...1 A .It is important for a company to understand the threat environment because company should be able to defend themselves and protect their assets from the threat environment and safe themselves from the attacks. 2 B. Confidentiality, Integrity, Availability 3 C. Compromises on successful attacks breaches are synonyms of incidents. 4 D. incident is a successful attack ie threat plus successful attempt. 5 E. Counter measures are the tools used to stop attacks. 6 F. Synonyms safeguards, protections and controls. 7 G. the goal of the counter measures safeguard protect and control company or firm’s assets. 8 H.The goal of the counter measure is to protect safeguard and control. 9 I. Types of Countermeasures preventive, detective and corrective. This assignment is part 1 of 3 of the Course Project. The assignment is to create the Project Synopsis/Overview Statement. Do note, this is a 'formal' document. It may contain the following: * The name of the Project * The Sponsor/Customer/Vendor/ . . . . (the major Stakeholders who would have benefited from the Project * The Scope of Work, Requirements etc. * Constraints such as Cost, Time, Quality etc. that have been imposed * Criteria to determine the success or failure of the Project * Any other details that are important to introduce the Project * Any other details that are of relevance to help plan and execute the Project * etc Having said that, here is a possible...
Words: 1819 - Pages: 8
...Web Server Application Attacks Brooks Gunn Professor Nyeanchi CIS 502 July 10, 2013 Web Server Application Attacks Many organizations have begun to use web applications instead of client/server or distributed applications. These applications has provided organizations with better network performance, lower cost of ownership, thinner clients, and a way for any user to access the application. We applications significantly reduce the number of software programs that must be installed and maintained in end user workstations (Gregory 2010). Web applications are becoming a primary target for cyber criminals and hackers. They have become major targets because of the enormous amounts of data being shared through these applications and they are so often used to manage valuable information. Some criminals simply just want vandalize and cause harm to operations. There are several different types of web application attacks. Directory traversal, buffer overflows, and SQL injections are three of the more common attacks. One of the most common attacks on web based applications is directory traversal. This attack’s main purpose is the have an application access a computer file that is not intended to be accessible. It is a form of HTTP exploit in which the hacker will use the software on a Web server to access data in a directory other than the server’s root directory. The hacker could possibly execute commands...
Words: 1620 - Pages: 7
...I would like to thank Richboy and Ete Akumagba for their guidance and for proof reading this report. I would like to thank my family for their support and love. ii Abstract This era of explosive usage of networks have seen the rise of several opportunities and possibilities in the IT sector. Unfortunately, cybercrime is also on the rise with several forms of attack including, but not limited to botnet attacks. A Botnet can simply be seen as a network of compromised set of systems that can be controlled by an attacker. These systems are able to take malicious actions as needed by the attacker without the consent of the device owner and can cause havoc. This paper is the first part of a two-part report and discusses on several reportedly known botnets and describes how they work and their mode of infection. Several historic attacks and the reported damage have been given to give a good picture and raise the bar on the capabilities of botnets. Several existing tools have been considered and examined which are useful for detecting and terminating botnets. You would find that each tool has its own detection strategy, which may have an advantage on some end than others. iii Table of Contents Declaration ........................................................................................................................................... i Acknowledgements ..............................................................................................
Words: 13171 - Pages: 53
...The Workings of Trojan Horse Viruses Name School In Partial Fulfillment of the requirements for Class Professor Due Date Abstract Since the beginning of computer security one form of malware has always been a thorn in everyone’s side, it is one of the oldest and most commonly misunderstood malware and people hardly ever see it coming. It is the Trojan horse; a piece of programming code disguised as another program or file. This paper discusses how Trojans function, the damage Trojans cause and how Trojans can be prevented. The Workings of Trojan Horse Viruses What is a Trojan Horse Virus? Computer Trojans emerged in the mid-1980’s as a way to infect software and distribute the infected payload to different systems without raising suspicion. Trojans are not like viruses or worms per se, Trojans are malicious and cause damage but they are not self-replicating and don’t reproduce by infecting other files. Hackers have taken advantage of human nature with persuading the user to install a Trojan for the hacker by means of deception (Greenberg, 2011). Trojans Spread by users, the Trojan is latched onto an enticing program like a popular game, screen saver or any other program the user finds legitimate. Trojans usually open a covert backdoor into a targets computer or server, once installed the Trojan gives a hacker access to man operations including: Data theft, crashing the victim’s system, installing key loggers, and viewing the user’s screen (Greenberg...
Words: 1672 - Pages: 7
...Report#1 Denial of Service as a Service - Asymmetrical Warfare at Its Finest Introduction Denial of service attack becomes a major problem against computers connected to the Internet. DoS attacks involves exploiting any bugs in such an operating system or any existed vulnerabilities in TCP/IP implementation. Tracking this attack becomes very serious problem, because the attacker uses many machines in order to lunch this kind of attack. On the other hand, since the attackers are human being at least one mistake will occurred by them, once the investigators discover such mistake will be very helpful to track such attacker. The attacker goal is to prevent the legitimate users from accessing their resources by taking down such a server. This report will discuss “Denial of Service as a Service Asymmetrical Warfare at Its Finest” which was given by Robert Masse, CEO of Swipe Identity Company. Robert Masse has explained the process of capturing the attacker who performed Denial of server attack (DoS) against mid-sized internet server provider (ISP). Actually, the attacker was working at Mid-sized ISP, which is considered to be the largest ISP in Canada. In addition, the attacker was one of the employees who’s working at the targeted ISP, which make the investigation process very difficult to identify him or to stop this attack. On November 25th 2012 the ISP received this attack for one week and then eventually escalate quickly. As a result, this attack cause to shut down the emergency...
Words: 3055 - Pages: 13
...Linda Fernandez Chap 2 Review Questions 1. Why is information security a management problem? What can management do that technology cannot? Both management and IT management are responsible for the protection necessary to secure information. They are the ones who make the decisions regarding the appropriate security system and what level of security will work for the system. 2. Why is data the most important asset an organization possesses? What other assets in the organization require protection? Data is important because it keeps a record of all changes and activity. Without data, the company or organization may fail because they have no records, and therefore be of no good use. 3. Which management groups are responsible for implementing information security to protect the organizations’ ability to function? General Management and IT Management are responsible because it has to be set up for that specific system. If one part fails, then they are the ones to fix it and make it usable 4. Has the implementation of networking technology created more or less risk for businesses that use information technology? Why? Networking has caused more risk for businesses using information technology because it made it much easier for attackers to breach the security systems. They are even more of a target with the internet connection. 5. What is information extortion? Describe how such an attack can cause losses, using an example not found in the text. ...
Words: 1293 - Pages: 6
...Product Review This section consists of the types of Anti-distributed denial-of-service (DDoS) attack software and services that are available in the market. Here, we review two big companies providing anti DDoS services to large organizations and 2 different types of software for smaller scale uses. Each is access carefully before comparing them based on their specifications and ability to fend off DDoS. Defense.net Defense.net was founded by Barrett Lyon. 10 years ago, he created the Distributed Denial of Service (DDoS) attack mitigation industry. Defense.net DDoS Frontline protects users from DDoS attacks. It has a massive cloud based DDoS mitigation service which allows them to absorb even the most aggressive DDoS attacks. They allow only the legitimate traffic through the website after scrubbing the bad traffics away. Defense.net has very large and new redundant data centers with the latest equipment and tools to fend off DDoS attacks. Below listed are the features of Defense.net DDoS Frontline. Fastest Time to Mitigation With the DefenseActioner™ technology, they are able to determine the good and bad of each packet of traffic by intercepting them before routing them to the most appropriate of their large number of different mitigation solutions. Within the DefenseD™ network, multi-layer attacks are broken down into their components for more thorough mitigation. They are able to mitigate most attacking vectors. These attacking vectors are the White List, Black List...
Words: 771 - Pages: 4
...The solution is redundancy Though many of the outages described above were caused by targeted DDoS attacks, focusing on security as a solution is misguided. No matter how robust a company’s security measures, future attacks are inevitable. Rather, the solution to thwarting attacks like these and maintaining continuous service for customers is to work with multiple DNS providers to build up resiliency and redundancy. The simplest step toward establishing redundancy is using multiple name servers. Many DNS providers already encourage this, usually suggesting that four to six separate name servers be configured for each domain name. This ensures that if one of the name servers fails, the next one on the list is tried, and so on until a connection can be made. However, though this kind of name server redundancy is vital, a company is far more likely to survive an external attack if it not only uses redundant name servers but also redundant DNS providers. Setting up a secondary DNS improves the likelihood of a functioning domain name, specifically in situations like DDoS attacks when entire DNS providers are targeted indiscriminately, shutting down all of their name servers. For example, if a company’s domain name is configured to four different DNS name servers but all from the same managed provider, and that DNS provider is subjected to a major DDoS attack, then the queries cycle through servers 1-4 with no luck, because all those servers are down. However, if the company also...
Words: 753 - Pages: 4
...Security Evaluation Matthew Williams CMGT/441 1/21/2013 Shivie Bhagan Security Evaluation My evaluation is of the paper “Why Information Security is Hard” by Ross Anderson. This paper is an evaluation that covers an economic perspective of information security in the financial industry throughout the world. Simply summed up by the statement, “The more people use a typical network, the more valuable it becomes. The more people use the phone system - or the Internet - more people there are to talk to and so the more useful it is to each user.” (Anderson, 2001) In the first paragraph Denial of Service (DOS) attacks are described as one of the issues presented by the current security incentive structure. “As an example presented the author states, “While individual computer users might be happy to spend $100 on anti-virus software to protect themselves against attack, they are unlikely to spend even $1 on software to prevent their machines being used to attack Amazon or Microsoft.” (Anderson, 2001) The statement accurately describes what I’d like to call a failure to respond to an indirect threat. Simply because a user is not directly being attacked most assume they are safe and that the statistics are in their favor. Unfortunately, this is rarely the case, like the great library in Alexandria which was destroyed and affects us all even today though indirectly. In a typical connection, the user sends a message asking the server to authenticate it. The server returns the...
Words: 495 - Pages: 2
...DCIT 65 - Web Development Botnet Edrilyn R. Fortuno BS IT 3 - 1 February 7, 2013 Botnet A botnet is a collection of computers that connected to the internet that interact to accomplish some distributed task. A bot is a type of malware that enables a network attacker to gain control over a computer and utilize it to launch third party attacks on the Internet. Software agents, or robots, that run autonomously and automatically. A group of computers running a computer application controlled and manipulated only by the owner or the software source. In the past, the concept of bots did not include harmful behavior by default.Bots can be very bene cial programs when they are designed to assist a human user, either by automating a simple task, or by simplifying a user's control over various programs or systems. Botnets are used for malicious activity like distributed denial of service attacks, identity theft, sending spams and phishing attacks. Typically botnets used for illegal purposes. Botnets are seen to be one of the main sources of malicious activity. Rapidly growing botnets and new methods for spreading malicious codes and launching attacks. Bots sneak into a persons computer in many ways. Bots often spread themselves across the Internet by searching for vulnerable, unprotected computers to infect. When they nd an exposed computer, they quickly infect the machine and then report back to their master. Their goal is then to stay hidden until they are instructed to carry...
Words: 1041 - Pages: 5
...Chapter 2 Review Questions 1. Why is information security a management problem? What can management do that technology cannot? Managing information security has more to do with policy and enforcement rather than technology. Management must address information security in terms of business impact and the cost. 2. Why is data the most important asset an organization possesses? What other assets in the organization require protect? Data in an organization represents its transaction records and its ability to deliver to its customer. Without this the organization would not be able to carry out day to day work. 3. Which management groups are responsible for implementing information security to protect the organization’s ability to function? Both management and IT management are responsible for implementing security to protect an organizations ability to function. 4. Has the implementation of networking technology created more or less risk for businesses that use information technology? Why? Networking is usually considered to have created more risk for businesses that use information security. The reason is that potential attackers have reader access to the information system. 5. What is information extortion? Describe how such an attack can cause losses, using an example not found in the text Information extortion is the act of an attacker or trusted insider who steals information from a computer system and demand compensation for its return or for an agreement...
Words: 1152 - Pages: 5
...Malicious Attacks and Threats Malicious Attacks and Threats As the lead Information Systems Security Engineer it is my job to ensure that the ongoing threat of malicious attacks and vulnerabilities to the organizations computer network are kept to a minimum so that highly sensitive data will continue to remain protected. However, recent reports from the CIO suggest that there has been a small amount of malicious activity reported on the network. The CIO is requesting I look into the current network infrastructure and make necessary changes to the network so that the system remains free from the threat and vulnerability of future malicious activity that would impact the organizations network. Attacks on computer systems and networks occur by the billions every year and are on a dramatic increase. Many organizations have invested vast amounts of money in computer networks, only to find out that although it is providing means of improving the efficiency and productivity of the organization it also exposes the organization to possible malicious attacks and threats. Such attacks have been the most challenging issue for a majority of Information System Security Engineers where they utilize the necessary resources to protect the network from these vulnerabilities. The greatest overall threat to computer systems and their information comes from humans, through actions that are either malicious or ignorant. When the action is malicious, some motivation or goal...
Words: 1172 - Pages: 5
...1. Management is responsible for implementing information security to protect the ability of the organization to function. They must set policy and operate the organization in a manner that complies with the laws that govern the use of technology. Technology alone cannot solve information security issues. Management must make policy choices and enforce those policies to protect the value of the organization’s data. 2. Data is important to an organization because without it an organization will lose its record of transactions and/or its ability to furnish valuable deliverables to its customers. Other assets that require protection include the ability of the organization to function, the safe operation of applications, and technology assets. 3. Both general management and IT management are responsible for implementing information security. 4. The implementation of networking technology has created more risk for businesses that use information technology because business networks are now connected to the internet and other networks external to the organization. This has made it easier for people to gain unauthorized access to the organization’s networks. 5. Information extortion is when an attacker steals information from a computer system and demands compensation for its return or for an agreement not to disclose it. One example could be someone that gains access to PII such as SSN’s through a company’s database and ransoms the information for money. If not paid, he could...
Words: 1112 - Pages: 5
...For years security folks have grumbled about the role compliance has assumed in driving investment and resource allocation in security. It has become all about mandates and regulatory oversight driving a focus on protection, ostensibly to prevent data breaches. We have spent years in the proverbial wilderness, focused entirely on the “C” (Confidentiality) and “I” (Integrity) aspects of the CIA triad, largely neglecting “A” (Availability). Given how many breaches we still see every week, this approach hasn’t worked out too well. Regulators pretty much only care whether data leaks out. They don’t care about the availability of systems – data can’t leak if the system is down, right? Without a clear compliance-driven mandate to address availability (due to security exposure), many customers haven’t done and won’t do anything to address availability. Of course attackers know this, so they have adapted their tactics to fill the vacuum created by compliance spending. They increasingly leverage availability-impacting attacks to both cause downtime (costing site owners money) and mask other kinds of attacks. These availability-impacting attacks are better known as Denial of Service (DoS) attacks. We focus on forward-looking research at Securosis. So we have started poking around, talking to practitioners about their DoS defense plans, and we have discovered a clear knowledge gap around the Denial of Service attacks in use today and the defenses needed to maintain availability. There...
Words: 298 - Pages: 2
...vulnerabilities in the browser security to modify web pages and manipulate monetary transactions by changing or adding details that are malicious. Form grabbing is a technique of capturing web form data in various browsers. Very recently Happy Hacker was arrested; he was alleged to be the mastermind behind the Zeus banking Trojan. Change slide * Zeus comes as a toolkit to build and administer a botnet. It has a control panel that is used to monitor and update patches to the botnet. * It also has a so-called builder tool that allows the creation of executables that are used to infect the user computers. * Zeus comes as a commercial product for users who can buy it from underground markets and easily setup their own botnet. It is estimated to cost around $700 plus for the advanced versions. Change Slide * Captures credentials over HTTP, HTTPS, FTP, POP3 * Has an integrated SOCKS proxy * Steals/deletes HTTP and flash cookies * Captures screenshots and scrapes HTML from target sites * Modifies the local hosts file * Groups the infected user systems into different botnets to distribute command and control * Has search capabilities which may be used through a web form * The configuration file is encrypted * Has a major function to kill the operating system * Has a unique bot identification string Change Slide Zeus is estimated to account for some 44% of the banking malware infections and has impacted an estimated 3.6 million computers in...
Words: 697 - Pages: 3
