Information Security Threats and Access Control - Assignment Example

Assignment 1 Name: Institute: COMP290/490 Assignment 1 Question 1 Threats to information access includes malicious threats, which involves inside attacks by malicious or discontented workers as well as outside attacks by non-staff seeking to disrupt and harm the organization. These days, insiders are the most treacherous attackers, for the reason that they understand numerous of the security measures implemented as well as codes used. Insiders as per Fung (2013) always have goals as well as objectives to achieve, and most of them have lawful access to information. Essentially, workers are individuals most conversant with the information systems within the organization, and they have knowledge on what actions can bring about the most severe harm. Insiders as a threat to information access can plant worms, viruses, or Trojan horses. An insider attack may have an effect on all elements of information security, and by having an access to the system, classified information might be exposed. Information access can be impacted by Trojan horses, which without a doubt is a threat to both the confidentiality as well as integrity of information. What’s more, insider attacks may have an effect on accessibility by overloading the storage capacity or processing of the system, or even by crashing the system. Such entities are acknowledged as hackers or crackers (Fung, 2013). On one occasion, a hacker was seen as any person who took pleasure in retrieving adequate information from the systems he/she was using. Previously, a hacker would make use of a system comprehensively and analyze it in anticipation of him/her turning out to be an expert in all its fine distinction. This person was seen as an information source for system users, some people called them wizard or guru. However, these days the word hacker is defined as individuals who either force an entry to the information systems for which they lack permission or deliberately transgress their limits on systems for which they lack legal access. Common techniques for getting access to information system consist of taking advantage of well-known security flaws, network spoofing, password cracking, and social engineering (Hagen, Sivertsen, & Rong, 2007). Malicious attackers usually have a particular purpose, objective, or goal for attacking an information system. Such goals may perhaps be to disrupt the business operations by making use of attacking tools such as denial-of-service (DoS). Additionally, they may desire to steal information or systems to create obstacles to access to information. The stolen information can be sold to competitors bearing in mind that inside attackers are not the only people who may damage the organization reputation. According to Hagen, Sivertsen, and Rong (2007), the main threat to the integrity of information originates from users who are authorized, whom are uninformed of the activities they are carting out. Besides that, omissions as well as errors can lead to the loss, damage, or modification of valuable data. Furthermore, threats that are not malicious in nature often originate from workers who are inexperienced or not trained in information systems and are uninformed of security vulnerabilities as well as threats. Users, programmers, system operators, and clerks for data entry often make accidental errors that bring about direct and indirect security challenges. From time to time the error becomes the threat to access of information; for instance, an error in data entry or a programming error can lead to the crash of the whole system. The nature of human threat to information access is active given that he attacker attempts to break into or circumvent protected information systems. This as per Hagen, Sivertsen, and Rong (2007) may be carried out through Trojan horses, secrecy, worms or viruses. Human threats to information access entail endeavors to break or bypass features of security, to set up malicious code, as well as to change or steal information. Such attacks are mounted in opposition to the backbone of a network, to take advantage of the information in transit, or break in an enclave by electronic means. Human threats are active because the attacks lead to the broadcasting or disclosure of data files, data modification, or DoS. With regard to severity of human threat to information access the issue concerning insider threat is not yet completely valued either because of limitations on resources or just a negligent mind-set. Without doubt, insider attacks’ impact may be overwhelming; for instance, a financial fraud done by an insider in the organisation can lead to losses amounting to millions of dollars. Another instance of inside attack such as logic bomb written by a defense contractor worker from the technical department led to losses amounting to millions as well as the layoff of workers (Yusop & Abawajy, 2014). Actions that can be taken to mitigate this threat include: instituting periodic enterprise-wide risk assessments in addition to security awareness training for every worker; implementing division of duties; and implementing account-management practices as well as policies. Other mitigation actions include: logging, monitoring, and auditing workers online actions; making use of extra watchfulness with s privileged users and system administrators; aggressively protecting against malicious code; making use of layered protection against isolated attacks; responding and monitoring to disruptive or doubtful behavior; and evidently documenting controls for insider threat. In addition to aforementioned actions, organizations have to espouse insider threat program, which take account of active partaking from an organization’s IT, personnel security, and physical security employees (Yusop & Abawajy, 2014). To be legal, particularly as it associates with the civil liberties as well as privacy significances of electronic monitoring, background checks, as well as the sharing of susceptible employees’ information, the program needs firm support from the organization’s legal department. Lastly, the organization’s top management must prioritize what systems and information need the most defenses. After establishing the corporate priorities, the organization suitable controls turn out to be both convenient and valuable.  Question2 Viruses from internet can from time to time harm the computer systems, and they can interleave themselves to programs with the information systems such as computers and erase them, format or crash the computer. Other viruses’ forms may be less menacing, but still can generate challenges to the user in view of the fact that they can emerge to show messages and sometimes can make use of available computer memory as well as freeze the system and by and large generate setbacks that would makes user not capable to work appropriately on the internet.  Viruses can surface through, advertisement wares, which are undersized programs that are downloadable through a number of other websites or programs that gather information from an individual’s PC with aim of researching as well as advertising. Besides that, spywares are a number of other forms of computer programs that introduce themselves and occupy computer memory leading to reduction of the standard computer performance. The Worms and Viruses are elements of malicious software programs, which consist of the following: P2P-worm, IRC-worm, Email, IM-worm, and Net-worm (Templeman, 2014). According to Templeman (2014), spyware together with viruses can attack a user computer through means such as: opening email attachments that are already infected like .exe files, visiting websites that are corrupt. When a system is attacked by viruses or worms it suffers a loss of confidentiality, followed by disclosure of data to unauthorized persons. This may be complex proprietary or top secret data, or merely a data that a person was not allowed to see. For instance, if a person unlawfully views information about an organization such as payroll data can lead to loss of confidentiality (Stallings, 2013). Correspondingly, if through a virus a person can access a database with customer information, which includes credit card and names information, t can lead to loss of confidentiality. Viruses and worms can as well lead to loss of integrity, whereby an IT system or data is destroyed or modified by a virus. This might be a file alteration or the modification in the system’s configuration. For instance, if an organization file containing employee’s confidential information is infected with a virus, the file has undoubtedly lost integrity. Correspondingly, if an email is tailored while in transit, the email lacks integrity. Viruses can lead to unavailability of systems or data needed for smooth operation of the organization. Therefore, loss of availability points out that either the system or data has been infected by the virus, and so it is not available when required by the user. For instance, if a Web server is infected by a virus is becomes non-operational, and for that reason the Web server has experienced a loss of availability (Stallings, 2013). Therefore, the best way to steer clear of viruses is installing anti-virus software on every computer system that uses internet. A number of latest viruses can even attempt to circumvent antivirus software; therefore, it is extremely imperative to always update database for virus-signature. Besides anti-virus software, internet users must be extremely cautious whilst downloading files from mails or internet, for the reason that the files may have a number of malicious viruses. What’s more, in case the mails or files are not from trustworthy source, it is imperative to erase them at once devoid of opening it so as to restore confidentiality, integrity, and make the data available. Question 3 In the cryptography history, The Wheel Cipher also recognized as the Bazeries cylinder or the Jefferson disk is undoubtedly one of the most safe, yet uncomplicated enciphering apparatus. Thomas Jefferson invented this device towards the end of 18thcentury, and was afterward separately invented again (ten decades later) by Etienne Bazeries. According to Wollerton and Lucas (2005), the Jefferson disk offered a matchless security after being invented and reinvented, as a result making it successful for encrypting confidential diplomatic as well as military communiqué. Additionally, the decryption of a communication enciphered through the Wheel Cipher was extremely challenging and depended on having specific information. Undoubtedly, the Jefferson disk cipher is still outstanding, thanks to its advanced level of security, prolonged existence, and comparative simplicity (Arden, 2010). The Jefferson disk cipher was first designed in 1795 by Thomas Jefferson, and .his plans summarized the making as well as utilisation of the piece of equipment. In this regard, the device is made by cutting disks made of wood of equivalent diameter, then followed by dividing each disk’s edge into 26 equal pieces and then carving a distinct letter into all sections randomly. According to Wollerton and Lucas (2005), all disks must have a number, in order that the different disks’ orders may be recorded. Therefore, this procedure is done repeatedly until the preferred number of disks is attained. Importantly, having more disks is beneficial since the number of likely combinations significantly increases with every extra disk. Ans so this explains why the Wheel Cipher is less vulnerable to brute force attacks. Lastly, at the center of every disk a hole is carved in order to allow the disks to rotate freely along the axle. In order to encrypt, the sender have to pay attention of the disks’ order by verifying the allocated numbers of each disk, and afterwards the sender is required to spell out the text successively across the machine, by utilising one letter from every disk. After that, the text is written down by the sender from any of the additional twenty five rows. This according to Wollerton and Lucas (2005) is the cipher text that lacks noticeable coherence or meaning to an unplanned recipient. For the recipient to decrypt the message, he/she have to own the equivalent device with the same disks. In this case, the disks are arranged on the axle by the recipient in the similar order that was used by the sender. The disks’ order must be decided upon prior to the dispersion of the cipher text, for the reason that this is main information for decrypting the message. This encrypting as well as decrypting process of communication was swift, simple, dependable, and extremely secure. Public-key (asymmetric) cryptography is a cryptographic algorithms class that needs two separate keys, that is public and private. Even though distinct, the public and private keys are mathematically connected. Contrary to the wheel cipher where both encryption and decryption are achieved through similar disks, in public-key cryptography the public key is utilised for encrypting plaintext or for verifying digital signature; while the private key is employed for creating a digital signature or decrypting a cipher text (Stallings, 2013). The phrase asymmetric derives from the utilisation of dissimilar keys for performing such differing functions, as compared with historical cryptography which depends on the similar key to carry out the both functions (encryption and decryption). Basically, it is computationally simple for a person to create their individual key-pair (public and private) and afterwards to make use of them for encryption and decryption. Public-key cryptography strength lies squarely on the verity that it is not possible (computationally impracticable) for a well created private key to be verified from its equivalent public key. For that reason the public key can be made available devoid of compromising the defense, whilst the private key should not be disclosed to any unauthorized person to carry out digital signatures or read messages. Unlike public-key cryptography, in the wheel cipher, the cipher text sender and recipient must have the wheels in the suitable and similar order so as to encrypt and decrypt. While the cipher text is generated on the wheels, the plaintext is listed elsewhere on the wheel, and a visual scan may hastily lead to discovering the original message. According to Arden (2010), there existed a very small possibility that two messages that are useless could surface on the disk during encryption as well as decryption. Decrypting the wheel cipher codes was then and still remains a discouraging undertaking for code breakers given that the wheel cipher was easier to use and secure during technological progression. Without doubt wheel cipher value remains to be one of the most resourceful ciphers in the cryptography history. Every cryptography techniques have its strengths as well as weakness. In the case of the wheel cipher attackers can use transmitted cipher text to determine the dislodgment of the plaintext letter. Still, the code breaker must have numerous hundred messages for his/her kappa test to be successful, and so this condition makes the kappa test undependable. With regard to Public-key cryptography, the public keys owing to their distinctive nature are computationally more expensive as compared to their private keys complements. This is for the reason that asymmetric keys have to be longer as compared to the private-cryptography keys so as to have comparable security. According to Stallings (2013), there subsist algorithms for asymmetric cryptography that makes it possible for the attackers to crack secret keys quicker. The extensively utilised and revolutionary RSA algorithm has an algorithm that makes Public-key cryptography vulnerable to attacks. What’s more, public-key cryptography has weaknesses to attacks, particularly when a third pity is involved since a malicious third party can intercept a public key on transit to any of the involved parties. Identity theft is possible in Public-key cryptography since the third party can pass his/her personal public key with a text suggesting being from the main sender. References Arden, R. (2010, December 27). Jefferson Wheel Cipher and Modern Cryptography. Retrieved from eDocument Sciences: http://edocumentsciences.com/jefferson-wheel-cipher-and-modern-cryptography/ Fung, B. (2013, June 10). Why Insiders, Not Hackers, Are the Biggest Threat to Cybersecurity. Retrieved from National Journal: http://www.nationaljournal.com/tech/why-insiders-not-hackers-are-the-biggest-threat-to-cybersecurity-20130610 Hagen, J., Sivertsen, T., & Rong, C. (2007). Information Security Threats and Access Control Practices in Norwegian Businesses. 21st International Conference on Advanced Information Networking and Applications Workshops, 2007, AINAW '07. 1, pp. 470 - 476. Niagara Falls, Ontario: IEEE. Stallings, W. (2013). Network Security Essentials Applications and Standards (5th ed.). New Jersey: Pearson Education. Templeman, M. (2014, May 6). Internet Security Threats – How A Computer Virus And A Computer Worm Are Spread. Retrieved from Arellia: http://www.arellia.com/2014/05/06/internet-security-threats-computer-virus-computer-worm-spread/ Wollerton, C., & Lucas, A. M. (2005, April). Wheel Cipher. Retrieved from Monticello: http://www.monticello.org/site/research-and-collections/wheel-cipher Yusop, Z. M., & Abawajy, J. H. (2014). Analysis of Insiders Attack Mitigation Strategies. Procedia - Social and Behavioral Sciences, 129, 611–618. Read More