organization) Figure 11: Extract (CTO 2009) References Aluko, F n.d., How Networks are Attacked, The University of East London (UEL), viewed 12 November 2011, Aluko, F n.d., Vulnerabilities, The University of East London (UEL), viewed 12 November 2011, Buyya, R, & Yeo, CS, & Venugopal, S 2008. ‘Market-Oriented Cloud Computing: Vision, Hype, and Reality for Delivering IT Services as Computing Utilities’, Keynote paper: The 10th IEEE International Conference on High Performance Computing and Communications (HPCC-08), Dalian University of Technology, Dalian, China, viewed 12 November 2011, Cloud Security Alliance, 2010, Top Threats to Cloud Computing V1.0, Cloud Security Alliance, viewed 12 November 2011, ComputerWeekly, 2010, Top 10 IT security trends for 2011, News, viewed 12 November 2011, Course Handouts, 2006, CS506-Web Design and Development, Virtual University of Pakistan: Course Handouts, Virtual University of Pakistan, Lahore CTO, 2009 GSM Technologies: Course Overview, Commonwealth Telecommunications Organization, viewed 12 November 2011, GSM Security, n.d. GSM-Security.net: Your portal to the world of GSM Security, GSM Security, viewed 12 November GSM World, n.d. GSM Technology: Driving the evolution and deployment of the GSM family of technologies, GSM World, viewed 12 November 2011, International Telecommunication Union 1991, Data Communication Networks: Open Systems Interconnection (OSI); Security Structure and Applications Security Architecture for Open Systems Interconnection for CCITT Applications Recommendation X.800, International Telecommunication Union, viewed 12 November 2011, Panda Security, 2010, 10 leading security trends in 2011, Press Panda Security, viewed 12 November 2011, TechTarget, 2011, Cloud Computing, What is cloud computing? - Definition from Whatis.com, viewed 12 November 2011, Transportation Security Association n.d., TSA: Layers of Security, U.S. Department of Homeland Security, viewed 12 November 2011, USLEGAL, 2011 Lawful Interception Law & Legal Definition, USLegal, viewed 12 November 2011, http://definitions.uslegal.com/l/lawful-interception/ USLEGAL, 2011 Privacy - Internet Law, USLegal, viewed 12 November 2011, USLEGAL, 2011 Theft of Services Law & Legal Definition, USLegal, viewed 12 November 2011, http://definitions.uslegal.com/t/theft-of-services/ Read More