Computer Security Report: Assessing Risks for Utility Company

Verified

Added on 2023/01/18

AI Summary

This report provides a detailed analysis of computer security, focusing on the vulnerabilities of a utility company's website to botnet attacks. It explores five key elements of computer security: confidentiality, integrity, availability, accountability, and non-repudiation, along with the differences between classical and modern ciphers. The report illustrates understanding of computer security issues using threat intelligence, and discusses preventive measures such as antivirus, antispyware, and firewalls. It examines various tools for identifying vulnerabilities, spotting potential threats, and detecting compromised systems, including SIEMs and cloud access security brokers. Furthermore, the report appraises cybersecurity frameworks like SABSA, NIST, COBIT and ISO, along with the code of conduct required by IT professionals, covering ethical, social, and legal considerations. The report recommends measures to prevent and mitigate security breaches, emphasizing the importance of continuous updates and proactive security measures.

Computer Security

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Executive Summary
Computer security refers to securing computer systems as well as information from
unauthorised use, theft and harm. It is liable for detection as well as prevention of unauthorised
use of devices. Different kind of attacks are carried out within system of firms for having access
to their information, it is being carried out to harm the stakes of firm within market or have
access to details of their potential customers. For this firms make use of appropriate measures by
detecting vulnerabilities, threats and compromised systems so that at a early stage they can be
prevented. To deal with them frameworks like SABSA, Payment Card Industry Data Security
Standard, NIST Cyber security, COBIT and ISO framework can be used by firms. Along with
this, anti-virus and anti-malware must be installed within the systems as well as updated on
continuous basis. This will lead organisation top stay away from any kind of vulnerabilities and
threats which may hamper operations of their organisation.

Table of Contents
Executive Summary.........................................................................................................................2
Introduction......................................................................................................................................1
Overview................................................................................................................................1
Task 1...............................................................................................................................................1
5 elements of computer security that can act as potential risk...............................................1
Task 2...............................................................................................................................................4
Illustrate understanding of issues related with computer security through usage of threat
intelligence concept................................................................................................................4
Task 3...............................................................................................................................................6
Appraise cyber security frameworks for protection of different actors.................................6
Task 5...............................................................................................................................................9
Explicate code of conduct needed by IT professionals in context of ethical, social as well as
legal consideration..................................................................................................................9
Conclusion.....................................................................................................................................11
References......................................................................................................................................12

Introduction
Computer security/IT security or cybersecurity refers to process of protecting systems for
any kind of damage or theft to software, hardware and data from misdirection or disruption of
services which are being rendered by them. Information security has become an important aspect
with the evolution of technology as it has increased number of threats which can arise on the data
which is processed by them (Basta and CISSP, 2013). This is mandatory for each firm to
maintain overall health of their system to remain protected from malware and virus so that
programs can be executed in smoother and quicker manner. To understand the concept of
computer security, utility company has been taken. They are liable for maintaining infrastructure
for public services like water, natural gas, coal, telephone, sewage, transportation, broadband
internet and many others. This report comprises of security elements, issues related with
computer security, frameworks related with that along with social, legal and ethical
consideration.
Overview
This report is based on utility company's website which has been attacked by botnet. It is
a program which spreads online rapidly by injecting themselves within the website and wait for
users to click on the specified site. They have the ability to get install within the system who has
visited their website. This implies that both firm and users will get affected by this (botnet) and
need to take some preventive measures for eliminating such kind of activities or attacks.
Task 1
5 elements of computer security that can act as potential risk.
The protection of data along with computing system which are stored and accessed is
referred to as computer security. It implies global demand for protection of computer system
from any kind of malicious attacks that can be created on services rendered by a firm (Boyle and
Panko, 2014). It is crucial for organisation to ensure that their systems are protected from any
kind of illegal activities and for this it is necessary to identify critical elements which might be
impacted. They are specified below with respect utility organisation:
Confidentiality: The protection of information from unauthorised parties from being
accessed is defined as confidentiality. Basically, it denotes that people who are authorised can
have access to sensitive data. This is concealment of resources or information which is required
1

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

for keeping data secret. An instance can be taken into consideration, like civilian and military
institutions restrict access for information (Carroll, 2014). The computer security was initiated by
attempt of military for enforcing “need to know” principle. This generalisation must be ensured
by utility firm so that their proprietary designs can be secured so that their competitors can't steal
their confidential information. Example: phishing, keylogging, packet sniffing and many others.
For this, access controls can be applied for ensuring confidentiality. For this cryptography can be
applied which makes it incomprehensible. An instance can be taken into consideration like if
sensitive data is encrypted then intruder needs a key for deciphering this as otherwise there will
no use of this data as it cannot be read.
Integrity: The technique that is being utilised for ensuring that resources or data that are
accessed with real-time are protected, correct and legitimate from unauthenticated users
(hackers) alterations. Basically, it denotes trustworthiness of resources or data. For an instance,
by hijacking a session the person might alter the details present on the website of company
(Conklin and et. al, 2015). Utility company need to ensure that information which is published
on their website is guarded, accurate and real. Therefore, appropriate steps must be taken by
utility company for ensuring that data is not modified by unauthorised people. For this
cryptographic checksums can be utilised.
Availability/Authorisation: It implies whether resources or data is available when this is
requested or required by an individual. The information which has been requested by an
individual possess actual value only in case when authenticated users have access to them at the
specified time. This is being executed by making use of methods like software patching, network
optimisation and hardware maintenance. An instance can be taken of this, Botnet (is part of
availability), DoS, DDoS and other physical attacks on infrastructure of server. This attack has
been made on website of utility organisation. For preventing this, statistical models can be
utilised for analysing the anticipated patterns of usage.
Accountability/Authentication: The process that is being utilised for confirming as well
as ensuring the identity of users is referred to as authorization or authentication. This occurs
when individuals tends to gain access for specified information or data. In this context,
passwords and usernames are being utilised (Fisch, White and Pooch, 2017). An instance can be
taken to acknowledge this aspect like spoofing attack, it is a condition in which individual or
program identifies them by falsifying data for gaining illegitimate edge. For this appropriate
2

authentication methods can be utilised like public key infrastructure (PKI) method for
authentication in which digital certificates are being utilised for proving identity of users. They
can also opt for USB tokens or key cards.
Non-Repudation: The way for rendering assurance that the message that being
transmitted in between two or more users through usage of encryption or digital signature is
accurate as well as none can deny the authorization of digital signature present on any document
is referred to as non-repudation (Gupta, Agrawal and Yamaguchi, 2016). Attacks like phishing
and man in the middle attack can compromise the integrity of data. For this, utility organisation
can make use of digital signature for having a proof of sending as well as attaining of messages.
Classical and modern ciphers
The algorithm that is utilised for carrying out encoding or decoding (series of specified
steps which can be utilised like procedure) is defined as a cipher. Classical cipher refers to
transformation of digits or numbers. An instance can be taken to acknowledge this:
Text message is: H E L L O
Key used is: +1
Encrypted message is: I F M M P
So, the message which will be sent is IFMMP and receiver can decrypt it by making use
of key “-1”. The classical ciphers can be created by making use of substitution and transposition
ciphers.
Modern ciphers are a cornerstone of communication and computer security that depends
on concepts of mathematics like computational complexity, probability and number theory. In
this, symmetric and asymmetric key encryption can be utilised (Shim, Qureshi and Siegel, 2013).
Example of this is AES, RSA, Diffie-Hellman, DES and many others are there.
Difference between Classic and Modern Ciphers
Classical Cipher Modern Cipher
This is liable for manipulation of letters and
digits directly (Manku and Vasanth, 2015).
These carry their operations on the basis of
binary bit sequences.
It depends on security by obscurity. The
technique is known to sender and receiver
only. But still there is higher threat from
It is dependent on publicly known
mathematical algorithms for encoding the
information. There exist little scope to get into
3

intruders. the system due to higher computational
difficulties related with algorithm, secret key is
absent and many others. It is only possible in
case third person possess knowledge about
distinct algorithms.
This needs complete cryptosystem for carrying
out communication confidentially.
Modern cryptography needs parties those who
are interested within secured communication
for possessing secret key only (Peltier, 2016).
Task 2
Illustrate understanding of issues related with computer security through usage of threat
intelligence concept.
The measures which are being taken by organisation to ensure that computer systems are
protected is referred to as preventive measure (Stallings and et. al, 2012). In context of utility
organisation, the steps which can be taken by them are specified beneath:
 Antivirus: It is liable for detecting as well as eliminating viruses from systems in order
to secure them from malicious programs such as botnets, ransomware, spyware,
keyloggers and rootkits.
 Antispyware: This is responsible for detection and prevention of installation of
unwanted spyware programs. Utility firm can use them to find out if any program is
present within their system that might be liable for affecting this (Peltier, 2013).
 Firewall: It enforces rules associated with data packets which assist in entering or
leaving the networking. Utility organisation need to make sure that firewall is
implemented by them so that traffic can be filtered and security risks can be minimised in
context of malicious packets.
Identification of potential vulnerabilities: Distinct tools are present which can be used
by individuals or groups to identify present state of the system within network. They are
responsible for verifying open ports and unpatched software. ShadowScan can be utilised by
4

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

utility firm for detection of vulnerabilities within their systems as well as website (Pfleeger and
Pfleeger, 2012).
Spotting possible threats: The process related with determination of risks that are
present on the system, network or application is called threat detection. Utility firm can make use
of distinct tools for making sure that system is not exploited. This can be done by making use of
different ways. They are mentioned beneath:
 Security information management (SIEMs): This is a platform which is responsible
for connecting associated threats and attacks. This renders holistic view about entire
threat or attacks. In addition to this, it is liable for integrating distinct technologies
associated with threat detection.
 Cloud access & security brokers technology: Utility Company can determine the
unauthenticated access to applications of cloud or their storage through utilisation of this
technology (Pieprzyk, Hardjono and Seberry, 2013). It is responsible for providing a
pattern in which services are accessed by individuals.
 Network firewalls: They denotes appliances which can be either physical or virtual and
can be used for tracking traffic with respect to malicious activities that are being carried
out on cloud, system or website of firm. It acts as a suitable method that can be used for
detecting and blocking of threats. This can be used by utility organisation to ensure that
their network is protected.
Detection of compromised systems: It is important for firm to find out whether their
systems are exploited or not so that appropriate steps can be taken by them. They have to answer
certain questions related with their network, they are mentioned beneath:
 Does network traffic behave as per standardised manner or some unwanted users are
having access to this?
 From which IP traffic comes and where it is going along with this whether URL is known
or not?
 Do there exist any abdicable protocol which utilise network ports? Along with this,
activities in DNS have to be monitored (Shim, Qureshi and Siegel, 2013)?
5

 Is Utility organisation able to determine security threats which exist at lower levels of
their system?
Manipulation of incidents against cyber threats: It denotes the incident response that
is a organised method and can be used for dealing with incidents, cyber threats and security
breaches. This is the well formulated plan which can be utilised by Utility organisation for
identification, reduction of damage and minimisation of cost that is related with cyber attacks
(Stallings and et. al, 2012). This can be done by technical team of Utility organisation in
different ways; plans must be developed in advance for handling the incidents and preventing
them so that firm can render their services as per desired standards. Along with this, potential
attacks must be identified in terms of if any kind of signs are identified and they must be
prioritized.
Threat intelligence concept: The knowledge which assists individuals or firm for
preventing or mitigating cyber attacks is defined as threat intelligence. This will assist within
formulation of informed decisions related with security through responding to questions such as
who is making an attack, what is motive behind this and many more (Tan, 2016). This illustrates
evidence-based knowledge that can be utilised by utility firm.
Task 3
Appraise cyber security frameworks for protection of different actors.
The technologies, practices and processes which are used for securing programs, data,
network and devices from unauthenticated damage or access is defined as cyber security. The
conceptual or real structure that is liable for serving as a support or guiding for formulation of
something which is liable for expanding within something important. For making sure that
systems are not vulnerable to attacks, Utility firm can make use of diverse frameworks according
to specified needs (Vacca, 2012). A framework of cyber security has been mentioned beneath
that can be utilised by Utility organisation:
SABSA (Sherwood Applied Business Security Architecture) Framework: The
methodology that is being utilised for development of business-driven, opportunity and risk
emphasised security architectures at both enterprise as well as solutions levels which is liable for
6

supporting objectives of business is denotes by SABSA. This is utilised widely for risk
management framework, assurance architecture and seamlessly integration of security. There
will be affirmative impact on Utility organisation through utilisation of this framework as this
renders them with business-driven, comprehensive, modular, open-source and transparent
features which will lead to two-way traceability and scalable scope (Basta and CISSP, 2013).
This can be utilised by Utility Organisation for having an enterprise security architecture,
individual solution based-architecture, seamless security alignment & integration with other
frameworks like NIST, COBIT, ITIL and many others. This framework will aid within
formulation of strategies as well as carry out planning, design, implementation, management
along with measurement. It will ensure that needs of organisation are addressed entirely as well
as security services are being planned, delivered as well as supported like a crucial part of
information technology management and infrastructure.
Payment Card Industry Data Security Standard (PCI-DSS): This framework is liable
for rendering support for protecting payment card data. This comprises of tools, support,
measurements and specifications of resources which will assist firm for ensuring maintaining
information of cardholder. Utility organisation can use this for having an actionable support for
development of robust payment card data security (Boyle and Panko, 2014). This will allow both
organisation and their customers to make out online payment for services they have opted for.
Through PCI-DSS, there will be improvisation within security aspects which will lead to decline
within the security breaches, improvisation within relationship of customer, enhancement of
profit and it will also lead them to sustain their business. This will be liable for illustrating
security assessment and needs procedures which will assist to make sure that payments
application developers will be able to secure confidentiality as well as integrity of transactions
which are made (Tan, 2016). The other aspect associated with this is that, it aims to guide
development teams within ways through which application security can be maintained.
NIST Cyber security framework: US National Institute of Standards & Technology is
liable for securing critical infrastructure like power plants, dams, etc. from distinct time of cyber
attacks. For having the better security standards, Utility Organisation can opt for this. It is
responsible for processing activities that are required for attainment of different results in context
of cyber security (Carroll, 2014). Through its utilisation, firm will be able to detect, protect,
respond as well as recover of certain security threats. There are certain categories on the basis of
7

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

which unlike tasks can be conducted. Like antivirus programs must be installed which acts as a
initial step within protection of system. Furthermore, there are some subcategories which assist
within implementation of updates of software and for this each system must have turned on
option of auto-update. Informative sources imply documents or manuals which will furnish
details related with specified tasks for individuals in context of ways in which activities are
conducted (Conklin and et. al, 2015). For an instance manual can be used for having details
related with ways in which auto-update can be carried out. It will provide Utility Organisation
with a method to authenticate, identify, self-assessment and management of supply chain along
with disclosure of exposure. But execution is not easy as answer with in context of how much
improvements have been made cannot be attained.
COBIT framework: A Control objective for information and related technology is
formulated for management as well as IT governance. It can be utilised by Utility organisation as
a supportive tool which will allow to bridge gap among business risks, control requirements and
technical issues. It is liable for ensuring that control, reliability and quality of information system
can be attained. This framework is liable for formulation of plans, their organisation, delivery,
support, acquisition, execution, tracking as well as evaluation of systems for attaining desired
level of security (Fisch, White and Pooch, 2017). The major components of this include
framework, description of process, control objectives, maturity models and management
guidelines. This will lead Utility Organisation to maintain their security levels and ensure that
their systems are secured from any kind of threats.
ISO framework: This acts as an international document standard for ensuring cyber
security within system of firm. It is dependent on hypothesis that organisation is making use of
ISMS (Information Security Management System). This will allow Utility Organisation within
consistent managing information security risks along with threats and vulnerabilities. Apart from
this, it will assist organisation within designing and execution of information security controls
that is comprehensive and coherent. The purpose of ISO framework will aid within mitigation of
risk that are determined. The PDCA (Plan do check and act) cycle can be utilised in this context
in which plans can be formulated in context of processes, policies and procedures for carrying
out risk management (Gupta, Agrawal and Yamaguchi, 2016). After development of plan,
implementation can be carried out with respect execution of InfoSec strategies and many other
aspects. Furthermore, activities can be monitored and reviewed through which performance can
8

be measured in context of policies and objectives. Depending upon all this, Utility organisation
can update and enhance overall information security management system. Through this,
corrective as well as preventive measures can be utilised for carrying out internal audit (Manku
and Vasanth, 2015). By its utilisation Utility organisation can render an enhanced benefit which
involves skill enrichment, interoperability, technical agreements, and protection of businesses
along with furnishing satisfaction to their customers.
Task 5
Explicate code of conduct needed by IT professionals in context of ethical, social as well as legal
consideration.
The principles or goodness with respect to what is morally right and wrong is referred to as
ethical consideration. A social aspect denotes the factors that are apprehensive with interests of
society, communities, groups and individuals involved within interventions into economic
framework. Legal consideration implies exchange of valuable data or different assets by binding
legally into certain contracts (Peltier, 2016). All these are associated with conflicts, situations
and trends which prevail within the marketplace with respect to specified technology. An
instance can be taken into consideration with respect to Utility Company, like when an
individual fills up their detail within the form it must be kept confidential and must not be shared
with anyone. In case if it is important to be shared then written consent can be taken from
respective individual. This will be an ethical as well as legal way through which individuals can
carry out their services. In case, if the consent is not taken then it is illegal. With respect to
Utility Company certain aspects must be taken into consideration, they are specified below: Privacy: The data of Utility firm is present on the internet which enables user to
understand what is being delivered to them by respective firm. Along with this, each user
enters their details and that is also present on the network. It can be either on network or
servers of organisation or might be on cloud. The things may seem secured but there is
possibility that unauthenticated user having access to emails or private accounts (Peltier,
2013). For this, employers monitor the activities that are being carried out by employees
so that if any unlawful activity is carried out then, it can be identified. There are certain
legal, social and ethical implications with respect to this. No one like someone is
monitoring them there are certain privacy concerns associated with this.
9