The report analyzes the Comodo certificate fraud hack to identify the security risks associated with an organization that maintains a network of small business clients. It discusses the IT security risks and recommends solutions to eliminate the data security risks.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: NETWORK COMMUNICATION SECURITY Network Communication Security Name of the Student Name of the University Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1 NETWORK COMMUNICATION SECURITY Executive Summary The report will be analyzing the Comodo certificate fraud hack in order to identify the different risks and issues associated with the use of IT in an organization. The security hack will be evaluated in order to identify the problems and the issues associated with an organization that works for maintaining a network of a series of small business clients receiving payments from the government for their services. These clients receive confidential information from the government sources and therefore the clients are legally obliged to ensure the privacy of the same. The Comodo certificate fraud hack unveiled a lot of security issues associated with online transactions which are needed to be addressed. In order to effectively address a problem, it is essential to identify the different issues associated with the use of information technology and ICT.There were certain loopholes in the security mechanisms of the organizations that led to the attack. These security issues are needed to be analyzed in order to recommend suitable solutions to the said organizations. The detailed analysis of the attack in provided in the following paragraphs.
2 NETWORK COMMUNICATION SECURITY Table of Contents Introduction..........................................................................................................................3 1. The Comodo certificate Fraud Hack................................................................................3 2. IT security Risks..............................................................................................................5 3. The Solution.....................................................................................................................7 Conclusion...........................................................................................................................8 References..........................................................................................................................10
3 NETWORK COMMUNICATION SECURITY Introduction The purpose of this report is to demonstrate and analyze the Comodo certificate fraud hack to identify the security risks associated with an organization that maintains a network of a series of small business clients. The report will analyze the security issues that led to the Comodo certificate fraud leading to the fraudulent issue of 9 SSL certificates in 7 domains [10]. Although the attacks could be detected within hours, and the certificates issued were revoked immediately, the attack unveiled the different security issues that needed urgent attention [1]. The report aims in discussing the major IT security problems that exposes an organization in different vulnerable situations. 1. The Comodo certificate Fraud Hack On March 2011, the Comodo certificate fraud hack broke in issuing 9 SSL certificates fraudulently. The hack although could be identified within a few hours, it established the need for urgent security attention in the organization. Soon after the certificate hack the Comodo root keys and the intermediate hardware were compromised. This attack was promptly reported as well. After the initial attack on 15 March, an intrusion was detected in a reseller account of Comodo. The security measures that were enforced after the attack were not enough to eliminate the subsequent attacks. In the Comodo certificate fraud hack, an attacker could gain an access to the username and password of a trusted partner of Comodo in Southern Europe [11]. Therefore it can be commented that there must be a serious security IT security issue in Comodo that led to the failure of the project. It was found out that the hacker was still using the Comodo partner account and it can be assumed that the attacker intended to target the other domains as well.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4 NETWORK COMMUNICATION SECURITY However, as soon as the hack and the data breach were discovered, the remediation efforts began and the certificates that were fraudulently issued were revoked back [5]. In this way the web browsers were prevented to use the fraudulently issued certificates. Apart from that an additional audit and control were enforced to eliminate the effects of the data breach. As a control mechanism, the IP address of the initial attack was recorded to reveal the source of the attack. It was revealed that two IP addresses were assigned to the Iranian ISPs [9]. These incidents indicate that the attacks might have originated in Iran. However, the attack could be detected on time and thus the effect could be reduced. The incident report of Comodo certificate fraud hack suggests that the attacker was well prepared about the attack and planned its targets quite intelligently. The analysis of Comodo certificate fraud hack therefore reveals that it is essential for the organizations to consider the different aspects of security risks that an organization or its employees might face [14]. In this context, the security issues associated with the organization operating with a network of clients will be analyzed. The Comodo certificate fraud hack was significantsincewiththisattack,theattackerfraudulentlyissuedSSLcertificates.SSL certificates are needed for validating the legitimacy of a website to the browsers that assures the users that they are dealing with a legitimate site. The SSL certificates in a website further establishes the fact that the traffic between the browsers and the website a user is browsing is encrypted [13].The attack was said to be politically motivated and it was speculated that the Iranian government was probably behind the attack. It is speculated that the Iranian government could have used the certificates in duping the anti-government activists in believing that they were legitimate sites, for example Yahoo mail.
5 NETWORK COMMUNICATION SECURITY Followed by the incident, an Iranian hacker has claimed the responsibility of the certificate hack against Comodo that provided an insight about the process by which a highly profile hack might be pulled off. The forged certificates that were issued created a means for the hacker to pose for a man in the middle attack or certain phishing attacks [12]. Comodo was quick enough to revoke the fraudulently issued certificates yet it gives rise to a criticism against the firm in putting too much trust in the resellers [2]. The process of issuing the certificated directly from the root could have eliminated the risk. Although it was speculated that the Iranian government was associated with the attack, the hacker claimed that he acted alone in the attack and was not associated with the Iranian Cyber army or hacking cadre [8]. The attack therefore unveils that there are a number of security risks associated with an organization that operates and involves an online transaction system [4]. The different IT security risks associated with the organization that maintains a network or series of small business clients receiving payment from government are discussed in the following section. 2. IT security Risks A contractor is responsible for maintaining a network of small business clients receiving payment from government for the services they offer. It is the responsibility of the contractor to providesecureservicestotheclientsastheclientsareresponsibleformaintainingthe confidentiality of the information that they are receiving from the government. The Comodo certificate hack unveiled a number of security risks and issues associated with TSL and SSL certificates and beyond [7]. The security risks associated with any online operation is increasing mainly because the hackers in a digitally pervasive and connected
6 NETWORK COMMUNICATION SECURITY environment are increasing as well. The Comodo certificate hack gives rise to a significant question about the security of digital certificates [3]. Since the clients of the contractor receives confidential information from the government, the use of digital certificates in such transactions is mandatory, any risk in the digital security certificates might give rise to a man in the middle attack. Hack of SSL certificates and issue of such fraudulent certificates are a significant risk since the user visiting a secure website feels free to share the confidential details with the site assuming that the information shared will be encrypted [6]. However, if in any case, the SSL certificates are hacked or a digital certificate is hacked, it might give rise to a man-in-the middle attack. The security certificates are considered to be a trust worthy factors because it asks for a strict validation of payment and identity proof which prevents an attack by the hacker. Now in this case, if the certificate gets hacked, it will give rise to a huge data security risk. The users will continue to visit the website assuming it to be safe while in real sense it is not and it will expose the data entered by the users in the forged website. Since the clients of the organization deals with the exchange of confidential data with the government, the hack of the security certificates might result in the loss of the confidentiality of the data which cannot be afforded. Apart from the risk of hacking into the digital certificates, the use of internet while exchanging the confidential data possesses a number of security risks.One of the causes of security risk associated with the online data exchange is improper patch management. It is one loophole that the hackers make use of in order to get an access to a particular information system.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
7 NETWORK COMMUNICATION SECURITY One of the significant security risks that is associated with the organization is that the contractor maintains the networks of a series of small business clients who often use their own devices. The employees of the small business might use their own device while in exchanging data with the government. The presence of malware or viruses in those devices might result in a data security risk. The personal devices of the employees might not have a same level of security that is maintained within the network thus posing an IT security risk. Since the contractor is maintaining a network of small business clients, any security risk in one network might risk the other networks as well. Therefore it is needed for the organization to enforce improved security in the organizations and the network. The solutions for eliminating the data security risks and the risks of certificate hack from the organization are discussed in the following section. 3. The Solution In order to eliminate the data security risks from the organization, it is needed to enforce up to date security in the network to eliminate the risks such as certificate hack or man in the middle attacks. In order to ensure the same, an up to date security for the organization is to be adopted so that the contractor can guarantee a secure service to the clients who receive confidential information from the government sources. The SSL certificate hack poses a huge security threat to any organization that makes use of internet in their daily operation. In order to ensure secure online transaction it is recommended for the organization to involve a better software system to eliminate the security risks. Furthermore, the contractor should ensure that the data that is being shared is encrypted in order to reduce the data security risk.
8 NETWORK COMMUNICATION SECURITY Another significant data security issue associated with the organization is the use of personal device of the employees. This must be checked in order to reduce the chances of information loss from those devices by hacking into the device. Another security measure that can be enforced involves the use of an up to date antivirus to protect the clients from some major security and IT threats including the security of the network [15]. The Comodo certificate hack could be imposed as the hacker could gain an access to the username and password of one of the officials associated with the organization. This is one of the majorly used cybercrime tactics. In order to eliminate the problem, it is essential to impose an accurate security. Phishing is one of the main causes of data security risk in the devices and the network of a particular organization. The phishing attacks are generally conducted via emails asking the users to click on malicious links. It is essential to enforce proper firewall control that will filter the spam mails. Apart from these, the contractor is needed to ensure an up to date security in the services provided.Onadditiontothat,thecontractorshouldensureregularandaccuratepatch management [16]. The contractor should limit the access to the network only to some trusted individuals thus eliminating the chances of internal privilege misuse. Conclusion The report discusses the Comodo certificate Authority Fraud hack and the security risks that are exposed by the data security attack. Since the contractor is responsible for maintaining a network of series of small business clients. It is essential to ensure security of the transactions performed by the clients. The report discusses the various data security and IT risk that the organization might face and recommends solutions to eliminate the data security risks. A secure
9 NETWORK COMMUNICATION SECURITY online transaction can be enforced by making use of an up to date security application such as antivirus and firewall.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10 NETWORK COMMUNICATION SECURITY References [1]. Roosa, Steven B., and Stephen Schultze. "Trust darknet: Control and compromise in the internet's certificate authority model."IEEE Internet Computing17, no. 3 (2013): 18-25. [2]. Zetter, Kim. "DigiNotar files for bankruptcy in wake of devastating hack."Wired magazine, September(2011). [3].Prins,J.Ronald,andBusinessUnitCybercrime."Diginotarcertificateauthority breach’operation black tulip’."Fox-IT, November(2011). [4]. LOO, Wai Sing. "Digital certificates: success or failure?." (2017). [5]. Zheng, Z.J., 2013. Certificate Authorities. [6]. Gregory, Mark A., and David Glance. "Hacking." InSecurity and the Networked Society, pp. 3-49. Springer, Cham, 2013. [7]. Kasten, James, Eric Wustrow, and J. Alex Halderman. "Cage: Taming certificate authorities by inferring restricted scopes." InInternational Conference on Financial Cryptography and Data Security, pp. 329-337. Springer, Berlin, Heidelberg, 2013. [8]. Stallings, William.Cryptography and network security: principles and practice. Upper Saddle River, NJ: Pearson, 2017. [9]. Huang, Zhengan, Shengli Liu, Xianping Mao, Kefei Chen, and Jin Li. "Insight of the protection for data security under selective opening attacks."Information Sciences412 (2017): 223-241.
11 NETWORK COMMUNICATION SECURITY [10]. which revoked Diginotar’s, Thunderbird. "Iranian hacker brings down Dutch Certification Authority."Computer Fraud & Security(2011). [11]. Ryan, Mark Dermot. "Enhanced Certificate Transparency and End-to-End Encrypted Mail." InNDSS. 2014. [12]. Stallings, William.Cryptography and network security: principles and practice. Upper Saddle River, NJ: Pearson, 2017. [13].Singla,Sanjoli,andJasmeetSingh."Clouddatasecurityusingauthenticationand encryption technique."Global Journal of Computer Science and Technology(2013). [14]. Ryan, Mark Dermot. "Enhanced Certificate Transparency and End-to-End Encrypted Mail." InNDSS. 2014. [15]. Gregory, Mark A., David Glance, and Margaret Gardner.Security and the networked society. Springer, 2013. [16]. Zhu, Quanyan, Miles McQueen, Craig Rieger, and Tamer Basar. "Management of control systeminformationsecurity:Controlsystempatchmanagement."InProc.Workshop Foundations Dependable Secure Cyber-Physical Systems, CPSWeek, pp. 51-54. 2011.