Information System Security: Threats and Solutions for Google Company
Verified
Added on ย 2023/06/07
|19
|4845
|128
AI Summary
This paper discusses the potential risks to information security and ways to mitigate such threats or reduce their impacts if they happen to hit the organization. It focuses on Google Company as the case study and covers topics such as ransomware, threats against network routers and switches, webserver security threats, and email security.
Contribute Materials
Your contribution can guide someoneโs learning journey. Share your
documents today.
Running Head: INFORMATION SYSTEM SECURITY1 INFORMATION SYSTEM SECURITY Student Name Institution Affiliation Facilitator Course Date
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
INFORMATION SYSTEM SECURITY2 Table of Contents 1.0 Introduction................................................................................................................................4 2.0 The Working Mechanism of Ransomware (Google Company case)........................................4 2.1 Three Tools used to Tackle Ransomware Attack in Google Company.................................5 2.1.1 Kaspersky Anti-Ransomware Tool.................................................................................5 2.1.2 AVGโs Ransomware Decryption Tools..........................................................................5 2.1.3Trend Micro......................................................................................................................6 3.1 Denial-of-Service (DoS/DDoS) Attacks................................................................................6 3.2 Social Engineering.................................................................................................................7 3.3 Malwares................................................................................................................................7 4.0 Ensuring Availability and Reliability of Google Company Web Services...............................8 4.1 Protection of its server memory space...................................................................................8 4.2 Automated Deployment Services (ADS)...............................................................................9 4.3 Windows Management Instrumentation (WMI.....................................................................9 4.4 Troubleshooting features........................................................................................................9 5.0 Ensuring Confidentiality and Integrity for Google Company Staff Emails..............................9 6.0 Webserver Security Threats in Google Company...................................................................10 6.1 Denial-of-Service (DoS/DDoS) Attacks..............................................................................10 6.2 Web application attacks.......................................................................................................11 6.3 DNS infrastructure...............................................................................................................11
INFORMATION SYSTEM SECURITY3 6.4 SSL-induced blind spots......................................................................................................12 7.0 Improving the Availability of Email Server in Google Company...........................................12 7.1 Scaling the Email Server at its Construction Phase.............................................................12 7.2 Implementing Risk Mitigation.............................................................................................13 8.0 Impacts of Employees on Google Company Information Security.........................................13 8.1 Risk Management to Reduce Employee Risks on Google Company Information Security14 8.1.1 Educating the employees...............................................................................................14 8.1.2 Making Cyber Security a Responsibility of Everyone in the Organization..................14 8.1.3 Teaching Effective Password Management to Employees...........................................14 9.0 Data Logs in Monitoring and Analyzing Google Company Servers.......................................15 10.0 Network Devices to Control Security Threats in Google Company.....................................15 10.1 Intrusion Detection and Prevention Tools.........................................................................15 10.2 Anti-malwares....................................................................................................................16 10.3 Mobile device management tools......................................................................................16 10.4 Network access control tools.............................................................................................16 10.5Next-generation firewalls...................................................................................................16 11.0 Conclusion.............................................................................................................................16
INFORMATION SYSTEM SECURITY4 1.0 Introduction With the current trends in technology, organizations have found themselves in the receiving ends of the risks which have emerged as a result of these trends. These risks are specifically due to many threats and risks associated with information systems. As a matter of fact, cases of security breaches have been increasing year in year out. This is an indication that any organization is at risk of information security breach in this era. It is therefore importance for all the organizations to be aware of some of the potential risks to their information security and ways to mitigate such threats or reduce their impacts if they happen to hit the organization. In this paper, activities related to security audits, BCP planning, Controls, risk analysis and control, and appropriate tools as well as techniques of containing organization information tools have been discussed with Google Company as the case study. Among the above list, ransomware, a common network information system malware is the first in line to be discussed. 2.0 The Working Mechanism of Ransomware (Google Company case) In its basic definition, Ransomware has been defined as malicious software threatens a computer operation once inside the computer by preventing the access to personal data in the computer. Under such situations, the attacker can freely demand for a ransom from the person who has been affected in order to bring things back to normal and which is not always truthful (Andrei, CEBERE & ACHIM, 2018).Based on the chosen organization, Google Company, Ransomware can gain access to a personal computer in various ways and the common one is through Phishing spam, an attachment that can appear to the victim as an email and masquerading as a trustworthy file. They trick the owner to download them but once downloaded and opened, they then take over full control
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
INFORMATION SYSTEM SECURITY5 of the victimโs computer and deny him access especially if built with social engineering tools that trick the owner into giving full administrative access. Once these malwares take over the victimโs computer, they encrypt all the user files and which cannot be decrypted easily without a mathematical key which is only known by the attacker (Al-rimy, Maarof & Shaid, 2018). This is the moment when the user is send a message being explained that the files can only be decrypted under certain attacker conditions like paying some amount of money or things of the sort. In some of the previous attacks witnessed, the attackers claimed to be law enforcement agencies shutting down the userโs computer because of violations such as pirated softwares and demanded for fines to restore the computers. Such tricks scare the victims from reporting the incidences to relevant authorities (Andronio, Zanero & Maggi, 2015). 2.1 Three Tools used to Tackle Ransomware Attack in Google Company 2.1.1 Kaspersky Anti-Ransomware Tool Kaspersky Anti-Ransomware Tool is a well-known tool when it comes to malware and anti-virus protection. It was designed with SMBโs mind and leverages System Watcher and Kaspersky Security network technologies in identification of ransomware behavior patterns when protecting windows based devices at the endpoints.The Kaspersky Security Network collects all the information from the voluntary users to keep the tool up to date with latest threats while System Watcher technology scans all the crucial system events hence preventing malicious attacks (Baykara & Sekin, 2018). 2.1.2 AVGโs Ransomware Decryption Tools
INFORMATION SYSTEM SECURITY6 AVG Ransomware Decryption software has many tools which are designed to counter specific ransomware threats. Such tools ensure that all files are scrutinized before being opened in the computer and in case a malware is detected, it is discarded immediately to prevent its consequences. These tools however work effectively when the software is maintained up to date. The tools utilized by this software include Crypt888, Apocalypse, Legion, TeslaCrypt, BadBlockSZ, FLocker and Bart 2.1.3Trend Micro Unlike the case ofKaspersky Anti-Ransomware Tool which puts more emphasis on protection of a computer against malware attacks, this tool works at the extreme end when the computer has already been affected through its special features which enable it decrypt files which are already attacked by the ransomware (Chandrashekhar, Gupta & Shivaraj, 2015). 3.0 Threats against Google Company Network Routers and Switches Threats against network routers and switches are many including the distributed denial of service attacks (DDoS), denial of service attacks (DoS), social engineering and malware. These are just but a few and an indication that there are many threats towards these network devices and a call for different protection approaches if a network must be secure. Solutions to these threats are designed to cover multiple attacks but can never cover all the threats. Therefore, a network needs a multilayered security approach to achieve maximum security objective. 3.1 Denial-of-Service (DoS/DDoS) Attacks DoS and DDoS works on a principle of making routers and switches so busy to an extent that they cannot play their roles in a network. To understand this principle, it is considered that any networked device has a standard capacity of devices it can serve when connected and which
INFORMATION SYSTEM SECURITY7 highly depend on device factors like processors, memory size, networking buffers, NIC processor and the network connection speed (Esan, 2015). When router or switch abilities to work are hindered or in other words prevented, a successful DoS is said to have taken place. This is achieved by sending very large amounts of traffic at the network router or switch to trigger these devices to fill their buffers or enter error condition status. This can be achieved through configuring a single third party network device to focus its full networked capacity towards another less capacity device. Considering my case study Google, since it supports large number of networked capacity, an attack from single device wonโt be able to put any dent in its capacity and therefore distributed denial of service attacks comes into play. In this attack, the attacker utilizes a group of exploited devices also known as botnet instead of using a single device to send traffic to perform an attack on network devices. Since the path to get to the attacker is indirect, it makes it harder to trace the executor of these attacks (He, Dong, Ota, Fan & Wang, 2016). 3.2 Social Engineering This has been one of the popular and most obvious methods of attack to network devices for years. It utilizes social methods to extract sensitive information which can hardly be given directly. A good example is the phishing which can be send to network administrators to lure them into disclosing network control credentials like password and access controls to the routers and switches. The attackers can therefore compromise the network routers and switches using these credentials given by the administrator. 3.3 Malwares Malwares are short forms for malicious softwares. In the current technology trend, they include Trojans, viruses, adware, worms, spam and rootkits. Although they differ in the way they
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
INFORMATION SYSTEM SECURITY8 operate, they have a common goal of exploiting network devices like routers and switches to compromise their operations. For instance, viruses are programmed to attach itself on specific executing code which after being run executes and reproduces itself by spreading to completely interfere with the normal functioning of a network device. On the other hand, worms works by taking advantage of the network operating systems of these devices and are programmed to turn network devices into bots for later attacks. 4.0 Ensuring Availability and Reliability of Google Company Web Services System manufactures have set it clear that systems are hardly perfectly reliable and can rarely anticipate all failure modes. WindowsServer2012 has been with some features to ensure reliability and availability of web services. However, these features are not adequate for full functioning of the server. Google Company has implemented some measures to ensure reliability and availability of its web services (Hwang, Hsu & Lee, 2015). 4.1 Protection of its server memory space The organization works very hard to prevent any external violations to its server memory space. It has also adopted the .NET Framework which imposes constraints on potential rogue processes which can interfere with proper functioning of the server. Also, it has implemented mechanisms of ensuring proactive validation to detect correct behavior of processes (Jin,Tomoishi, Matsuura & Kitaguchi, 2018).
INFORMATION SYSTEM SECURITY9 4.2 Automated Deployment Services (ADS). This company has implemented both automated and remote software and patch distribution upgrades hence minimizing their server downtimes and reducing the risks of human errors during maintenance processes. 4.3 Windows Management Instrumentation (WMI) This service allows over 10,000 system user access through different ways such as scripting, application and command lines as well as fine monitoring, controlling and reporting of any malfunctioning of the server whenever it is detected. 4.4 Troubleshooting features These features ensure quick troubleshooting and restoration of the servers to their normal conditions quickly as possible to avoid incidences of non-response or slow responses when accessing the servers. They include system recovery, logging, built-in performance monitoring, and tracing capabilities (Voit & Verma, 2018). 5.0 Ensuring Confidentiality and Integrity for Google Company Staff Emails Despite of the fact that message security features in Microsoft Exchange Server have been there right from the first version of the product, only the customers with specialized security skills and security experts have used the features. However, due to the increased support for S/MIME (Secure/Multipurpose Internet Mail Extensions) in the current Message Exchange Servers and the high demand for regulatory compliances, the need to comprehend these principles has risen (Knorr & Aspinall, 2015).
INFORMATION SYSTEM SECURITY10 To achieve email confidentiality and integrity most messaging platforms have adopted S/MIME. For instance, the Messaging and Security Feature Pack for Windows Mobile 5.0 has begun to support S/MIME certificates on current smart phones. Also, most Microsoft Exchange Server Service Packs are offering support for S/MIME in the Microsoft Outlook Web Access. Before S/MIME, the most common email protocol under use by the administrators to transfer messages was the Simple Mail Transfer Protocol and which inherently proved to be less secure. However, with the current S/MIME certificates, e-mail options are now provided under greater security compared to SMTP protocol. This has enabled widespread and secure e-mail connectivity. S/MIME achieves its security objectives through two approaches digital signatures and message encryption (Kharraz, Robertson & Kirda, 2018). These two approaches are not mutually exclusive services because each addresses its own specific security issue. On the side of Digital signatures, it addresses both authentication and repudiation issues while message encryption deals with confidentiality issues. For that matter, for integrity and confidentiality of email messages to be achieved, both digital signatures and message encryptions have been used by the Google Company. 6.0 Webserver Security Threats in Google Company 6.1 Denial-of-Service (DoS/DDoS) Attacks DoS and DDoS works on a principle of making servers so busy to an extent that they cannot play their roles in a network. To understand this principle, it is considered that any server has a standard capacity of devices it can serve when connected and which highly depend on device factors like processors, memory size, its buffers, its NIC processor and its processor speed. When server abilities to work are hindered or in other words prevented, a successful DoS
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
INFORMATION SYSTEM SECURITY11 is said to have taken place (Maurya, Kumar, Agrawal & Khan, 2018). This is achieved by sending very large amounts of traffic at the server to trigger its buffers to fill or enter error condition status. This can be achieved through configuring single third party devices to focus its full capacity towards another less capacity server. Considering my case study Google, since it supports large number of servers, an attack from single device wonโt be able to put any dent in its capacity and therefore distributed denial of service attacks comes into play. In this attack, the attacker utilizes a group of exploited devices also known as botnet instead of using a single device to send traffic to perform an attack on the server. Since the path to get to the attacker is indirect, it makes it harder to trace the executor of these attacks (Wong & Kerkez, 2016). 6.2 Web application attacks These include the attacks like SQL injections, cross-site request forgery (CSRF) and cross-site scripting (XSS) which are launched by Cyber criminals to break into servers and access data for different purposes. 6.3 DNS infrastructure DNS servers have increasingly become targets for attackers because when DNS servers are taken offline, the attackers keep thousands of millions of Internet users from gaining access to the Internet. So, if an ISPโs DNS server is incapacitated by the attacker, ISPโs subscribers are prevented from resolving their domain names, sending emails, visiting websites and using other important Internet services (Mathew & Varia, 2014).
INFORMATION SYSTEM SECURITY12 6.4 SSL-induced blind spots With the increased number of applications supporting SSL, 40 percent of applications are currently using SSL technology or change ports. SSL encryption has proved to be an enormous loophole that can be utilized by malicious people to exploit webservers. This is because of the inability of firewalls and intrusion prevention tools to keep pace with the growingSSL encryptiondemands. For instance, the SSL key transitions from 1024 bits - to 2048-bits has burdened many security devices because 2048-bits certificate require almost 7 times more processing power to be able to decrypt SSL certificate encryptions (Ozzie et al, 2015). 7.0 Improving the Availability of Email Server in Google Company Scalable applications with high availability are not easy to find because application problems usually crop up in some unexpected ways to cause the applications stop working appropriately as they were designed. Application availability problems arise from the least expected areas. For that matter, it becomes very hard to anticipate where the problems may originate. There are different approaches which can be used by an organization to improve email server availability. Here are the two most common (Polyakov et al, 2014) 7.1 Scaling the Email Server at its Construction Phase As indicated above, scalable applications with high availability are not easy to find because application problems usually crop up in some unexpected ways to cause the applications stop working appropriately as they were designed to, an email server that supports a certain amount of traffic today might experience significantly more traffic in future and that may lead to
INFORMATION SYSTEM SECURITY13 denial of service. So, an email server should be built in an architecture that can accommodate increased sizes of databases and applications. 7.2 Implementing Risk Mitigation To ensure that a server is highly available, potential risks to the server must be removed first. This is in consideration to the fact that systems failures are caused by risks. Therefore, identifying those risks is a key approach to increasing server availability. 8.0 Impacts of Employees on Google Company Information Security When cyber security threats are mentioned on organization information system, many people tend to conjure up the images of expert hackers conducting attacks from an enclosed room. However, statistics have indicated that employees are the biggest security threat for any organization information system. Out of the 75 percent of the organizations which suffered data breach in 2015, 50 percent of the worst breaches originated internally, from the organization employees (Shu, Wan, Li, Lin, Vasilakos & Imran, 2016). Recklessness among organization employees has been taken as an opportunity by malicious attackers to obtain organization system passwords and end up penetrating into those systems to carry on their agenda. This is achieved by tricking the employees to reveal such credentials and then the hackers can go ahead to impersonate and access the organization systems. So, employees should be top in the list when an organization is looking at mitigation methods to its information security (Safa & Von, 2016).
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
INFORMATION SYSTEM SECURITY14 8.1 Risk Management Recommendation to Reduce Employee Risks on Google Company Information Security 8.1.1 Educating the employees Most of organization employees are not even aware of the potential threats they can cause to the whole organization out of their recklessness. It therefore plays a major role to enlighten them on some of the activities they can get into leading to risk on the organization information systems. 8.1.2 Making Cyber Security a Responsibility of Everyone in the Organization Potential risks to organization information security should be discussed centrally and ways to mitigate those threats implemented centrally through the involvement of every member in the organization fraternity. This helps in reducing the external forces which can take the advantage of naรฏve employees to gain access into the organization information system (Safa, Solms, & Furnell, 2016). 8.1.3 Teaching Effective Password Management to Employees Unmanaged passwords have been used before as the easiest way of breaking organizations information systems. So, organizations should implement strong policies in regard to Password usage through issuing guidelines on strong password requirements and emphasizing on the importance of having strong and unique passwords.
INFORMATION SYSTEM SECURITY15 9.0 Data Logs in Monitoring and Analyzing Google Company Servers The most important measure of server performance that can be obtained from system data logs is the system Response time. They enable the analyzing team to understand the time taken by requests to be returned. For instance, a web server log data may give an insight on how long a request took to return the response to the client devices. This enables the analyzers to know whether the performance of the server meets its standard or there is some interference (Thubert, Levy & Ribiere, 2015). On the other hand, log reports enable the auditing team of an organization in various ways. First of all, it enables the team to obtain all the data and operations which took place in particular time. For instance, if there is any communication which was carried out by the team under investigation it is obtained. Also, any calculations and data deleted by the team under investigation can also be retrieved through log reports to provide insights on whatever subject under investigation. 10.0 Network Devices to Control Security Threats in Google Company 10.1 Intrusion Detection and Prevention Tools Being aware of threats towards an organization security system is an importance step when an organization is trying to mitigate risks on its network infrastructure. Considering that fact, and that these two tools help in identification and protection of both wired and wireless networks against several security threat types makes the tools very important (Tayan, 2017).
INFORMATION SYSTEM SECURITY16 10.2 Anti-malwares Just like theIntrusion Detection and Prevention Tools,Anti-malware helps in identification, blocking and removal of malwares. They help in tailoring anti-malware policies in the identification of known and unknown malware sources. 10.3 Mobile device management tools These tools bolster security in a network through monitoring and controlling security devices remotely. Further, these tools can remotely lock stolen, compromised or lost mobile device as well as wiping all the data stored in those devices (Vexler, 2014). 10.4 Network access control tools These tools control the BYOD policy approaches in an organization by granting only compliant devices the access to network assets. 10.5Next-generation firewalls This tool provides application visibility, controls and web security essentials. They also improve the standard firewall abilities through application-awareness features. 11.0 Conclusion From the above scrutiny, itโs clear that information security has extended its boundaries under the new digital era and any organization which wishes to withstand the pressure from the security threats should consider adopting the new technologies. Through that only, the organizations can survive the test of time. 12.0 References
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
INFORMATION SYSTEM SECURITY17 Andrei, R. U. S. U., CEBERE, B. C., & ACHIM, A. I. (2018).U.S. Patent Application No. 10/045,217. Al-rimy, B. A. S., Maarof, M. A., & Shaid, S. Z. M. (2018). Ransomware threat success factors, taxonomy, and countermeasures: A survey and research directions.Computers & Security. Andronio, N., Zanero, S., & Maggi, F. (2015, November). Heldroid: Dissecting and detecting mobile ransomware. InInternational Workshop on Recent Advances in Intrusion Detection(pp. 382-404). Springer, Cham. Baykara, M., & Sekin, B. (2018, March). A novel approach to ransomware: Designing a safe zone system. InDigital Forensic and Security (ISDFS), 2018 6th International Symposium on(pp. 1-5). IEEE. Chandrashekhar, A. M., Gupta, R. K., & Shivaraj, H. P. (2015). Role of information security awareness in success of an organization.International Journal of Research,2(6), 15-22. Esan, A. B. (2015).Development of Countermeasures against some Internet Security Threats(Doctoral dissertation, Landmark University, Omu-Aran, Kwara State Nigeria). He, J., Dong, M., Ota, K., Fan, M., & Wang, G. (2016). NetSecCC: A scalable and fault-tolerant architecture for cloud computing security.Peer-to-Peer Networking and Applications,9(1), 67-81. Hwang, S. Y., Hsu, C. C., & Lee, C. H. (2015). Service selection for web services with probabilistic QoS.IEEE transactions on services computing, (1), 1-1.
INFORMATION SYSTEM SECURITY18 Jin, Y., Tomoishi, M., Matsuura, S., & Kitaguchi, Y. (2018, March). A Secure Container-based Backup Mechanism to Survive Destructive Ransomware Attacks. In2018 International Conference on Computing, Networking and Communications (ICNC)(pp. 1-6). IEEE. Knorr, K., & Aspinall, D. (2015, April). Security testing for Android mHealth apps. InSoftware Testing, Verification and Validation Workshops (ICSTW), 2015 IEEE Eighth International Conference on(pp. 1-8). IEEE. Kharraz, A., Robertson, W., & Kirda, E. (2018). Protecting against Ransomware: A New Line of Research or Restating Classic Ideas?.IEEE Security & Privacy,16(3), 103-107. Maurya, A. K., Kumar, N., Agrawal, A., & Khan, R. A. (2018). Ransomware: Evolution, Target and Safety Measures. Mathew, S., & Varia, J. (2014). Overview of amazon web services.Amazon Whitepapers. Ozzie, R. E., Ozzie, J. E., Moromisato, G. P., Narayanan, R., Augustine, M. S., Shukla, D. K., ... & Ghanaie-Sichanie, A. (2015).U.S. Patent No. 9,003,059. Washington, DC: U.S. Patent and Trademark Office. Polyakov, A., Seinfeld, M., Mody, J. J., Sun, N., Lee, T., & Chu, C. (2014).U.S. Patent No. 8,667,583. Washington, DC: U.S. Patent and Trademark Office. Shu, Z., Wan, J., Li, D., Lin, J., Vasilakos, A. V., & Imran, M. (2016). Security in software- defined networking: Threats and countermeasures.Mobile Networks and Applications,21(5), 764-776. Safa, N. S., & Von Solms, R. (2016). An information security knowledge sharing model in organizations.Computers in Human Behavior,57, 442-451.
INFORMATION SYSTEM SECURITY19 Safa, N. S., Von Solms, R., & Furnell, S. (2016). Information security policy compliance model in organizations.Computers & Security,56, 70-82. Thubert, P., Levy-Abegnoli, E., & Ribiere, V. J. (2015).U.S. Patent No. 9,015,852. Washington, DC: U.S. Patent and Trademark Office. Tayan, O. (2017). Concepts and tools for protecting sensitive data in the it industry: a review of trends, challenges and mechanisms for data-protection.International Journal of Advanced Computer Science and Applications,8(2). Vexler, V. (2014).U.S. Patent No. 8,849,793. Washington, DC: U.S. Patent and Trademark Office. Voit, E. A., & Verma, J. (2018).U.S. Patent Application No. 15/475,235. Wong, B. P., & Kerkez, B. (2016). Real-time environmental sensor data: An application to water quality using web services.Environmental Modelling & Software,84, 505-517.