Information System Security: Threats and Solutions for Google Company

Verified

Added on  2023/06/07

|19
|4845
|128
AI Summary
This paper discusses the potential risks to information security and ways to mitigate such threats or reduce their impacts if they happen to hit the organization. It focuses on Google Company as the case study and covers topics such as ransomware, threats against network routers and switches, webserver security threats, and email security.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Running Head: INFORMATION SYSTEM SECURITY 1
INFORMATION SYSTEM SECURITY
Student Name
Institution Affiliation
Facilitator
Course
Date

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
INFORMATION SYSTEM SECURITY 2
Table of Contents
1.0 Introduction................................................................................................................................4
2.0 The Working Mechanism of Ransomware (Google Company case)........................................4
2.1 Three Tools used to Tackle Ransomware Attack in Google Company.................................5
2.1.1 Kaspersky Anti-Ransomware Tool.................................................................................5
2.1.2 AVG’s Ransomware Decryption Tools..........................................................................5
2.1.3Trend Micro......................................................................................................................6
3.1 Denial-of-Service (DoS/DDoS) Attacks................................................................................6
3.2 Social Engineering.................................................................................................................7
3.3 Malwares................................................................................................................................7
4.0 Ensuring Availability and Reliability of Google Company Web Services...............................8
4.1 Protection of its server memory space...................................................................................8
4.2 Automated Deployment Services (ADS)...............................................................................9
4.3 Windows Management Instrumentation (WMI.....................................................................9
4.4 Troubleshooting features........................................................................................................9
5.0 Ensuring Confidentiality and Integrity for Google Company Staff Emails..............................9
6.0 Webserver Security Threats in Google Company...................................................................10
6.1 Denial-of-Service (DoS/DDoS) Attacks..............................................................................10
6.2 Web application attacks.......................................................................................................11
6.3 DNS infrastructure...............................................................................................................11
Document Page
INFORMATION SYSTEM SECURITY 3
6.4 SSL-induced blind spots......................................................................................................12
7.0 Improving the Availability of Email Server in Google Company...........................................12
7.1 Scaling the Email Server at its Construction Phase.............................................................12
7.2 Implementing Risk Mitigation.............................................................................................13
8.0 Impacts of Employees on Google Company Information Security.........................................13
8.1 Risk Management to Reduce Employee Risks on Google Company Information Security14
8.1.1 Educating the employees...............................................................................................14
8.1.2 Making Cyber Security a Responsibility of Everyone in the Organization..................14
8.1.3 Teaching Effective Password Management to Employees...........................................14
9.0 Data Logs in Monitoring and Analyzing Google Company Servers.......................................15
10.0 Network Devices to Control Security Threats in Google Company.....................................15
10.1 Intrusion Detection and Prevention Tools.........................................................................15
10.2 Anti-malwares....................................................................................................................16
10.3 Mobile device management tools......................................................................................16
10.4 Network access control tools.............................................................................................16
10.5 Next-generation firewalls...................................................................................................16
11.0 Conclusion.............................................................................................................................16
Document Page
INFORMATION SYSTEM SECURITY 4
1.0 Introduction
With the current trends in technology, organizations have found themselves in the
receiving ends of the risks which have emerged as a result of these trends. These risks are
specifically due to many threats and risks associated with information systems. As a matter
of fact, cases of security breaches have been increasing year in year out. This is an indication
that any organization is at risk of information security breach in this era. It is therefore
importance for all the organizations to be aware of some of the potential risks to their
information security and ways to mitigate such threats or reduce their impacts if they happen
to hit the organization. In this paper, activities related to security audits, BCP planning,
Controls, risk analysis and control, and appropriate tools as well as techniques of containing
organization information tools have been discussed with Google Company as the case study.
Among the above list, ransomware, a common network information system malware
is the first in line to be discussed.
2.0 The Working Mechanism of Ransomware (Google Company case)
In its basic definition, Ransomware has been defined as malicious software threatens a
computer operation once inside the computer by preventing the access to personal data in the
computer. Under such situations, the attacker can freely demand for a ransom from the person who
has been affected in order to bring things back to normal and which is not always truthful (Andrei,
CEBERE & ACHIM, 2018). Based on the chosen organization, Google Company, Ransomware can
gain access to a personal computer in various ways and the common one is through Phishing spam, an
attachment that can appear to the victim as an email and masquerading as a trustworthy file. They
trick the owner to download them but once downloaded and opened, they then take over full control

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
INFORMATION SYSTEM SECURITY 5
of the victim’s computer and deny him access especially if built with social engineering tools that trick
the owner into giving full administrative access.
Once these malwares take over the victim’s computer, they encrypt all the user files and which
cannot be decrypted easily without a mathematical key which is only known by the attacker (Al-rimy,
Maarof & Shaid, 2018). This is the moment when the user is send a message being explained that the
files can only be decrypted under certain attacker conditions like paying some amount of money or
things of the sort. In some of the previous attacks witnessed, the attackers claimed to be law
enforcement agencies shutting down the user’s computer because of violations such as pirated
softwares and demanded for fines to restore the computers. Such tricks scare the victims from
reporting the incidences to relevant authorities (Andronio, Zanero & Maggi, 2015).
2.1 Three Tools used to Tackle Ransomware Attack in Google Company
2.1.1 Kaspersky Anti-Ransomware Tool
Kaspersky Anti-Ransomware Tool is a well-known tool when it comes to malware and
anti-virus protection. It was designed with SMB’s mind and leverages System Watcher and
Kaspersky Security network technologies in identification of ransomware behavior patterns
when protecting windows based devices at the endpoints. The Kaspersky Security Network
collects all the information from the voluntary users to keep the tool up to date with latest threats
while System Watcher technology scans all the crucial system events hence preventing malicious
attacks (Baykara & Sekin, 2018).
2.1.2 AVG’s Ransomware Decryption Tools
Document Page
INFORMATION SYSTEM SECURITY 6
AVG Ransomware Decryption software has many tools which are designed to counter
specific ransomware threats. Such tools ensure that all files are scrutinized before being opened
in the computer and in case a malware is detected, it is discarded immediately to prevent its
consequences. These tools however work effectively when the software is maintained up to date.
The tools utilized by this software include Crypt888, Apocalypse, Legion, TeslaCrypt,
BadBlockSZ, FLocker and Bart
2.1.3Trend Micro
Unlike the case of Kaspersky Anti-Ransomware Tool which puts more emphasis on
protection of a computer against malware attacks, this tool works at the extreme end when the
computer has already been affected through its special features which enable it decrypt files
which are already attacked by the ransomware (Chandrashekhar, Gupta & Shivaraj, 2015).
3.0 Threats against Google Company Network Routers and Switches
Threats against network routers and switches are many including the distributed denial
of service attacks (DDoS), denial of service attacks (DoS), social engineering and malware.
These are just but a few and an indication that there are many threats towards these network
devices and a call for different protection approaches if a network must be secure. Solutions to
these threats are designed to cover multiple attacks but can never cover all the threats. Therefore,
a network needs a multilayered security approach to achieve maximum security objective.
3.1 Denial-of-Service (DoS/DDoS) Attacks
DoS and DDoS works on a principle of making routers and switches so busy to an extent
that they cannot play their roles in a network. To understand this principle, it is considered that
any networked device has a standard capacity of devices it can serve when connected and which
Document Page
INFORMATION SYSTEM SECURITY 7
highly depend on device factors like processors, memory size, networking buffers, NIC
processor and the network connection speed (Esan, 2015). When router or switch abilities to
work are hindered or in other words prevented, a successful DoS is said to have taken place. This
is achieved by sending very large amounts of traffic at the network router or switch to trigger
these devices to fill their buffers or enter error condition status. This can be achieved through
configuring a single third party network device to focus its full networked capacity towards
another less capacity device. Considering my case study Google, since it supports large number
of networked capacity, an attack from single device won’t be able to put any dent in its capacity
and therefore distributed denial of service attacks comes into play. In this attack, the attacker
utilizes a group of exploited devices also known as botnet instead of using a single device to
send traffic to perform an attack on network devices. Since the path to get to the attacker is
indirect, it makes it harder to trace the executor of these attacks (He, Dong, Ota, Fan & Wang,
2016).
3.2 Social Engineering
This has been one of the popular and most obvious methods of attack to network devices
for years. It utilizes social methods to extract sensitive information which can hardly be given
directly. A good example is the phishing which can be send to network administrators to lure
them into disclosing network control credentials like password and access controls to the routers
and switches. The attackers can therefore compromise the network routers and switches using
these credentials given by the administrator.
3.3 Malwares
Malwares are short forms for malicious softwares. In the current technology trend, they
include Trojans, viruses, adware, worms, spam and rootkits. Although they differ in the way they

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
INFORMATION SYSTEM SECURITY 8
operate, they have a common goal of exploiting network devices like routers and switches to
compromise their operations. For instance, viruses are programmed to attach itself on specific
executing code which after being run executes and reproduces itself by spreading to completely
interfere with the normal functioning of a network device. On the other hand, worms works by
taking advantage of the network operating systems of these devices and are programmed to turn
network devices into bots for later attacks.
4.0 Ensuring Availability and Reliability of Google Company Web Services
System manufactures have set it clear that systems are hardly perfectly reliable and can
rarely anticipate all failure modes. Windows Server 2012 has been with some features to ensure
reliability and availability of web services. However, these features are not adequate for full
functioning of the server. Google Company has implemented some measures to ensure reliability
and availability of its web services (Hwang, Hsu & Lee, 2015).
4.1 Protection of its server memory space
The organization works very hard to prevent any external violations to its server memory
space. It has also adopted the .NET Framework which imposes constraints on potential rogue
processes which can interfere with proper functioning of the server. Also, it has implemented
mechanisms of ensuring proactive validation to detect correct behavior of processes
(Jin,Tomoishi, Matsuura & Kitaguchi, 2018).
Document Page
INFORMATION SYSTEM SECURITY 9
4.2 Automated Deployment Services (ADS).
This company has implemented both automated and remote software and patch
distribution upgrades hence minimizing their server downtimes and reducing the risks of human
errors during maintenance processes.
4.3 Windows Management Instrumentation (WMI)
This service allows over 10,000 system user access through different ways such as
scripting, application and command lines as well as fine monitoring, controlling and reporting of
any malfunctioning of the server whenever it is detected.
4.4 Troubleshooting features
These features ensure quick troubleshooting and restoration of the servers to their normal
conditions quickly as possible to avoid incidences of non-response or slow responses when
accessing the servers. They include system recovery, logging, built-in performance monitoring,
and tracing capabilities (Voit & Verma, 2018).
5.0 Ensuring Confidentiality and Integrity for Google Company Staff Emails
Despite of the fact that message security features in Microsoft Exchange Server have
been there right from the first version of the product, only the customers with specialized
security skills and security experts have used the features. However, due to the increased support
for S/MIME (Secure/Multipurpose Internet Mail Extensions) in the current Message Exchange
Servers and the high demand for regulatory compliances, the need to comprehend these
principles has risen (Knorr & Aspinall, 2015).
Document Page
INFORMATION SYSTEM SECURITY 10
To achieve email confidentiality and integrity most messaging platforms have adopted
S/MIME. For instance, the Messaging and Security Feature Pack for Windows Mobile 5.0 has
begun to support S/MIME certificates on current smart phones. Also, most Microsoft Exchange
Server Service Packs are offering support for S/MIME in the Microsoft Outlook Web Access.
Before S/MIME, the most common email protocol under use by the administrators to transfer
messages was the Simple Mail Transfer Protocol and which inherently proved to be less secure.
However, with the current S/MIME certificates, e-mail options are now provided under
greater security compared to SMTP protocol. This has enabled widespread and secure e-mail
connectivity. S/MIME achieves its security objectives through two approaches digital signatures
and message encryption (Kharraz, Robertson & Kirda, 2018). These two approaches are not
mutually exclusive services because each addresses its own specific security issue. On the side of
Digital signatures, it addresses both authentication and repudiation issues while message
encryption deals with confidentiality issues. For that matter, for integrity and confidentiality of
email messages to be achieved, both digital signatures and message encryptions have been used
by the Google Company.
6.0 Webserver Security Threats in Google Company
6.1 Denial-of-Service (DoS/DDoS) Attacks
DoS and DDoS works on a principle of making servers so busy to an extent that they
cannot play their roles in a network. To understand this principle, it is considered that any server
has a standard capacity of devices it can serve when connected and which highly depend on
device factors like processors, memory size, its buffers, its NIC processor and its processor
speed. When server abilities to work are hindered or in other words prevented, a successful DoS

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
INFORMATION SYSTEM SECURITY 11
is said to have taken place (Maurya, Kumar, Agrawal & Khan, 2018). This is achieved by
sending very large amounts of traffic at the server to trigger its buffers to fill or enter error
condition status. This can be achieved through configuring single third party devices to focus its
full capacity towards another less capacity server. Considering my case study Google, since it
supports large number of servers, an attack from single device won’t be able to put any dent in
its capacity and therefore distributed denial of service attacks comes into play. In this attack, the
attacker utilizes a group of exploited devices also known as botnet instead of using a single
device to send traffic to perform an attack on the server. Since the path to get to the attacker is
indirect, it makes it harder to trace the executor of these attacks (Wong & Kerkez, 2016).
6.2 Web application attacks
These include the attacks like SQL injections, cross-site request forgery (CSRF) and
cross-site scripting (XSS) which are launched by Cyber criminals to break into servers and
access data for different purposes.
6.3 DNS infrastructure
DNS servers have increasingly become targets for attackers because when DNS servers
are taken offline, the attackers keep thousands of millions of Internet users from gaining access
to the Internet. So, if an ISP’s DNS server is incapacitated by the attacker, ISP’s subscribers are
prevented from resolving their domain names, sending emails, visiting websites and using other
important Internet services (Mathew & Varia, 2014).
Document Page
INFORMATION SYSTEM SECURITY 12
6.4 SSL-induced blind spots
With the increased number of applications supporting SSL, 40 percent of applications are
currently using SSL technology or change ports. SSL encryption has proved to be an enormous
loophole that can be utilized by malicious people to exploit webservers. This is because of the
inability of firewalls and intrusion prevention tools to keep pace with the growing SSL
encryption demands. For instance, the SSL key transitions from 1024 bits - to 2048-bits has
burdened many security devices because 2048-bits certificate require almost 7 times more
processing power to be able to decrypt SSL certificate encryptions (Ozzie et al, 2015).
7.0 Improving the Availability of Email Server in Google Company
Scalable applications with high availability are not easy to find because application
problems usually crop up in some unexpected ways to cause the applications stop working
appropriately as they were designed. Application availability problems arise from the least
expected areas. For that matter, it becomes very hard to anticipate where the problems may
originate. There are different approaches which can be used by an organization to improve email
server availability. Here are the two most common (Polyakov et al, 2014)
7.1 Scaling the Email Server at its Construction Phase
As indicated above, scalable applications with high availability are not easy to find
because application problems usually crop up in some unexpected ways to cause the applications
stop working appropriately as they were designed to, an email server that supports a certain
amount of traffic today might experience significantly more traffic in future and that may lead to
Document Page
INFORMATION SYSTEM SECURITY 13
denial of service. So, an email server should be built in an architecture that can accommodate
increased sizes of databases and applications.
7.2 Implementing Risk Mitigation
To ensure that a server is highly available, potential risks to the server must be removed
first. This is in consideration to the fact that systems failures are caused by risks. Therefore,
identifying those risks is a key approach to increasing server availability.
8.0 Impacts of Employees on Google Company Information Security
When cyber security threats are mentioned on organization information system, many
people tend to conjure up the images of expert hackers conducting attacks from an enclosed
room. However, statistics have indicated that employees are the biggest security threat for any
organization information system. Out of the 75 percent of the organizations which suffered data
breach in 2015, 50 percent of the worst breaches originated internally, from the organization
employees (Shu, Wan, Li, Lin, Vasilakos & Imran, 2016).
Recklessness among organization employees has been taken as an opportunity by
malicious attackers to obtain organization system passwords and end up penetrating into those
systems to carry on their agenda. This is achieved by tricking the employees to reveal such
credentials and then the hackers can go ahead to impersonate and access the organization
systems. So, employees should be top in the list when an organization is looking at mitigation
methods to its information security (Safa & Von, 2016).

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
INFORMATION SYSTEM SECURITY 14
8.1 Risk Management Recommendation to Reduce Employee Risks on Google Company
Information Security
8.1.1 Educating the employees
Most of organization employees are not even aware of the potential threats they can cause
to the whole organization out of their recklessness. It therefore plays a major role to enlighten
them on some of the activities they can get into leading to risk on the organization information
systems.
8.1.2 Making Cyber Security a Responsibility of Everyone in the Organization
Potential risks to organization information security should be discussed centrally and
ways to mitigate those threats implemented centrally through the involvement of every member
in the organization fraternity. This helps in reducing the external forces which can take the
advantage of naïve employees to gain access into the organization information system (Safa,
Solms, & Furnell, 2016).
8.1.3 Teaching Effective Password Management to Employees
Unmanaged passwords have been used before as the easiest way of breaking
organizations information systems. So, organizations should implement strong policies in regard
to Password usage through issuing guidelines on strong password requirements and emphasizing
on the importance of having strong and unique passwords.
Document Page
INFORMATION SYSTEM SECURITY 15
9.0 Data Logs in Monitoring and Analyzing Google Company Servers
The most important measure of server performance that can be obtained from system data
logs is the system Response time. They enable the analyzing team to understand the time taken
by requests to be returned. For instance, a web server log data may give an insight on how long a
request took to return the response to the client devices. This enables the analyzers to know
whether the performance of the server meets its standard or there is some interference (Thubert,
Levy & Ribiere, 2015).
On the other hand, log reports enable the auditing team of an organization in various
ways. First of all, it enables the team to obtain all the data and operations which took place in
particular time. For instance, if there is any communication which was carried out by the team
under investigation it is obtained. Also, any calculations and data deleted by the team under
investigation can also be retrieved through log reports to provide insights on whatever subject
under investigation.
10.0 Network Devices to Control Security Threats in Google Company
10.1 Intrusion Detection and Prevention Tools
Being aware of threats towards an organization security system is an importance step
when an organization is trying to mitigate risks on its network infrastructure. Considering that
fact, and that these two tools help in identification and protection of both wired and wireless
networks against several security threat types makes the tools very important (Tayan, 2017).
Document Page
INFORMATION SYSTEM SECURITY 16
10.2 Anti-malwares
Just like the Intrusion Detection and Prevention Tools, Anti-malware helps in
identification, blocking and removal of malwares. They help in tailoring anti-malware policies in
the identification of known and unknown malware sources.
10.3 Mobile device management tools
These tools bolster security in a network through monitoring and controlling security
devices remotely. Further, these tools can remotely lock stolen, compromised or lost mobile
device as well as wiping all the data stored in those devices (Vexler, 2014).
10.4 Network access control tools
These tools control the BYOD policy approaches in an organization by granting only
compliant devices the access to network assets.
10.5 Next-generation firewalls
This tool provides application visibility, controls and web security essentials. They also
improve the standard firewall abilities through application-awareness features.
11.0 Conclusion
From the above scrutiny, it’s clear that information security has extended its boundaries
under the new digital era and any organization which wishes to withstand the pressure from the
security threats should consider adopting the new technologies. Through that only, the
organizations can survive the test of time.
12.0 References

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
INFORMATION SYSTEM SECURITY 17
Andrei, R. U. S. U., CEBERE, B. C., & ACHIM, A. I. (2018). U.S. Patent Application No.
10/045,217.
Al-rimy, B. A. S., Maarof, M. A., & Shaid, S. Z. M. (2018). Ransomware threat success factors,
taxonomy, and countermeasures: A survey and research directions. Computers &
Security.
Andronio, N., Zanero, S., & Maggi, F. (2015, November). Heldroid: Dissecting and detecting
mobile ransomware. In International Workshop on Recent Advances in Intrusion
Detection (pp. 382-404). Springer, Cham.
Baykara, M., & Sekin, B. (2018, March). A novel approach to ransomware: Designing a safe
zone system. In Digital Forensic and Security (ISDFS), 2018 6th International
Symposium on (pp. 1-5). IEEE.
Chandrashekhar, A. M., Gupta, R. K., & Shivaraj, H. P. (2015). Role of information security
awareness in success of an organization. International Journal of Research, 2(6), 15-22.
Esan, A. B. (2015). Development of Countermeasures against some Internet Security
Threats (Doctoral dissertation, Landmark University, Omu-Aran, Kwara State Nigeria).
He, J., Dong, M., Ota, K., Fan, M., & Wang, G. (2016). NetSecCC: A scalable and fault-tolerant
architecture for cloud computing security. Peer-to-Peer Networking and
Applications, 9(1), 67-81.
Hwang, S. Y., Hsu, C. C., & Lee, C. H. (2015). Service selection for web services with
probabilistic QoS. IEEE transactions on services computing, (1), 1-1.
Document Page
INFORMATION SYSTEM SECURITY 18
Jin, Y., Tomoishi, M., Matsuura, S., & Kitaguchi, Y. (2018, March). A Secure Container-based
Backup Mechanism to Survive Destructive Ransomware Attacks. In 2018 International
Conference on Computing, Networking and Communications (ICNC) (pp. 1-6). IEEE.
Knorr, K., & Aspinall, D. (2015, April). Security testing for Android mHealth apps. In Software
Testing, Verification and Validation Workshops (ICSTW), 2015 IEEE Eighth
International Conference on (pp. 1-8). IEEE.
Kharraz, A., Robertson, W., & Kirda, E. (2018). Protecting against Ransomware: A New Line of
Research or Restating Classic Ideas?. IEEE Security & Privacy, 16(3), 103-107.
Maurya, A. K., Kumar, N., Agrawal, A., & Khan, R. A. (2018). Ransomware: Evolution, Target
and Safety Measures.
Mathew, S., & Varia, J. (2014). Overview of amazon web services. Amazon Whitepapers.
Ozzie, R. E., Ozzie, J. E., Moromisato, G. P., Narayanan, R., Augustine, M. S., Shukla, D. K., ...
& Ghanaie-Sichanie, A. (2015). U.S. Patent No. 9,003,059. Washington, DC: U.S. Patent
and Trademark Office.
Polyakov, A., Seinfeld, M., Mody, J. J., Sun, N., Lee, T., & Chu, C. (2014). U.S. Patent No.
8,667,583. Washington, DC: U.S. Patent and Trademark Office.
Shu, Z., Wan, J., Li, D., Lin, J., Vasilakos, A. V., & Imran, M. (2016). Security in software-
defined networking: Threats and countermeasures. Mobile Networks and
Applications, 21(5), 764-776.
Safa, N. S., & Von Solms, R. (2016). An information security knowledge sharing model in
organizations. Computers in Human Behavior, 57, 442-451.
Document Page
INFORMATION SYSTEM SECURITY 19
Safa, N. S., Von Solms, R., & Furnell, S. (2016). Information security policy compliance model
in organizations. Computers & Security, 56, 70-82.
Thubert, P., Levy-Abegnoli, E., & Ribiere, V. J. (2015). U.S. Patent No. 9,015,852. Washington,
DC: U.S. Patent and Trademark Office.
Tayan, O. (2017). Concepts and tools for protecting sensitive data in the it industry: a review of
trends, challenges and mechanisms for data-protection. International Journal of
Advanced Computer Science and Applications, 8(2).
Vexler, V. (2014). U.S. Patent No. 8,849,793. Washington, DC: U.S. Patent and Trademark
Office.
Voit, E. A., & Verma, J. (2018). U.S. Patent Application No. 15/475,235.
Wong, B. P., & Kerkez, B. (2016). Real-time environmental sensor data: An application to water
quality using web services. Environmental Modelling & Software, 84, 505-517.
1 out of 19
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]