Malicious Attacks and Threats

In: Computers and Technology

Submitted By navman85
Words 1172
Pages 5
Malicious Attacks and Threats

Malicious Attacks and Threats As the lead Information Systems Security Engineer it is my job to ensure that the ongoing threat of malicious attacks and vulnerabilities to the organizations computer network are kept to a minimum so that highly sensitive data will continue to remain protected. However, recent reports from the CIO suggest that there has been a small amount of malicious activity reported on the network. The CIO is requesting I look into the current network infrastructure and make necessary changes to the network so that the system remains free from the threat and vulnerability of future malicious activity that would impact the organizations network. Attacks on computer systems and networks occur by the billions every year and are on a dramatic increase. Many organizations have invested vast amounts of money in computer networks, only to find out that although it is providing means of improving the efficiency and productivity of the organization it also exposes the organization to possible malicious attacks and threats. Such attacks have been the most challenging issue for a majority of Information System Security Engineers where they utilize the necessary resources to protect the network from these vulnerabilities. The greatest overall threat to computer systems and their information comes from humans, through actions that are either malicious or ignorant. When the action is malicious, some motivation or goal is generally behind the attack. For instance, the goal could be to disrupt normal business operations, thereby denying data availability and production. In 2011, Symantec has reported blocking over 5.5 billion malicious attacks on various networks. This was an increase in malicious attacks of up to eighty one percent from 2010. Symantec has also reported that the malware software has risen…...

Similar Documents

Identifying Potential Malicious Attacks, Threats, and Vulnerabilities

...understanding of the situation in the network of the company I decided to start the analysis by the vulnerabilities that this one presents. Many of these vulnerabilities are the cause for different types of network attacks. It should be noted that while many of these vulnerabilities may be mitigated or eliminated the possibility of an attack always exists. The first vulnerability is the email server. Although very well controlled for been within the Demilitarized Zone (DMZ), this is always a vulnerability with which most companies have to deal with. This vulnerability opens the way for phishing attack. One way to mitigate this vulnerability is configuring the email server so that only authorized email may enter. This is difficult because our video game company has a large list of customers and suppliers that are in constant change. The best option is to alert users about the security measures and company policies regarding private and unknown emails. The Web and FTP server can be a not very alarming vulnerability. Because it is located in the DMZ and after the Intrusion Detection System (IDS), is unlikely to be corrupted without being detected. The location of the file servers in the network is totally unprotected against internal attacks. Any successful attack in the LAN would leave the data servers exposed. The establishment of a demilitarized zone with a completely different set of log on names and password than any other machines would give these servers better......

Words: 1141 - Pages: 5

Identifying Potential Malicious Attacks, Threats, and Vulnerabilities

...computer as a base of filtering through their criminal activities. The criminal basically wants to forge their criminal activities over the internet without involvement of the police or any other type of law enforcement agency. They use the computer internet for exploitation of minors revealing pornographic material of young boys and girls for monetary gain. This type of criminal activity not only involves the pedophilic type of person but also involves the married Joe that lives at home with his wife and kids of his own. They usually get caught in pornography sting operations where undercover agents lure these unsuspecting pedophiles into a home or apartment where they are thought to meet an underage girl to engage in sexual activity. The attack on the local Sheriffs’ department’s web database on a national scale may have leaked information of a sensitive nature concerning an ongoing investigation with one local police department. Gassville, Arkansas, Chief of police told the associated press that some of the information stolen was posted online and displayed pictures of teenage girls in their swimsuits. The posting of the teenage girls in swimsuits was an ongoing investigation that the department was looking into concerning child pornography. Many of the local officers affected by the hacking lost valuable information like tips from concerned citizens, credit card information and e-mails which hold enough information to commit identity theft. The action of this hacking......

Words: 970 - Pages: 4

Identifying Potential Malicious Attacks, Threats, and Vulnerabilities

...improving the efficiency and productivity of the organization but it also exposes the Organization to possible attacks and threats. Such attacks have been the most challenging issue for most network administrators and a worrying topic for administrators. Organizations need to share services resources and information but they still need to protect these from people who should not have access to them, while at the same time making those resources available to authorized users. Effective security achieves these goals. The greatest threat to computer systems and their information comes from humans, through actions that are either malicious or ignorant. When the action is malicious, some motivation or goal is generally behind the attack. For instance, the goal could be to disrupt normal business operations, thereby denying data availability and production. April 13, 2000, 3:55 P.M. Pacific time: The Web site for the Motion Pictures Association of America (MPAA) is suffering intermittent outages, and the organization suspects computer vandals are to blame. A source inside the organization, who asked not to be identified, said that the MPAA is currently “experiencing problems with their public Web site, and they suspect a denial-of-service attack.” The attack was first rumored on http://www.hackernews.com/, a Web site for news on computer hacking. Most of the attacks are becoming more frequent and more damaging, and they are using well-known techniques and methods......

Words: 5140 - Pages: 21

Identifying Potential Malicious Attacks

...Identifying Potential Malicious Attacks The CIO Company will use firewalls, intrusion detection systems, virus scanners and other protective software to provide some assurance that the security policies for the site are properly implemented. Firewalls are the basis of computer and network security defense. They are widely deployed. They are very hard to configure properly, and people who configure them may not know the current threats and attacks. For example, an administrator maybe working on some task and might leave something open in a firewall where attackers can enter through. Some firewalls have the vulnerability that enables attackers and be defeated. By identifying the network components, you can evaluate their vulnerabilities. These vulnerabilities can have flaws in the technology, configuration, or security policy. Vulnerabilities can be fixed different ways, applying software patches, reconfiguring devices, or deploying countermeasures such as firewalls and antivirus software.   Threat is when people take advantage of vulnerability and cause a negative impact on the network. If threat occurs it needs to be identified, and the associated vulnerabilities need to be addressed to minimize the risk.  As of today, most of the hackers are interested in hacking services such as HTTP (TCP Port 80) and HTTPS (TCP Port 443), which are open in many networks. By using access control devices, they can detect malicious exploits aimed at these services. Now these days......

Words: 1060 - Pages: 5

Threats and Attacks to Computer Network

...Chapter 4 Threats and Attacks to a Computer Network Research shows that “threats to the computers and networks have been an issue since computers began to be used widely by the general public. Nowadays, any computer or network that is connected to the Internet is at risk” (http://infopeople.org/resources/security/basics/threats_vulnerabilities.html, 2008) There are unlimited different types of threats exists in computer networking field but in this report mainly six different common but important threats were discussed. 4. 1 Spoofing Spoofing is a technique used to hide identity of traffic originator or assume identity of trusted entity or fooling a computer into believing which actually you are not. The most common spoof is email where a hacker pretend to be a different internet address from the one you have just to gain his/her credit card no, passwords, personal information or to theft any identity. Spoofing normally involves sending many packets/messages pretending to be a real legitimate person and spoofed IPs are very hard to back track. There are many different types of spoofing, such as ▪ IP addresses, MAC addresses changing attacks ▪ Link alteration ▪ DNS server spoofing attack ▪ Content theft ▪ E-mail address changing attack 4.2 How Penetration Attack Works? Penetration attack is basically to an attempt to break the security features of a system in order to understand the system or system design and implementation. The main purpose of......

Words: 934 - Pages: 4

Identifying Potential Malicious Attacks

...Identifying Potential Malicious Attacks, Threats and Vulnerabilities Joseph Escueta Strayer University CIS 333 Dr. Emmanuel Nyeanchi January 30, 2014 Abstract The world of any organization lays a network structure that controls all the operations of the company. Every company has its own sensitive information about their success and why they such a good reputation. Because of the growing technology various enchantments have been develop to make sure that its investments are secured and locked hidden in its networks. However network attacks have been around for decades and each new security can be breach. This is one of the major causes of any company to lose money or its capital after being attack by network attackers. It is proven to be a nuisance for any organization trying to make a living. However, this attacks can be avoided if one should take precautions and to be aware of the network attacks. In this case study I will identify its causes and threats against the network. I will also expose the vulnerabilities that exist in networks today. Identifying Potential Malicious Attacks, threats and Vulnerabilities There are many attacks in the network but the most important purpose is to protect the company’s assets. We are not taking about average hackers who just do it for fun but rather want to cause damage to a company’s reputation. In a network security there are two important categories which is logic attacks and resource attacks. A logic attack......

Words: 1207 - Pages: 5

Malicious Code Attack

...Week 4: Essay 4.1 Malicious Code Attack Harold Streat Jr (15813476) NT2580: Introduction to Information Security March 2, 2014 DeVon Carter Malicious Code Attack The Code Red virus didn't kill the Internet, but it did prove that there is a long way to go in the war against cyber-attacks, and, if the future is anything like the past, it is a war the good guys will never win (Burnett & Gomez, 2001). The Code Red worm is one example where knowledge of emerging vulnerabilities and implementation of security patches plus overall watchfulness of network activity could have saved many systems from falling prey to a well-publicized attack (Burnett & Gomez, 2001). The Code Red or Red Wiggler Worm, as it was known, was a self-replicating program designed to consume computer and network resources creating a Denial of Service (DoS) to the user community. The Code Red worm exploited a known vulnerability in Microsoft Windows NT and Windows 2000, popular operating systems in the business environment. The vulnerability was related to Internet Information Server (IIS), which runs on many Windows-based World Wide Web servers throughout the world. Code Red spread through several variants with mixed effectiveness. As the worm code was mutated, updated and re-released, infection rates increased (Burnett & Gomez, 2001). The worm began by scanning networks to identify hosts running IIS and accepting information on TCP port 80....

Words: 520 - Pages: 3

Malicious Code Attack

...Karen Barber ITM – 5600 – Information and Communications Security Assignment: Summary Report on a Malicious Code Attack Malicious code is the term used to describe any code in any part of a software system or script that is intended to cause undesired effects, security breaches or damage to a computer or system without the owner’s knowledge or consent. Upon entering the system, there are much exploitation of vulnerabilities, like viruses, worms, Trojan horses, spyware, adware, and rootkits. Malicious code is an application security threat that cannot be efficiently controlled by conventional antivirus software alone. Malicious code can either activate itself or activate after a user perform an action, such as clicking on something or opening an email attachment. Malicious code describes a broad category of system security terms that includes attack scripts, viruses, worms, Trojan horses, backdoors, and malicious active content. The Spamhaus Project is a cyber attack that is described as the largest in history apparently starting over an argument over spam. The prolonged denial-of-service assault is targeting The Spamhaus Project; a nonprofit European filtering service that helps organizations to fight spam by weeding out unwanted emails has gone after CyberBunker, a Dutch data-storage company that offers hosting to any websites/content "except child porn and anything related to terrorism." On March 18, 2013, Spamhaus added CyberBunker (whose servers shows......

Words: 728 - Pages: 3

Identifying Potential Malicious Attacks, Threats and Vulnerabilities

...Recently the Chief Information Officer of our company Celtic Gamers Frontier Inc. (CGF) has read of an increase in the threat space regarding the electronic game industry and he is concerned with regards to our Companies overall architecture, and the risks to our Research and Development efforts and other Intellectual Property. He has tasked the company’s corporate information technology group to produce an information paper detailing the types of cyber threats and malware are being reported on the internet. They would also like the security group to give the company’s executive leadership a detailed report regarding the threats, vulnerabilities and the overall risks that may be present in our current corporate infrastructure. The security department for the organization is relatively small and short on resources so this task has been given to me to do the research and create an executive report detailing the current vulnerabilities, risks and threats and potential impact to our network should we have any security incidents. “Unfortunately, there are inherent risks to computer usage — hackers, viruses, worms, spyware, malware, unethical use of stolen passwords and credentials, unauthorized data removal by employees with USB flash drives, or servers crashing and bringing productivity to a halt” ("Cybersecurity," 2013) . The CGF network is a typical office network composed of an external firewall with an external DMZ with public use servers, and internal firewall......

Words: 1563 - Pages: 7

Cis 333 Assignment 1 Identifying Potential Malicious Attacks, Threats, and Vulnerabilities

...CIS 333 Assignment 1 Identifying Potential Malicious Attacks, Threats, and Vulnerabilities http://homeworktimes.com/downloads/cis-333-assignment-1-identifying-potential-malicious-attacks-threats-vulnerabilities/ For More Tutorial Visit: http://homeworktimes.com/ For any Information Email Us: : onlineeducationalservice@gmail.com CIS 333 Assignment 1 Identifying Potential Malicious Attacks, Threats, and Vulnerabilities http://homeworktimes.com/downloads/cis-333-assignment-1-identifying-potential-malicious-attacks-threats-vulnerabilities/ For More Tutorial Visit: http://homeworktimes.com/ For any Information Email Us: : onlineeducationalservice@gmail.com CIS 333 Assignment 1 Identifying Potential Malicious Attacks, Threats, and Vulnerabilities http://homeworktimes.com/downloads/cis-333-assignment-1-identifying-potential-malicious-attacks-threats-vulnerabilities/ For More Tutorial Visit: http://homeworktimes.com/ For any Information Email Us: : onlineeducationalservice@gmail.com CIS 333 Assignment 1 Identifying Potential Malicious Attacks, Threats, and Vulnerabilities http://homeworktimes.com/downloads/cis-333-assignment-1-identifying-potential-malicious-attacks-threats-vulnerabilities/ For More Tutorial Visit: http://homeworktimes.com/ For any Information Email Us: : onlineeducationalservice@gmail.com CIS 333 Assignment 1 Identifying Potential Malicious Attacks, Threats, and Vulnerabilities http://homeworktimes.com/downloads/cis-333-assig...

Words: 351 - Pages: 2

Malicious Attacks

...click Word Count. Title of Paper In this assignment, I will write a four to five report in how to thwart a malicious attacks, threats, vulnerabilities to a game system. I have just been hired as an Information System Engineer for a videogame development company. The organization network structure have been identified by the company as having 2- firewall, 1- Web/FTP server, 1-Microsoft Exchange Email Server, Network Intrusion Detection System(NIDS), 2-Windows Server 2012 Active Directory Domain Controllers(DC) 3-File servers 1-Wireless access point(WAP) 100-Desktop/Laptop computers VoIP telephone system. The CIO of this company has just received a report of malicious activities on the rise and has become extremely concerned with the protection of intellectual property and highly sensitive data maintained by his organization. As part of my job task with the organization, I will identify and draft a report identifying potential malicious attacks, threats, and the vulnerabilities that is specific to his organizations. It has been requested that in the report, I give a brief scenario explanation and how what kind of potential impact it will have on the organization. Any threat is alarming because it could damage the assets of the company if this is true we first need to have a Business Continuity Plan (BCP) which allows the company to keep operating in case of an attack. My order of planning would be to discover the disaster recovery plan that the company has in place in......

Words: 401 - Pages: 2

Cis 333 Week 4 Assignment 1 - Identifying Potential Malicious Attacks, Threats, and Vulnerabilities Identifying Potential Malicious Attacks, Threats, and Vulnerabilities

...CIS 333 WEEK 4 Assignment 1 - Identifying Potential Malicious Attacks, Threats, and Vulnerabilities Identifying Potential Malicious Attacks, Threats, and Vulnerabilities To Purchase Click Link Below: http://strtutorials.com/CIS-333-WK-4-Assignment-1-Identifying-Potential-Malicious-Atta-CIS3332.htm CIS 333 WK 4 Assignment 1 - Identifying Potential Malicious Attacks, Threats, and VulnerabilitiesIdentifying Potential Malicious Attacks, Threats, and Vulnerabilities You have just been hired as an Information Security Engineer for a videogame development company. The organization network structure is identified in the below network diagram and specifically contains: 1) 2 – Firewalls 2) 1 – Web / FTP server 3) 1 – Exchange Email server 4) 1 – Network Intrusion Detection System (NIDS) 5) 2 – Windows 2008 Active Directory Domain Controllers (DC) 6) 3 – File servers 7) 1 – Wireless access point (WAP) 8) 100 – Desktop / Laptop computers 9) VoIP telephone system The CIO has seen reports of malicious activity being on the rise and has become extremely concerned with the protection of the intellectual property and highly sensitive data maintained by your organization. As one of your first tasks with the organization, the CIO requested you identify and draft a report identifying potential malicious attacks, threats, and vulnerabilities specific to your organization. Further, the CIO would like you to briefly explain each item and the potential impact it could......

Words: 289 - Pages: 2

Malicious Attacks and Threats

...Malicious Attacks and Threats     As the lead Information Systems Security Engineer it is my job to ensure that the ongoing threat of malicious attacks and vulnerabilities to the organizations computer network are kept to a minimum so that highly sensitive data will continue to remain protected.   However, recent reports from the CIO suggest that there has been a small amount of malicious activity reported on the network.   The CIO is requesting I look into the current network infrastructure and make necessary changes to the network so that the system remains free from the threat and vulnerability of future malicious activity that would impact the organizations network.     Attacks on computer systems and networks occur by the billions every year and are on a dramatic increase.   Many organizations have invested vast amounts of money in computer networks, only to find out that although it is providing means of improving the efficiency and productivity of the organization it also exposes the organization to possible malicious attacks and threats.   Such attacks have been the most challenging issue for a majority of Information System Security Engineers where they utilize the necessary resources to protect the network from these vulnerabilities.   The greatest overall threat to computer systems and their information comes from humans, through actions that are either malicious or ignorant.   When the action is malicious, some motivation or goal is generally behind the attack.  ......

Words: 305 - Pages: 2

Cis 333 Week 4 Assignment 1 - Identifying Potential Malicious Attacks, Threats, and Vulnerabilities Identifying Potential Malicious Attacks, Threats, and Vulnerabilities

...CIS 333 WEEK 4 Assignment 1 - Identifying Potential Malicious Attacks, Threats, and Vulnerabilities Identifying Potential Malicious Attacks, Threats, and Vulnerabilities To Purchase Click Link Below: http://strtutorials.com/CIS-333-WK-4-Assignment-1-Identifying-Potential-Malicious-Atta-CIS3332.htm CIS 333 WK 4 Assignment 1 - Identifying Potential Malicious Attacks, Threats, and VulnerabilitiesIdentifying Potential Malicious Attacks, Threats, and Vulnerabilities You have just been hired as an Information Security Engineer for a videogame development company. The organization network structure is identified in the below network diagram and specifically contains: 1) 2 – Firewalls 2) 1 – Web / FTP server 3) 1 – Exchange Email server 4) 1 – Network Intrusion Detection System (NIDS) 5) 2 – Windows 2008 Active Directory Domain Controllers (DC) 6) 3 – File servers 7) 1 – Wireless access point (WAP) 8) 100 – Desktop / Laptop computers 9) VoIP telephone system The CIO has seen reports of malicious activity being on the rise and has become extremely concerned with the protection of the intellectual property and highly sensitive data maintained by your organization. As one of your first tasks with the organization, the CIO requested you identify and draft a report identifying potential malicious attacks, threats, and vulnerabilities specific to your organization. Further, the CIO would like you to briefly explain each item and the potential impact it could......

Words: 289 - Pages: 2

Identifying Potential Malicious Attacks, Threats and Vulnerabilities

...            Identifying Potential Malicious Attacks, Threats and Vulnerabilities Brian Cox Strayer Univerity Professor Leonard Roden Networking Security Fundamentals May 03, 2016            Have you ever thought about the measures that you need to go through when protecting yourself from online threats and attacks? There are many different types of attacks and threats that can be carried out against networks and organizations. The attacks that could be carried out can cause serious damage to the company and range on a scale from very minimal to very severe data loss and data theft. It is important for companies to take every precaution available and have not only the best software for prevention of these attacks but stay on top of what the intruders, hackers, attackers are learning and how the technology is forming when they are deploying these systems on their servers, networks, and office computers that employees will use on a day to day basis. The computers each employee is using should come with a User Agreement and the do’s and do not’s when it comes to daily computer usage. This will enhance the security as each employee will understand what is acceptable and how to obtain maximum security of their signed computer. It is also advisable within the User Agreement to list out the things that are unacceptable such as plugging in your phone, downloading things from the internet, and other things that may seem harmless but could hurt the company if it......

Words: 1622 - Pages: 7

Will & GraceS10E7 - Episode 7 | Ein Herz fr Tiere (0) | Hide and Seek