Audit & Critique of a Hacking Incident | Snowdenia

Added on - 16 Sep 2019

  • Dissertation

    type

  • 12

    pages

  • 3133

    words

  • 127

    views

  • 0

    downloads

Showing pages 1 to 4 of 12 pages
Running head: SECURITY, AUDIT & CRITIQUE OF A HACKING INCIDENTSecurity, Audit & Critique Of A Hacking Incident At Snowdenia County CouncilYour Name (First M. Last)School or Institution Name (University at Place or Town, State)1
SECURITY, AUDIT & CRITIQUE OF A HACKING INCIDENTTable of ContentsAbstract............................................................................................................................................3Security, Audit & Critique Of A Hacking Incident At Snowdenia County Council.......................4How To Ensure Secure Operations (Confidentiality, Integrity, Availability)?...............................4Confidentiality.....................................................................................................................5Integrity................................................................................................................................6Availability..........................................................................................................................6Policies and Procedures.......................................................................................................7Auditing/Testing Approach for Security and Better Compliance....................................................8Critique of Hacking Attack..............................................................................................................8Conclusion.......................................................................................................................................9Recommendations..........................................................................................................................10References......................................................................................................................................112
SECURITY, AUDIT & CRITIQUE OF A HACKING INCIDENTAbstractAnything that is of importance will be stolen or at least attempts will be made to steal it, bothfrom outsiders and insiders. This holds for digital assets also and securing the data in transit, andat rest is an inherent responsibility of every network worth its salt. The security of a networkboils down to three core concepts which have to work together. These are confidentiality,integrity and availability, commonly referred to as CIA or more recently as AIC to avoidconfusion with a government agency of America. This paper is focused on the Republic ofSnowdenia County Council and the recent hacking attack and will explore the tenets of AIC, inaddition to critiquing the attack and providing guidelines for auditing/testing approach for thecouncil.Keywords:Snowdenia County Council, network, security, hacking3
SECURITY, AUDIT & CRITIQUE OF A HACKING INCIDENTSecurity, Audit & Critique Of A Hacking Incident At Snowdenia County CouncilIt is human nature to attempt to get an unfair advantage, to exploit the system and getbenefits from the labour of someone else. Any organisation maintaining computer networkswould do much better to accept this as a part of daily routine and design their networksaccordingly. Network security is an important issue because of their utilisation andindispensability for storing, accessing, and providing business information, internally as well asexternally to suppliers and customers [1]. The violations can not only occur from outside butinside the network also. As an illustration, the focus of this paper, the Republic of SnowdeniaCounty Council, got attacked from inside when an employee launched a three-pronged intrusion,based on the Man-in-the-Middle (ARP poisoning) attack, password cracking, and access via anInternet WiFi facility offered for roving staff working at home. This attack will be critiqued laterin the paper.The security of a computer network can be distilled into three concepts - confidentiality,integrity and availability. These are referred to as the CIA triad or more recently as AIC triad, toavoid confusion with the Central Intelligence Agency of America [2]. This paper will explore theAIC triad, critique the above-mentioned attack, and provide broad guidelines for auditing/testingto help ensure a more secure as well as more compliant organisation.How To Ensure Secure Operations (Confidentiality, Integrity, Availability)?The three tenets of a secure computer network are Confidentiality, Integrity, andAvailability (AIC) and these three must be present and work in tandem. These three requireservices and cooperation of the entire organisation.4
desklib-logo
You’re reading a preview
card-image

To View Complete Document

Become a Desklib Library Member.
Subscribe to our plans

Unlock This Document