COIT20249: Cybersecurity Risk Analysis and Mitigation for ABCT

Verified

Added on  2025/04/29

|18
|2869
|93
AI Summary
Desklib provides past papers and solved assignments for students. This report analyzes cybersecurity threats and vulnerabilities.
Document Page
COIT20249 ASSESSMENT
ITEM 3
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Contents
Executive summary.........................................................................................................................3
Introduction to Cybersecurity..........................................................................................................4
Cybersecurity:..............................................................................................................................4
Importance of cybersecurity for ABCT.......................................................................................5
Security vulnerabilities....................................................................................................................6
Types of vulnerabilities...............................................................................................................6
Emerging threats for cybersecurity................................................................................................11
Recommendations..........................................................................................................................14
Conclusion.....................................................................................................................................16
References......................................................................................................................................17
Document Page
Executive summary
Here in this report, cybersecurity which is an import part of today’s world in order to keep safe
an secure all the data and information from online attacks, viruses as well as hackers has been
explained along with different types of vulnerabilities and multiple new emerging threats for the
cybersecurity to improve the knowledge of an individual or organization and make them aware
about various challenges related with the cybersecurity. All these challenges have been identified
and investigated using different research and recommendation has been developed to reduce and
minimize the attacks for the ABCT Company.
Document Page
Introduction to Cybersecurity
Cybersecurity: Growth and development of new methods and technologies in different fields
of industry, business, companies and others such as communication channel & devices, data
management, management of supply chain, etc. produced various benefits and advantages in the
improvement of productivity but also produced new issues related with the implementation and
use of new technologies especially over the Internet and computer devices (Venkatachary et al.
2018). In order to reduce and minimize the effect of these current issues such as cyber threats,
attacks and hacking related with the internet and computer networks, new methods and
techniques have been developed known as “Cybersecurity”. It consists of action and processes
done for the prevention of malicious activities, removal of suspicious threats, unwanted
activities, management of access and proper authentication with the help of professionals,
programming, training, and awareness among users (Catota et al. 2019).
Figure 1: Cybersecurity
(Source: Magee, 2019)
It can be referred as the methods and techniques used by the different organizations to protect
their systems, networks, and data from online attacks, hackers as well as viruses which may
damage the complete network or the data for the organization. It is also known as security for
information technology.
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Importance of cybersecurity for ABCT
As ABCT deals with different high-tech products and services including processing, storage and
manipulation of different data collected from customers as well as from other organization over
the data center which might be one of the main reason to attract large number of attackers and
hackers to compromise all the important information and data of customers as well as services of
the organization. In the process of business with different customers, multiple data and sensitive
information have been shared in between the organization and the customer through the
connected network and different devices which have been connected through internet need
proper security management in order to keep all those information and data sharing safe &
secure from online attacks and hackers. All these processes of ABCT company can be safe and
secured without any risk and loss of data with the help of cybersecurity which plays a significant
role in establishing safe and secure channel for the organization for their business as well as
other processes (Lord, 2019).
Figure 2: Importance of cybersecurity
(Source: Columninfosec, 2016)
Document Page
Security vulnerabilities
Security vulnerabilities have become one of the major challenges for the cybersecurity
professional and companies using computer network and device for their business. A single error
or unidentified action can cause major security vulnerabilities and results in heavy loss for an
organization of the individual. In most of the cases, bad decisions and unnecessary action over
the internet by the user results in security vulnerabilities for their company as well as a computer
system (Andrea et al. 2015). Multiple other sources have been also identified by developers and
security professionals which causes various attacks and provide easy steps to hackers to
compromise computer system to earn a large amount of revenue from the individual or the
organization whose systems were compromised (Rader and Wash, 2015).
Figure 3: Security vulnerabilities
Types of vulnerabilities: There are multiple types of security vulnerabilities available such as
phishing & spam, viruses, threats, data breaches, malware, and hackers which are responsible for
the majority of attacks and vulnerabilities for the cybersecurity.
Document Page
Figure 4: Types of vulnerabilities
Some of them are explained below:
Phishing attack: It is a type of cybersecurity attack which is used by attackers and hackers to
steal sensitive and personal information of users/customers such as user id, passwords,
confidential information, credit/debit card numbers, etc. for unauthorized use or purchasing. In
this type of attack, attackers send email, text message or malicious link attached with the file or
application downloaded from the internet and once the user clicks on that file, link, email or the
message virus got installed automatically on the user’s device resulting in system error of various
other errors or stealing the information from the user devices (Khonji et al. 2013). Some of the
famous techniques used for phishing attacks are as follow:
Scam email phishing
Spear phishing
These types of attacks are normally done by attackers on public or government organizations to
steal a large amount of sensitive data and information stored in their data center. This type of
attack can be used for the ABCT Company to steal important information and data of the
customers and services of the ABCT Company.
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Figure 5: Phishing attack
(Source: Gotowebsecurity, 2017)
Malware attack: In this type of attack, certain harmful or malicious application, software or
program is used to run on the user’s device without their knowledge to hack their system by
encrypting all the important data into the different coded format. Once the attacker encrypts all
the important document or files on the user system, they send a message to pay the amount of
money to restore those files back on the user device or may result in permanent loss of those
files. Nowadays, these malware attacks are commonly used by different attackers and online
hackers to generate a large amount of revenue from the victims. These malware works in the
same as the virus works on our system for the functioning of an application or program to
perform certain task over the system but the malware execute some specific program of
command once the condition is fulfilled on the victims device and runs the code automatically
without any notification or alert for the victim and compromise complete system by encrypting
all the important data and files saved on that system in a particular coded format which can be
restored back to original form only with the help of key generated by the malware program
during encryption of the files (Zhioua, 2013). Different applications and software are available in
the market to minimize different malware actions and attacks on the user device. This type of
attack can be used for the ABCT Company to compromise hardware devices used by the ABCT
Company for their services and business.
Document Page
Figure 6: Malware attack
(Source: Yaneza, 2014)
Denial-of-service attack: It is also a type of cybersecurity attack in normal functioning of the
computer system is disturbed or interrupted by the hackers or attackers using certain viruses or
threats and done by different methods such as flooding the users device with multiple numbers of
requests by any application and will not stop until the request will be fulfilled. It is also known as
the DoS attack. It can be done using a single source or multiple sources for the attack on the
users PC. Normally these type of attacks causes a flood of unwanted requests on the user
machine resulting in unwanted interruption of the normal functioning of the device along with
additional requests for the user to perform different tasks on the device causing unwanted errors
and processes running on the device to harm the device (Zargar et al. 2013). Some of the
common types of DoS attacks are as follow:
Flood attack
Buffer overflow attack
Document Page
This type of attack can be used for the ABCT Company to interrupt and change the normal
functioning of the devices used by the ABCT Company for their business and services to
customers.
Figure 7: Denial-of-service attack
(Source: Blackmoreops, 2015)
All the above vulnerabilities are most common type of cybersecurity attacks used by hackers and
attackers to compromise, hack or steal sensitive information from victims device and earn a large
amount of money from them to restore their system back to normal but still these attacks and
hacks cannot be stopped, it can be minimized only by using proper care and software
applications to stop all the unwanted actions, processes, and instruction before running on the
system to reduce the chances of attacks and hacks. In the current world, multiple developers and
professionals are developing new techniques and methods to reduce these attacks which can be
used and installed on the user device to monitor each and every action which user is performing
on his/her device to keep safe and secure its data as well as device form hackers and attackers.
These steps can also be used by ABCT Company to improve the security and safety feature for
the IT infrastructure used by the company to manage their customers and services.
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Emerging threats for cybersecurity
With the advancement and development of new techniques and methods used by developers,
programmers and professionals to manage and develop their works in the industries, business as
well as companies resulted in generation various new challenges and threats for the cybersecurity
which needs to managed and reduced before the use by hackers and attackers to compromise
millions of computer systems and networks of both large as well as small scale industries and
companies to generate huge amount of revenue from them (Yaqoob et al. 2017).
Figure 8: Emerging threats for cybersecurity
With the increase in the use of IoT across the world resulted in an increasing number of attacks
and hacks by online hackers all over the world. According to the latest research, the estimated
cost for cyber-attacks all over the world is approx. $445 billion per year and still increasing
every day. Different organizations and government agencies are involved in minimizing these
attacks and hacks with numerous methods and techniques but new threats and challenges are
evolving on a daily basis (Samtani et al. 2017). Some of the famous new emerging threats of
cybersecurity are as follow:
Cryptojacking
Fake audio and video generated by AI
Cross-site scripting
Poisoning AI defenses
Mobile malware
Breaking encryption using quantum computers
Document Page
Attacking from the computing cloud
Cryptojacking: It is a type of ransomware attack which has been mostly used for attacks and
hacks from past few years and leads to various vulnerabilities such as compromising networks,
computer system, data centers, etc. It consists of different type of malware such as Petya and
NotPetya which are running in the background on the victim's system without their knowledge
and processing different actions for cryptocurrency. It can be done by using the current computer
system, applications, and resources used by an organization for their business and service
purposes.
Fake audio and video generated by AI: With the advancement and development in the field of
AI technology multiple applications and software has been introduced in the market which can
generate and produce fake audio and video using voice and image of an individual which is also
an emerging threat for the cybersecurity as these new methods of audio and video production can
results in major attacks and hacks using the voice commands of an individual without his/her
knowledge. These applications and software can be used by criminals and hackers to manipulate
or process different services and applications using fake audio and video of an individual of the
organizations.
Cross-site scripting: It is a type of attack caused by the help of bugs included in code and
programs of certain applications and are executed by different applications or website which are
in use on the user’s devices to run and execute those bugs on the victim’s computer system and
network. It can also be done using web-based advertisements and web browser on the victim’s
device.
Breaking encryption using quantum computers: with the development of new methods and
techniques using quantum physics also resulted as an emerging threat in the field of
cybersecurity which are used by hackers and attackers to break high encryptions and coded files
and documents using quantum computer and machines which may cause serious attacks and
software updates on various industries and organization to damage their system and networks.
Mobile malware: Use of mobile device has been increased exponentially in comparison with
past few years and are one of the top means or device used by attackers and hackers in the
current world in various activities such as terror attacks, system crash, etc. Organization or an
chevron_up_icon
1 out of 18
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]