Remote Access Attacks - Essay Example

? Remote Access Attacks Remote Access Attacks As we know, remote access attacks can debilitate any company, but is particularly serious for the small to medium enterprise. This can be stated because they do not always have the budget to secure their network, yet they house confidential information that could be harmful to the operations of the company if stolen. Some of the assumptions that need to be made in this case include: terminated employees retaining remote access to the system via passwords that are not deleted, passwords not being changed on a regular basis, firewalls being non-existent being connected computers to the network, and no noticeable security protecting the various storage devices portrayed on the diagram. It is important to analyze the network diagram and the information provided in the case study to determine vulnerabilities that are existent in the current system. These three categories include threats from inside the organization, from users gaining access as a third party, and public access. This company appears to be at risk from users inside gaining access to private and privileged information. As the network diagram clearly shows, there are no built-in protection between computers inside the organization to keep users with legitimate passwords from gaining access to another computer within the facility, without the other individual user knowing about it. This is commonly referred to as an attack from an inside view, and it is a major concern for this company under its current structure. With a lack of password protocol in place, individual employees and contractors have access to the network and data house inside the network. This entails being able to look up payroll record, altering personnel information, and potentially even gaining access to client payment data. All of these are serious violations of professional conduct, yet would be relatively easy actions to accomplish by an employee with even the most rudimentary knowledge of gaining user access. To minimize the risks from inside users, procedures begin with eliminating potential abusive employees before they are even hired. Because the company deals with sensitive information, it would be useful to have a background check procedure in place. Any computer related crimes on an individuals record would be a red flag that they could pose a problem given the companies weak security to this point, and their reluctance to spend much money to provide significant upgrades. In addition, passwords company-wide should be changed on a regular basis, and immediately after an employee in terminated. Many companies only eliminate the password of the terminated employee from the system, but they fail to realize that the individual may have gained access to other passwords during their tenure at the organization. As currently structured, the Quick Finance Company is also vulnerable to an attack from the outside, gaining access from the inside. This can happen in the form of a current employee giving his password to a hacker on the outside, or unknowingly bringing a virus into the facility. Again, with inadequate firewall protections put into place, this company has little hope of blocking attempts from a dedicated hacker with a proper password. Once inside the system, gaining access to any of the nearly 100 computers in the system, a hack would be able to gains access to the System 1000 mainframe, at which time all company data would be accessible. In addition, as demonstrated in Quick Finance Companies network diagram, the VPN server is continuously uploading information to the cloud, yet the company has not implemented any security measures to safeguard that attack from outside users. In essence, user view vulnerability appears to be a major issue for the company, owing to many of the factors previously stated. With inadequate password security, and a regular rotation of changing log-in protocols, any password that falls into the hand of a potential hacker could go undetected for quite some time. Assuming that Quick Finance Company relies on the occasional off-site work being done, such as logging into the system from home to complete various time sensitive projects, blocking off-site access is not really a possibility. The company could, however, implement a request system for gaining access remotely. Without such approval, access would be denied. In addition, it would be more likely that any malicious activity would be uncovered; as such access would be easily tracked. In addition, the company will need to provide more protection to the VPN server in order to prevent users being able to view data that they do not have access to, thereby preventing the possible theft of sensitive data. In short, it certainly appears that this particular finance company has left itself vulnerable to many of the security challenges facing any company today that relies almost exclusive on information technology. This includes phishing, man-n-the-middle attacks, and the possible infection of malicious software (Hoogenboom & Steemers, 2000). Thankfully, there are certain measures that can be easily implemented, based upon the information contained in the case study and the presented network schematic, that can serve to help eliminate many of remote access attacks that the company has seen in recent months. This improvement can begin with a remote authentication scheme. Weigold, Thorsten, Kram, and Baentcsch (2008) write, “Any remote authentication method’s goal is to establish and secure an authenticated information channel by proving a user’s identity through an associated security channel” (p. 36). This can be done by first eliminating the use of static passwords. This is one of the oldest means of remote authentication, and also the one most easily hacked (Weigold, Thorsten, Kram, & Baentsch, 2008, p. 37). The company could, however, could consider the use of one-time codes in order to avoid repeat remote access. In addition, a scratch-list could be created that is used by clients in order to provide more security. By having such a list contain 40-100 codes, individual clients would not know which code was going to be used until the attempted to log-in, providing the Quick Finance Company with a simple, cost effective of enhancing security measures from the inside almost immediately. Another are of concern in terms of being vulnerable to continued remote access attacks are the types of client security devices currently in operation at the company. As noted by the network diagram, there are upwards of 100 personal computers in the network, each attached by Ethernet, and lacking adequate firewall protection. As has been noted, “The most common client hardware is a standard desktop PC, which is also an easy platform to attack” (Weigold, Thorsten, Kram, & Baentsch, 2008, p. 40). A recommendation, then, is to have a secondary security device that is required for user access, and one that must me validated before an individual can log onto the system. This can come in the form of a smart card, mobile phone, or smart memory stick. Finally, as the company is currently vulnerable to outside attacks, it must work to eliminate the possibility of phishing. As is the setup now, an attacker can get into the system and trick users into entering their authentication codes. An example of this would be their one time code. Once gaining access to the system, the hacker can wreak all kinds of havoc, or steal sensitive information. If this is not a repeat attacker, this type of access is often difficult to uncover who the culprit is. An easy fix to this is to use the scratch list, in combination with the one time code, to limit the time the phishers have to access the system. By using a scratch list, it becomes extremely difficult for the attacker to gain the one time code in time, and even if they did, they would not be able to access a particular channel of information (Schechter, 2005, p. 42). In short, these measures will begin to upgrade the network security of the Quick Finance Company, but in the long run, they will need to set aside a portion of the budget to make some serious upgrades to their existing firewall, and they will need to create a new organizational design that all employees follow in an effort to ensure the integrity of their data and entire system. References Hoogenboom, M., and Steemers, P. (2000). Security for remote access and mobile applications. Computers & Security, 19(2), 149-163. Schechter, S. E. (2005). Toward econometric models of the security risk from remote attacks. IEEE Security & Privacy Magazine, 3(1), 40-44. Weigold, T., Kramp, T., and Baentsch, M. (2008). Remote client authentication. IEEE Security & Privacy Magazine, 6(4), 36-43. Read More