Information Security Management - Assignment Example

System Security System Security Name of Student Name of College or University Date of Submission Table of Contents Introduction 2 Part A – 2 A theoretical description of the attack 7 Spear phishing manual 9 Evaluation and considerations of the attack 9 References 12 Introduction Data miners have also had serious violations of privacy. The law allows data mining for the sake of collection of personal information for various uses including census, budgeting, and finance. Such private data may include patient’s number, race, ZIP code, birth date, gender, diagnosis and procedure codes, overall medical costs, physician ID, and ZIP code. In view of the fact that such information do not include patient’s name, phone number, address, and social security number, the idea that patient’s privacy would be violated may seem far-fetched. Nonetheless, such data can be cross-linked with other databases to create a general profile of the patient, and thus opening up routes to blackmailing individuals. Cooper and Collman (2005) observed that the trail of information, including IP addresses left behind by users of the World Wide Web, have been linked with hospital databases containing information relating to DNA. This poses risks to data privacy. Laws and regulations governing the use and divulgence of private information are less robust, incomplete, and fragmented. US laws on privacy do not adequately address the issue of information privacy. This paper will address hacking issues using WebGoat. Part A – Description of the scenarios in each stage compared them to the real-world cases. The case here is to demonstrates that hackers steal people's credit cards, their online information, and their banking information in order to feel they can hide completely behind the people they steal from The purpose of this case is to steal credit using Stored XSS" stage, use SQL injection and Command Injection. In Stored XSS" stage, the credit card details will stolen using the data that is stored using the source code. This is done bypassing presentation layer access control bypass using java scripts. Here the Hacker clicks the "Stored XSS" stage and contuse with the attack. This made possible by replacing the JavaScript with desired code.Then malicious information is input as shown below; The figure below shows an entry into the system in WebGoat site The second stage is SQL injection. This is when the credit card is stolen using SQL injection all possible inputs are taken into consideration as shown in the screen shot below This is done using the following code in SQL injection The code shows how various input are used to affect the security of the system The third stage is very severe as the hacker Defaces the site by injecting the command with intention of accessing web main page. Here the command was injected and the website showed t what was altered. The command that worked was DOS FIND to finde the file to changed. This file was overwritten using the following command Then I craft another command to overwrite that file. Pay attention to The network security element of subnetting improves security by way of splitting an Internet Protocol or IP address anywhere within its 4-byte (or 32-bit) address. Also called subnet addressing, this technology can fundamentally allow for the division of networks into three components—the network, subnet address, and host. There are several advantages offered by subnetting. It can cut down on network traffic because broadcasting to hosts becomes restrained to individual subnets. It affords flexibility by way of allowing the customization of the number of hosts and subnets for every organization. Subnets improve address utilization, minimally impacts on externally located routers, and also reflects the physical network. A drawback, however, is that network administrators would need to fully comprehend the creation and management of subnetting. Through “cookies” or the piece of text of a website server stored on a user’s hard drive, information can also be tracked and accessed. This specific route of information gathering is one of the most useful instruments for many marketers and advertisers who often keep track of consumer behavior. This is possible because by means of “cookies,” trackers are able to trace the websites that a user has previously or recently viewed. In social networking sites, links to various electronic and online shops are available. When a user participates or acts in commercial activities such as online shopping, the information he or she provides including the name of items placed in a shopping cart, can be stored electronically and automatically. Through these “cookies,” the movement of a user from one website to another may be tracked as well. Privacy and security in social networking have nearly become inevitable components of this social media. Privacy emerges as a public issue propelled by the regulators, the same regulators who permitted this social media to flourish. Security on social networking sites, on the other hand, can now be comprehended as the “largely imperfect...continual cat-and-mouse game of security expert and hacker” (Ackerman & Davis, 2004). Meanwhile, global marketing, through its behavioral advertising component, have predisposed this social media to such issues, particularly in terms of information access. In turn, privacy and security issues faced by social networking sites that cater to electronic commerce have also affected the latter seen through changes in consumer behavior. Responding to privacy and security issues in social networking and the entirety of the Internet follows a complex path (Bellman, Johnson, Kobrin, & Lohs, 2004). Nevertheless, key players and regulators in and outside this social media can begin by considering the adoption of “new paradigms and technologies” that will be used to “manipulate the amount of information and interaction in a social Web” (de Paula, 2009). Part B- A theoretical description of the attack I have intention of using spear phishing which could be used to secure customers’ information. This method is designed to send genuine e-mails to all employees in the company. In case an email is not genuine, one would be required to enter his or her password. This would prevent customers’ information from being stolen by hackers who use fake e-mails to access the systems (Lesce, 2000). . Some of the fundamental security attacks involve eavesdropping either at the network; logon abuse that bypass mechanisms that authenticate and control access; deception through spoofing, say, of an IP address; intrusion through unauthorized entry; hijacking of legitimate connections to obtain unauthorized access; Denial-of-Service (DoS) attacks, which are essentially the sabotaging of the network server; and attacks at the application level, which means that some attacks, like the use of viruses and remote command execution, exploit application-level weaknesses (Douligeris & Serpanos, 2007, p. 9). Spear phishing is successful due to availability of personal information online which can be stolen. The send of the emails will impersonate a certain regular mail writer and all one needs to do is either to click a certain link or open some file and this will help the hacker access the personal information. These attacks mostly boil down to either loss of confidentiality, when confidential data such as financial or research information are accessed or copied by unauthorized users; loss of integrity, when sensitive data, such as financial data, are tampered with or corrupted, say by virus, in transit; or loss of availability, when authorized users fail to access the information that should be provided in the network (Longstaff, et al, 1998). DSNs may serve as mechanisms for protecting the confidentiality and integrity of messages in remote communications. NIPS or network intrusion prevention systems form a mechanism for protecting an entire network and the devices connected to the same network. It works through the monitoring of traffic and swift response to obstruct any malicious attack. Designed for a special purpose, the hardware platforms of NIPS engage in the analysis and detection of traffic events related to network security and subsequently react based on the security policy or traffic configuration. It has been found in a study that the installation of NIPS can lower downtime caused by Denial of Service attacks by some 65 percent (Ciampa, 2008, p. 173). When network intrusions occur, which is not totally unexpected because preventive security measures do not always work, IDSs or intrusion detection systems for networks are used. IDSs, by the way, may also assume the role of prevention mechanisms when attack occurs (Douligeris & Serpanos, 2007, p 10). There are several recommendations that could be implemented by the company to ensure that customers’ information is secured from breach by hackers. One of the methods is using secured wireless internet networks. This will prevent customers’ personal and financial information from being stolen by hackers who crack through unsecured networks. Secured wireless networks ensure no default password would be used by unauthorized people. Spear phishing manual Step 1: We begin by writing an email to John, asking him to click the link in in the email: Step 2: Then John receives the emails and reads its. If he clicks the link within the email then he will be redirected to the bank for us to have his personal bank Step 3: in this step it will require john to log to his bank with his login details. He will use his username and passport to login Step 4: This entry by John will enable us connect to account using our SID 4232536. The authentication that took earlier will enable will enable the bank server believe that it is dealing with the rightful customer. Evaluation and considerations of the attack Provide a short evaluation and considerations of the attack, this can and should also include defence mechanisms which can be used to defend from such an attack. Please note this should be done thoroughly and present various mechanisms and description of which you consider to be better and why. For example, for a DoS attack where the attacker has spoofed the IP address, there are a number of mechanisms to trace back the attacker, you should include most of them. Attacks on network security can happen at all layers, including at the physical layer (Douligeris & Serpanos, 2007, p. 9). Attacks may range from an apparently harmless unauthorized use and probing of system resources to the denial of access to resources, to the very serious alteration, theft, or destruction of resources (Joshi, 2008, p. 66). Specific threats to network security include malware such as Trojan horses; adware and spyware; hacker attacks; identity theft; denial of service attacks; and interception and theft of data (What is network, n.d.). Some of the fundamental security attacks involve eavesdropping either at the network or physical layer; logon abuse that bypass mechanisms that authenticate and control access; deception through spoofing, say, of an IP address; intrusion through unauthorized entry; hijacking of legitimate connections to obtain unauthorized access; Denial-of-Service (DoS) attacks, which are essentially the sabotaging of the network server; and attacks at the application level, which means that some attacks, like the use of viruses and remote command execution, exploit application-level weaknesses (Douligeris & Serpanos, 2007, p. 9). These attacks mostly boil down to either loss of confidentiality, when confidential data such as financial or research information are accessed or copied by unauthorized users; loss of integrity, when sensitive data, such as financial data, are tampered with or corrupted, say by virus, in transit; or loss of availability, when authorized users fail to access the information that should be provided in the network (Longstaff, et al, 1998). Network security breaches or attacks happen because internet communications usually involve two hosts forging connections with each other (Joshi, 2008, p. 47). It should be easy to note, therefore, that fundamental to network security is the question of protecting the routing and transmission of messages. Firewalls, IP security mechanisms, and VPNs, which protect communication along the manner of closed internet network, are some of the security methods of securing communications (Douligeris & Serpanos, 2007, p 10). Because security attacks can come from several sources and layers, a capable network security system should be able to provide protection from varied threats through multiple security layers. Network security should include both hardware and software and should be comprised of many components ideally harmoniously working together (What is network, n.d.). A number of network security devices are available for protecting against network attacks. Some of these are firewalls, honeypots, proxy servers, network intrusion detections systems, network and host intrusion prevention systems, internet content filters, protocol analyzers, and integrated network security hardware (Ciampa, 2008, p. 165). Cryptography may address the security component of confidentiality; prevention and detection mechanisms to address integrity component (Jain, n.d.). The development of mechanisms and controls are intended to give security services for wired as well as wireless networks at differing layers and for differing network protocols (Douligeris & Serpanos, 2007, p 10). VPNs may serve as mechanisms for protecting the confidentiality and integrity of messages in remote communications. NIPS or network intrusion prevention systems form a mechanism for protecting an entire network and the devices connected to the same network. It works through the monitoring of traffic and swift response to obstruct any malicious attack. Designed for a special purpose, the hardware platforms of NIPS engage in the analysis and detection of traffic events related to network security and subsequently react based on the security policy or traffic configuration. It has been found in a study that the installation of NIPS can lower downtime caused by Denial of Service attacks by some 65 percent (Ciampa, 2008, p. 173). When network intrusions occur, which is not totally unexpected because preventive security measures do not always work, IDSs or intrusion detection systems for networks are used. IDSs, by the way, may also assume the role of prevention mechanisms when attack occurs (Douligeris & Serpanos, 2007, p 10). References AbuAli et al, 2010. The Benefits of Using Internet Protocol Version 6 (IPv6). International Review on Computers & Software. Van Iljitsch, B., 2007. Everything you need to know about IPv6 .The engineers who design the machinery deep inside the bowels of the Internet.. Read More