Executive Summary.

Added on - 17 Oct 2019

  • 10


  • 3873


  • 104


  • 0


Showing pages 1 to 3 of 10 pages
Executive SummaryIn recognition to the importance of proactive cyber security management of a social networkingwebsite PeopleSharz, we have tried to lay down a risk-based cyber security framework that is aset of industry standards and best practices in the field of managing cyber security risks. Thevoluntary guidance provided here offers the capability to customize and enhance the qualityadjustments to the cyber security programs that utilize cost effective security controls and thevarious techniques regarding risk management. The employees of the organization should have asound understanding as to how the basic security is to be provided for the computer systems andnetworks. This report also provides cost-effective approach to secure the computer systemplatforms as per the business needs.The key points of this report are that it provides an essential organization wide cyber securityplan, the utilization of different methodologies for data collection, the effective and efficientways with which the threats could be analyzed, the information regarding different forms cybersecurity threats and their utilization by the hackers, the effective use of threat metrics and threatmodels in the analysis of the security threats of the organization and finally, the key successfactors and valuable recommendations for the cyber security threats.Background and Problem AnalysisA website has various important elements that make it function properly and, therefore, theseelements are needed to be working in sync. Today, millions of users frequently visit thousands ofsocial networking websites without any idea that their accounts are at the mercy of potentialhackers. So, once information is posted in a social networking platform, it is not a privateinformation any longer and the more information is being posted, the more vulnerable it gets.The IT infrastructure houses various web servers, which in turn houses Domain Name Systemwith which various websites are registered to. Thus, a complex ecosystem is created that hasnumerous interconnected nodes around the internet. Most of these features are provided byservice providers that make it relatively easy for the businesses to make an online presence.These service providers also provide hosting space that makes operating of websites easy.In the present scenario, firstly we have to analyze that whether the problem is at the server sideor client side. So, as per the facts of the case, at the very outset, the vulnerability seems to be atthe client side. The hackers of a social networking website have various methods by which theybreak into users’ account and steal crucial information from there. The SQL injection is the mostcommon server-side vulnerability that allows the hackers to inject the code into the database of awebsite(Al Hasib, 2009). There are other vulnerabilities such as Remote Code Execution (RCE)as well at the dispensation of attackers, which enables the hackers to interact with the systemdirectly. Most probably, the hackers of PeopleSharz might have used Trojan horses, malwares,logic bombs, computer worms, snipping tools, phishing tools and a wider spectrum of othersources. This attack must have been a coordinated one as they might have been successful inlocating flaws in network topologies as well as bugs and defects in software configuration. Thesedays, with the help of Netspionage, it is relatively for the attackers to access highly sensitiveinformation from the accounts of the social media users.
There is an equal possibility that the hackers have utilized Server Side Request Forgery (SSRF)that might have enabled them to read all the files and raw tables of the database of PeopleSharz.The technique of phishing must have been used in this case, where the hackers had targetedPeopleSharz with a keen focus on the vulnerabilities as well as used social engineering tricks.Also, there are certain techniques meant for the authorization bypass. The other possible attacksare Cross Site Scripting (XSS) attacks and Broken Authentication and Session Managementattacks. The hackers must have sent file packet to the web browser and bypass the validationprocess. It causes the user’s session ID to be sent to the attacker’s website, allowing the hacker tohijack the user’s current session(Tankard, 2011). The website was attacked in such a mannerthat the relevant information was scrapped directly from the database. The following reportcontains a thorough analysis of threat faced by PeopleSharz, dependencies on critical successmeasures followed by the recommendations.Threat AnalysisBeing an IT security consultant and analyst, my job is to delve deeper and deeper to probePeopleSharz security and also to determine potential entry points that could have exploited bythe hackers. It should be noted that the social media websites are needed to take extra caution forthe cyber security threats, so the possibilities also are that PeopleSharz had spared no expenseregarding cyber security system. I can expect that the administrators had been conscientiousabout ensuring that all the security patches and antivirus updates had applied to their processes. Itcan be said that someone would be impressed with the level of security that this website had putin place(Gao, Hu, Huang, Wang, & Chen, 2011). However, after the extensive assessment, itwill certainly be revealed that PeopleSharz was still extremely vulnerable to a security breach.In order to analyze, the cyber security breach, I will perform data collection and vulnerabilityanalysis. While the Scope will provide information as to what needs to be included and whatneeds to be excluded in the process of analysis. So, in case of cyber security, the items that willbe considered will be those aspects of PeopleSharz that must be protected and they will beidentified first.(a)Data CollectionIn almost all the social media companies there are certain kind of policies and procedures that arerequired to be identified for the compliance purposes. In actuality around one-fourth securitymechanisms that the organizations have, miserably fail to fulfill minimum security standards. So,the first step will be to collect the detailed information regarding the security breach. Such asURLs to virus links, phishing email header and content, malicious command and controls anddomain names and IP addresses etc. As an analyst, it is very important for me to get unrestrictedaccess to data for transforming it into intelligence. My sources of information will be knowledgeof intrusion incidents, detection system logs, firewall logs, reverse engineering of malware, opensource links, honeypots so on and so forth. Once all of this data is collected, the examination andexamination will be done as to whether they match the compliance level in the organization(Ralston, Graham, & Hieb, 2007).
The different types of vulnerabilities that are needed to be tested in this case are as follows:Injection and Cross-site Vulnerabilities:these are the two most severe flaws that occur in webapplications and all of these work by sending malicious data to an application in the form ofcommand and query. In SQL injection, the hackers utilize data from the websites that generateSQL queries by using user-supplied data without ensuring that it is valid. Thereafter, the hackerssubmit malicious SQL queries and transfer commands directly to the database. While, in Cross-site scripting, the attackers target the website’s users by injecting code, particularly JavaScriptinto the output of a web application. When that page is being viewed, the browser executes thecode that allows the hacker to redirect users to a malicious site.Broken authentication and session management:of many important purposes of webapplications, user authentications is one of the most prominent in order to keep track of users’request as http. Now, if a hacker discovers that a user did not log out, then he uses XSS to hackhis account(Greitzer, & Frincke, 2010). So, the company is required to perform code review andpenetration tests as well.Security misconfiguration:the platform that supports web applications constitutes complicatedvariety of devices as well as software such as servers, firewalls, databases, operating systems andapplication software. All these different components are required to be securely configured aswell as maintained. So, a poor management of web applications may be caused by neverundergoing the necessary training. The poor application designs can also be the source of cybersecurity breach in organizations.(b)Vulnerability AnalysisThis stage is very vital as I will have to test the gathered information so that the level of exposurewould be determined. It will give us a fair idea as to whether the current defenses were solidenough to remove threats in terms of their availability, confidentiality and integrity. In this wewill evaluate whether the existing procedures, policies and security measures were adequate. Itshould be highlighted that threat analysis, especially in the Social networking sites such asPeopleSharz, is a continual process that should be reviewed once in a while to ensure that allsafeguard mechanisms are working properly. So, the evaluation of risks is an integral part of theorganization’s overall lifecycle(Kuhl, Kistner, Costantini, & Sudit, 2007).So, on the basis of vulnerability and risk assessment, we have to determine as to what securitymeasures will be needed to be taken and also remove the ineffective ones.Threat Metrics:the effective threat measurement facilitates analysis with the help of improvedunderstanding of how software anomalies occur. The imminence of certain forms ofvulnerabilities and connecting missing links between potential threats and possible consequenceswill be crucial in threat analysis. In light of this, my abilities of analysis will be greatly enhancedby using unambiguous and clear metric. It will improve our ability to understand the threat aswell as control and defend against it to a certain extent(Knapp, 2009). For example, aquantitative assessment about the number of cyber-attacks per month and the pattern and countof these attacks would reveal the hackers’ capability and intent.
You’re reading a preview

To View Complete Document

Become a Desklib Library Member.
Subscribe to our plans

Unlock This Document