Current Trends in Information Security - Essay Example

Trends in Information Security [Name] [Professor Name] [Course] [Date] Table of Contents Table of Contents 1 Introduction 3 Current threats to information security 3 Phishing 3 Hacking 5 Information System Vulnerabilities 6 Technological weakness 6 Configuration susceptibility 7 Security policy weakness 7 Important Controls to Mitigate Threats 9 Security patches 9 Firewalls 9 Signal Hiding Technique 10 Staff policy, training and awareness 10 Use of encryptions 11 Conclusion 11 References 12 Introduction The primary objectives of information security are; integrity, confidential and availability. Confidentiality means that information that is stored in the system is protected against unauthorised users. Integrity means that the information that is available for an organization is whole or complete. In this case, the information remains unaltered or comprised by an unauthorised person. On the other hand, availability means information has to be available in authentic form when needed. This report examines the significant current threats to information security, the most significant vulnerabilities that are exploited in order to realise those threats and lastly, the most important controls that WebCenter should be considering as a priority to mitigate the risks of these threats being realized. Current threats to information security The two major threats to information security include; phishing and hacking. Phishing Phishing, also known as “carding” or “brand spoofing,” refers to a form of social engineering where an attacker, known as a phisher, deceptively retrieves data of a legitimate user’s confidential information by copying electronic communications from an organization in an automated manner (Shi and Saleem 2012). A typical complete phishing attack takes three stages. First, phishers send a bulk of fraudulent emails, or botnets, that direct users to the fraudulent websites. Second, phishers set up fraudulent websites that is hosted on compromised machines, which direct potential victims to provide confidential information. Lastly, the phishers use the confidential information to achieve payment of money from the victim’s bank (Elledge 2007). Figure 1: Phishing information flow (Shi and Saleem 2012) Recent statistics reveal that financial institutions and social media gaming sites are the primary targets of phishers. A number of loyalty programs are as well becoming common among phishers since the term phishers can breach the financial information of the potential victims. As of 2012, the United States remains the world's largest host of phishing, with some 43 percent of phishing sites reported to be originating from the U.S. Germany follows at 6 percent and then Australia, Brazil, Spain, Canada, France, UK, Netherlands and Russia. However, current studies show that phishing activities have been declining in Australia, even as it continues to be a threat across the globe. A recent study by F-Secure Response Labs, a Finish IT security firm, found that Australia and Asia Pacific regions have significantly reduced phishing activities compared to European metrics (Brauce 2013). In fact, global statistics show an increase in targeted attacks by 43 percent in 2012, 31 percent of which were aimed at small to medium sized businesses (SMEs). Additionally, the number of phishing sites on social networking sites rose by a staggering 125 percent (Symantec 2013). Hacking Hacking refers to illegal online activities where individual, mainly programmers, victimize potential victims for their own benefits or towards a course by breaking into their computer system usually to steal, destroy or alter information (Ahmad 2012). Simply put, it is the process by which individual gain unauthorized access to a computer system. Individuals who commit this act are known as hackers. Once these hackers gain access to the targeted computer systems, they may alter the information available of steal confidential information such as SSN, or in some cases sensitive information related to bank accounts (Jesan 2006). To hack a system a hacker has to crawl on the targeted computer system and collect information on the operating system used, shared folders, strengths and weaknesses, configuration files and the unsecured folders. Once this information is collected, the hackers will analyze ways in which to compromise the targeted system or website. Once, a way is seen through, they will gain entry into the system and exploit the information required. Usually, some hackers will use Trojan horse programs to access the targeted computer systems (CEN 2009). Australia has experienced high attacked in the past decade. In 2004, it was ranked tenth among the worst hit countries with 4,251 attacks per 100,000 users, and fifth among the top originating countries (Dinham 2004). Australian government agencies have been victims of the attacks with the most recent serious attack being the Australian Bureau of Statistics, which in 2012 reported at least 11 incidents in seven months, with most hackers said to be originating from China (Anon 2013). Globally, the United Stated still remains the top country where most hackers originate (35 percent, China second (16.1 percent), UK (7.5), Japan (4.3 percent and Russia (3.6 percent) as of 2011 (Breedean and Wong 2013). Information System Vulnerabilities In information security, vulnerability refers to the weakness in the system that allows cyber-attacker to compromise the system’s security. Vulnerability is an intersection of three main aspects, namely susceptibility, an attacker’s access to the susceptibility and the attacker’s ability to exploit the susceptibility. Vulnerability in a network system includes the weakness of the technology, the weakness of the security policy and the weakness in configuration. Technological weakness The network and computer technology together form the information system. These two have inherent security susceptibilities. These comprise the operating system weakness, the TCP/IP protocol weakness and the network equipment susceptibility. First, TCP/IP protocol susceptibility includes the FTP, HTTP and ICMP, which are intrinsically insecure. Such weaknesses are often exploited by hackers who look to crawl into the system. Operating system weakness refers to the susceptibility of the operating system a computer uses, including the Linux, UNIX, Windows XP, Macintosh and OS/2 operating systems. All these have security systems that have to be addressed. Network equipment susceptibility refers to the insecurity of the various network equipments such as firewalls, routers and switches, all of which have susceptibilities that must be addressed. Such weaknesses include lack of authentication password protection, firewall holes and routing protocols (Saham et al 2010). Configuration susceptibility Configuration susceptibility includes the weaknesses in configuration of the computing and network devices that make the computer system to be insecure. They include unsecured user accounts. Here, the user account information may be transmitted insecurely across the network as a result exposing passwords and usernames to phishers. System accounts with passwords that can be figure out easily are also susceptible to breaches. This is indeed a common problem, where passwords are poorly selected making the passwords to be guessed easily. Misconfigured internet services are also susceptible to breaches. Here, a common problem is when JavaScript is turned on in web browsers, thus making it easy for attackers to attack the system using hostile JavaScripts when they access untrusted sites. FTP, IIS, Apache and Terminal Services posed these critical threats. Others include unsecured default settings on devices that pose security holes. Security policy weakness Security policy weakness can create unforeseen security threats to the network if the users do not comply with the security policies. Among the common security policy weaknesses include: lack of written policy, hence policies cannot be applied consistently. Lack of continuity is also a weakness. For instance, poor chosen or easily crack-able or default passwords enable unauthorised access to the computer system (Choi et al 2008). Failure to apply logical access control also makes a computer system vulnerable. For instance, ineffective auditing and monitoring of the network system allows for attacks or unauthorised use. When software and hardware change do not follow policy, it also makes it vulnerable to attacks. For instance, unauthorised changes to the topology of the network or even installation of unapproved application can create security weaknesses allowing for possible breaches (Hutchins 2012). Figure 2: Breakdown of security technology used in Australia in 2012 (CERT 2012) According to a study by CERT Australia (2012), over 90 percent of internet users in Australia use firewalls, antivirus and anti-spam filters. However, on two-thirds of the business have strategic plans to enforce IT security related standards. Globally, a recent study showed that organizations are spending huge amounts of money to detect threats and mitigate their risks (Security Affairs 2012). Indeed, 71 percent of the firms have encountered a malware attach globally. According to the report by Ponemon, there was 42 percent increase in the cyber-attacks with companies witnessing averagely 102 successful attacks, in comparison to 72 attacks in 2011 and 50 attacks in 2010. On classification of the costs related to annual damage from information security, the U.S. lead with $8.9 million, Germany is second by $6 million while the UK is third with $5.2 million (Security Affairs 2012). Important Controls to Mitigate Threats WebCentres can use a host of controls to secure their information systems. These include security patches, firewalls, signal hiding techniques, Staff policy, training and awareness and Use of encryptions (Choi et al 2008). Security patches Security patches can be applied to fix vulnerabilities in the computer programs that hackers may exploit to gain access into a computer system. Additionally, patches can be used to fix software bugs as well as improve the performance of computers. Essentially, they can be installed on test computers to ensure that they do not alter or remove functionality that has the capacity to hinder normal operation of an organization (Hutchins 2012). It is critical that the patches be installed immediately after they are made available since the vulnerabilities that they are fixing are made known as a result leading to high exploitation attempts. This could be ensured by seeing that the auto update is enabled. Firewalls Firewalls can also be used by WebCentres to mitigate the risks of information security threats. Firewalls provide a barrier between the internet and the computer, thus protecting them from intrusion. Hardware firewalls include routers that have firewall capabilities. Computers that have buffers may also act as firewalls and are in most cases used for computer networks (Williams and Manhcke 2011). At the same time, software firewalls are used to secure individual computers. Most operating systems contain firewalls that can be enabled or disabled in addition to some antivirus programs that offer similar features (Hutchins 2012). Signal Hiding Technique Since attackers need to intercept wireless transmission in order to identify wireless networks, a number of steps can be followed to make it difficult to locate the wireless access points (Choi et al 2008). This could be effective control that WebCenter should be considering as a priority to mitigate the risks of these threats being realized. The easiest way of hiding wireless access points is by turning off the service set identifier (SSID) broadcasting through wireless access points. Signal strength can also be reduced to the lowest level, the SSIDs could be assigned cryptic names and lastly, the wireless access points could be located to inside the building away from exterior walls or windows (Choi et al 2008). Staff policy, training and awareness WebCentres should enforce policies that specify how computer resources should be used. In addition to setting out the expectation with regard to the matters like personal use of resources and handling confidential information, the policies may in addition cover issues on installation of applications or protocol on how to forward emails suspected to contain malware. A user management policy may be critical here as it specifies staff access rights on the organization’s information system. Restriction of administrative privileges may also prevent installation of malware. In addition, it mitigates the degree of damage experienced in case user accounts are breached or compromised. Account and password management policies also give guidance in how frequent passwords are used to access accounts should be changed, as well as their strengths and complexities (Hutchins 2012). Use of encryptions Encryption is indeed an effective way to secure wireless network from intrusion. In addition, communication may as well be scrambled over the network (Ahmad 2012). Most access points, wireless routers and base stations possess built-in or fitted encryption mechanism. For instance, in case wireless router lacks an encryption feature, users should opt for those that have encryption features. The encryptions should always be turned on to prevent possible breaches by intruders (Choi et al 2008). Conclusion The two major threats to information security include; phishing and hacking. An information system can become susceptible to the threats due to the vulnerability of the information system that allows cyber-attacker to compromise the system’s security. The major vulnerabilities include technological weakness, which may comprise the operating system weakness, the TCP/IP protocol weakness and the network equipment susceptibility, configuration susceptibility, which includes the weaknesses in configuration of the computing and network devices that make the computer system to be insecure, and security policy weakness, which can create unforeseen security threats to the network if the users do not comply with the security policies. WebCentres can use a host of controls to secure their information systems. These include security patches, firewalls, signal hiding techniques, Staff policy, training and awareness and Use of encryptions. References Ahmad, A 2012, "Type of Security Threats and It’s Prevention," International journal Computer Technology & Applications, Vol 3 No.2, pp750-752 Anon 2007, Vulnerabilities, Threats, and Attacks, Ch1, viewed 8 Oct 2013, http://ptgmedia.pearsoncmg.com/images/1587131625/samplechapter/1587131625content.pdf Anon 2013, Australian statistics bureau systems hacked, viewed 8 Oct 2013, http://phys.org/news/2013-04-australian-statistics-bureau-hacked.html Brauce, D 2013, Australia lags rest of world as malware, phishing, Bitcoin mining target: F-Secure, computerworld Australia, viewed 8 Oct 2013, http://www.cso.com.au/article/527442/australia_lags_rest_world_malware_phishing_bitcoin_mining_target_f-secure/ Breedean, A & Wong, K 2013, Who are the top hacker countries in the world?, Geopolitech, viewed8 Oct 2013, http://geopolitech.tumblr.com/post/45767785188/hacker-power CEN 2009, General Threats to Network and Information Security, European Committee for Standardization, viewed 8 Oct 2013, http://www.cen.eu/cen/Sectors/Sectors/ISSS/Activity/Pages/NISSG%20Report%205.aspx CERT 2012, Cyber Crime and Security Survey Report, CERT Australia, viewed 8 Oct 2013, http://www.canberra.edu.au/cis/storage/Cyber%20Crime%20and%20Security%20Survey%20Report%202012.pdf Choi, M, Robles, R, Hong, C & Kim T 2008, "Wireless Network Security: Vulnerabilities, Threats and Countermeasures," International Journal of Multimedia and Ubiquitous Engineering, Vol. 3, No. 3, pp.77-88 Dinham, A 2004, Australian hacker activity on the rise, Zdnet, viewed 9 Oct 2013, http://www.zdnet.com/australian-hacker-activity-on-the-rise-1139116594/ Elledge, A 2007, Phishing: An Analysis of a Growing Threat, SANS Institute, viewed 8 Oct 2013, http://www.sans.org/reading-room/whitepapers/threats/phishing-analysis-growing-problem-1417?show=phishing-analysis-growing-problem-1417&cat=threats Hutchins, A 2012, Computer security threats faced by small businesses in Australia, Australian Institute of Criminology, Canberra, viewed 8 Oct 2013, http://www.aic.gov.au/publications/current%20series/tandi/421-440/tandi433.html Jesan, J 2006, Information Security, Ubiquity, viewed 8 Oct 2013, http://ubiquity.acm.org/article.cfm?id=1117695 Saham S, Bhattacharyya, D, Kim, T & Bandyopadhyay, S 2010, "Model Based Threat and Vulnerability Analysis of E-Governance Systems," International Journal of Science and Technology Service, Vol. 3, No. 2 Vol. 3, No. 2, pp.7-21 Security Affairs 2012, Ponemon statistics 2012 on cost of cybercrime, viewed 8 Oct 2013, http://securityaffairs.co/wordpress/9319/cyber-crime/ponemon-statistics-2012-on-cost-of-cybercrime.html Shi, J & Saleem, S 2012, Phishing, viewed 8 Oct 2013, http://www.cs.arizona.edu/~collberg/Teaching/466-566/2012/Resources/presentations/2012/topic5-final/report.pdf Symantec 2013, Highlights from 2013 Internet Security Threat Report, viewed 8 Oct 2013, http://www.symantec.com/security_response/publications/threatreport.jsp Williams, P & Manhcke 2011, “Small Business – A Cyber Resilience Vulnerability," International Cyber Resilience conference, pp.112-119 viewed 8 Oct 2013, http://ro.ecu.edu.au/cgi/viewcontent.cgi?article=1013&context=icr Read More