Cyber Security Threats and Countermeasures for PPS
VerifiedAdded on 2022/12/28
|11
|2776
|67
Report
AI Summary
This report provides a comprehensive analysis of cyber security issues faced by Peanut Processing Services (PPS), a data collection and processing company. The report identifies critical vulnerabilities, including employee negligence, phishing attacks, ransomware threats, and IoT botnet DDoS attacks. I...
Running Head: CYBER SECURITY 1
Cyber Security
Name
Institution Affiliation
Cyber Security
Name
Institution Affiliation
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
CYBER SECURITY 2
Table of Contents
Introduction …………………………………………………………………….3
Cyber security issue in PPS…………………………………………….……….3
Proposed Solution to the issues in PPS………………...……………………….4
Why choose these approaches to solve the security issues…….. ……………..8
Budget breakdown……………………………………………….…………….9
Conclusion……………………………………………………………………...9
Table of Contents
Introduction …………………………………………………………………….3
Cyber security issue in PPS…………………………………………….……….3
Proposed Solution to the issues in PPS………………...……………………….4
Why choose these approaches to solve the security issues…….. ……………..8
Budget breakdown……………………………………………….…………….9
Conclusion……………………………………………………………………...9
CYBER SECURITY 3
Introduction
Security issues over the internet have really increased in this 21st century and every
business or organization is striving to make sure is not affected in any way by these
cybercrimes that are happening now and then. Attackers are everywhere looking for an
opportunity in any organization or company with weak security to penetrate and exploit the
organization in a very negative way (THOMAS, B., Scott, D., BROTT, F., & Smith, P., 2018). Any
business that does any transaction over the internet must always ensures is updated when it
comes to security issues because the current internet full of hackers will not let the business
grow easily with such loopholes is security.
Q1
The chosen cyber security issues must be addressed immediately because the Peanut
Processing Services company is at a very big risk if it happens to be targeted by an attacker
because it can lead to a big loss to the extend of completely closing the company. The way
employees are reluctant there is a big need for them to be trained on how to stay aware of any
activity that might expose them to attacks over the internet any time they access the wireless
network via the broadband router (Wang, Y., Wang, Y., Liu, J., Huang, Z., & Xie, P., 2016, June).
Behaviors of employees using any kind of flash drive they come across their can
really cost the organization together with the laptop or computer of that particular employee.
Some flash disk they carry very dangerous malwares which are intentionally created by the
developers of programs purposely to destroy and grand them access when they want to access
a certain system of their target. Some of these malwares are spywares which can monitor
every keystroke the employees makes on the keyboard and more so they target the username
and the passwords of log in in to certain systems like the in the finance department when they
have those logins they can easily steal all the money of the organization making it to collapse.
Introduction
Security issues over the internet have really increased in this 21st century and every
business or organization is striving to make sure is not affected in any way by these
cybercrimes that are happening now and then. Attackers are everywhere looking for an
opportunity in any organization or company with weak security to penetrate and exploit the
organization in a very negative way (THOMAS, B., Scott, D., BROTT, F., & Smith, P., 2018). Any
business that does any transaction over the internet must always ensures is updated when it
comes to security issues because the current internet full of hackers will not let the business
grow easily with such loopholes is security.
Q1
The chosen cyber security issues must be addressed immediately because the Peanut
Processing Services company is at a very big risk if it happens to be targeted by an attacker
because it can lead to a big loss to the extend of completely closing the company. The way
employees are reluctant there is a big need for them to be trained on how to stay aware of any
activity that might expose them to attacks over the internet any time they access the wireless
network via the broadband router (Wang, Y., Wang, Y., Liu, J., Huang, Z., & Xie, P., 2016, June).
Behaviors of employees using any kind of flash drive they come across their can
really cost the organization together with the laptop or computer of that particular employee.
Some flash disk they carry very dangerous malwares which are intentionally created by the
developers of programs purposely to destroy and grand them access when they want to access
a certain system of their target. Some of these malwares are spywares which can monitor
every keystroke the employees makes on the keyboard and more so they target the username
and the passwords of log in in to certain systems like the in the finance department when they
have those logins they can easily steal all the money of the organization making it to collapse.
CYBER SECURITY 4
Q2
These are some of the cyber security issues that must be addressed for the sake of this
company to be able to continue with its operations well and prevent it from being attacked by
the attackers who can totally mess with it within seconds. In this section, the issues are
identified and how the issues can be solved to avoid affecting the PPS company in a negative
way.
Controlling phishing attacks.
This is a process whereby the attackers over the internet target a certain institution,
organization or a Bank website in the aim of obtaining log in details of that particular site or
system illegally by sending threats which can penetrate the sites and monitor what the
employee in target is typing. I will install a firewall known as the TinyWall which is able
to see and block such malwares sent to try to obtain the logins of a certain system or a
website. This firewall will cost around $500 to buy and install it to the network to make
sure the network is secure for use by the employees of the PPS. This makes them easier
to attack that particular organization or company (Higbee, A., Belani, R., & Greaux, S.,
2016).
The Peanut Processing Services company can be prone to this kind of attacks
considering their users usually access wireless network to enjoy the fun of internet. For them
being reluctant they can easily fill in forms that pop up over the websites requesting them of
their personal details or details of the company which will definitely expose the company to
the attackers (Qabajeh, I., Thabtah, F., & Chiclana, F., 2018).
These employees must be taught clearly on how to avoid such activities when
they are using the internet otherwise they will be risking the organization and their jobs
as well. They must be told not to fill any form over the internet or accept any cookies
Q2
These are some of the cyber security issues that must be addressed for the sake of this
company to be able to continue with its operations well and prevent it from being attacked by
the attackers who can totally mess with it within seconds. In this section, the issues are
identified and how the issues can be solved to avoid affecting the PPS company in a negative
way.
Controlling phishing attacks.
This is a process whereby the attackers over the internet target a certain institution,
organization or a Bank website in the aim of obtaining log in details of that particular site or
system illegally by sending threats which can penetrate the sites and monitor what the
employee in target is typing. I will install a firewall known as the TinyWall which is able
to see and block such malwares sent to try to obtain the logins of a certain system or a
website. This firewall will cost around $500 to buy and install it to the network to make
sure the network is secure for use by the employees of the PPS. This makes them easier
to attack that particular organization or company (Higbee, A., Belani, R., & Greaux, S.,
2016).
The Peanut Processing Services company can be prone to this kind of attacks
considering their users usually access wireless network to enjoy the fun of internet. For them
being reluctant they can easily fill in forms that pop up over the websites requesting them of
their personal details or details of the company which will definitely expose the company to
the attackers (Qabajeh, I., Thabtah, F., & Chiclana, F., 2018).
These employees must be taught clearly on how to avoid such activities when
they are using the internet otherwise they will be risking the organization and their jobs
as well. They must be told not to fill any form over the internet or accept any cookies
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
CYBER SECURITY 5
anyhow because is not “healthy” when one is using the internet more so in this 21st
century where hacking is almost passion for every IT trained gurus.
Building defense against Ransomware,
Ransomware is one of the current technique used by the attackers and it infects the
organization’s or company data with viruses which are able to corrupt or delete data from
databases permanently (Popoola, S. I., Ojewande, S. O., Sweetwilliams, F. O., John, S. N., &
Atayero, A. A., 2017). This kind of malware needs the PPS company to keep always
backing up their data on weekly basis or at least daily basis so that no single day they
can lose their data. Installing antiviruses like Kaspersky is the best option but will ccost
the PPS $600 for the whole installation to the network to block all sent viruses from this
kind of Malware (Gagneja, K. K., 2017, February).
The PPS company should ensure their information is highly secured because as they
say information is power, they can easily lose track of be forced to stop their services once
their information is stolen or deleted with this kind of virus which is very dangerous to
information. These employees can easily be trained on how to protect themselves from the
ransomware by installing antiviruses that are licensed to protect computers from such viruses
like the Kaspersky antivirus (Kalita, E., 2017). Also, there is a new technique that has come up
as the technology keeps on advancing, the cloud delivered endpoint protection is currently
being used and the PPS can consider investing on it to protect itself from the Ransomware
attacks.
Employees unawareness of cyber-crime activities.
The employees will be trained on how to behave to any suspicious activity they
come while browsing over the internet. The training will cost the PPS company $1000 to
anyhow because is not “healthy” when one is using the internet more so in this 21st
century where hacking is almost passion for every IT trained gurus.
Building defense against Ransomware,
Ransomware is one of the current technique used by the attackers and it infects the
organization’s or company data with viruses which are able to corrupt or delete data from
databases permanently (Popoola, S. I., Ojewande, S. O., Sweetwilliams, F. O., John, S. N., &
Atayero, A. A., 2017). This kind of malware needs the PPS company to keep always
backing up their data on weekly basis or at least daily basis so that no single day they
can lose their data. Installing antiviruses like Kaspersky is the best option but will ccost
the PPS $600 for the whole installation to the network to block all sent viruses from this
kind of Malware (Gagneja, K. K., 2017, February).
The PPS company should ensure their information is highly secured because as they
say information is power, they can easily lose track of be forced to stop their services once
their information is stolen or deleted with this kind of virus which is very dangerous to
information. These employees can easily be trained on how to protect themselves from the
ransomware by installing antiviruses that are licensed to protect computers from such viruses
like the Kaspersky antivirus (Kalita, E., 2017). Also, there is a new technique that has come up
as the technology keeps on advancing, the cloud delivered endpoint protection is currently
being used and the PPS can consider investing on it to protect itself from the Ransomware
attacks.
Employees unawareness of cyber-crime activities.
The employees will be trained on how to behave to any suspicious activity they
come while browsing over the internet. The training will cost the PPS company $1000 to
CYBER SECURITY 6
hire highly qualified cyber security experts to train the employees on the emerging
cyber security issues.
Most of the employees working on the PPS seem to be technophobia and it is high
time for them to be trained on how to use the internet so that they cannot make the
organization prone to cyber-attacks. Most of the emails shared over the internet has no good
intentions at all and are created by attackers and send to the targeted organization and the
employees should be well educated that before one opens an email that its source is not clear
because some of these emails are spy emails and can steal data from laptops from any
organization so long as the user is another same internet (Hadlington, L. J., 2018).
With this awareness, all employees will be very keen when using the internet and as
some say, prevention is better than cure (Kuru, H., & Ocak, M., 2016). These employees will be
able to prevent themselves from attacks by nit exposing themselves on the internet and this
protects the PPS company as well.
IOT botnet DDoS attacks.
IOT stands for Internet of Things which involves devices that can remotely be used to
launch Distributed Denial of Attacks in networks. This kind of attack is highly increasing
in todays’ world because very many devices have been able to access a network and
then be able to be seen globally (Kolias, C., Kambourakis, G., Stavrou, A., & Voas, J., 2017).
Every device need to be installed with antivirus that is compatible with it. Most antiviruses
ranges from $200 to $300 and the total cost will depend on the number of devices that are
connected over the internet.
The manager should ensure every device that is connected to the wireless network
around the PPS company is secure. There are some cameras that uses http instead of https
protocol in terms of security and these kind of cameras are easily attacked by the hackers.
Also, laptops and smartphones that are connected to the network must have antiviruses
hire highly qualified cyber security experts to train the employees on the emerging
cyber security issues.
Most of the employees working on the PPS seem to be technophobia and it is high
time for them to be trained on how to use the internet so that they cannot make the
organization prone to cyber-attacks. Most of the emails shared over the internet has no good
intentions at all and are created by attackers and send to the targeted organization and the
employees should be well educated that before one opens an email that its source is not clear
because some of these emails are spy emails and can steal data from laptops from any
organization so long as the user is another same internet (Hadlington, L. J., 2018).
With this awareness, all employees will be very keen when using the internet and as
some say, prevention is better than cure (Kuru, H., & Ocak, M., 2016). These employees will be
able to prevent themselves from attacks by nit exposing themselves on the internet and this
protects the PPS company as well.
IOT botnet DDoS attacks.
IOT stands for Internet of Things which involves devices that can remotely be used to
launch Distributed Denial of Attacks in networks. This kind of attack is highly increasing
in todays’ world because very many devices have been able to access a network and
then be able to be seen globally (Kolias, C., Kambourakis, G., Stavrou, A., & Voas, J., 2017).
Every device need to be installed with antivirus that is compatible with it. Most antiviruses
ranges from $200 to $300 and the total cost will depend on the number of devices that are
connected over the internet.
The manager should ensure every device that is connected to the wireless network
around the PPS company is secure. There are some cameras that uses http instead of https
protocol in terms of security and these kind of cameras are easily attacked by the hackers.
Also, laptops and smartphones that are connected to the network must have antiviruses
CYBER SECURITY 7
installed in them to protect them from these attackers and not the free antiviruses found freely
on the internet because in this world there is no free things (Bertino, E., & Islam, N., 2017).
Software update supply chain attacks.
These are attacks that are associated with software updates. When one installs a
software into a computer, with time the developers always try to advance it by making
upgrades. This is the best route to follow when making an update of any software, the
person in concern must ensure that the update does not come with unwanted viruses. A
clear scanning of the update must be done before making the update. Most of these
developers deploy free software which are available on the internet for downloading.
For example, windows 10 mostly has been found free on the internet and almost every
month they come up with an update of new version of the windows (Forte, D., Perez, R.,
Kim, Y., & Bhunia, S., 2016)
It is not recommended to keep updating software because the developers can easily
target the innocent users of the free software and take that advantage to steal from them
without the consent of the users. Because it is very hard for the mere users to notice when
they are being attacked, the attackers steal what they want and let the user continue using the
software as usual (Mayrhofer, R., 2019).
For the PPS employees who are using windows 10 in their job place, it is
recommended to avoid many of the updates advertised on the windows 10 as it can expose
them easily to the attackers. Some of these updates are not clearly investigated and can bring
harm to them and the whole company (Turnbull, B., 2018).
Q3
installed in them to protect them from these attackers and not the free antiviruses found freely
on the internet because in this world there is no free things (Bertino, E., & Islam, N., 2017).
Software update supply chain attacks.
These are attacks that are associated with software updates. When one installs a
software into a computer, with time the developers always try to advance it by making
upgrades. This is the best route to follow when making an update of any software, the
person in concern must ensure that the update does not come with unwanted viruses. A
clear scanning of the update must be done before making the update. Most of these
developers deploy free software which are available on the internet for downloading.
For example, windows 10 mostly has been found free on the internet and almost every
month they come up with an update of new version of the windows (Forte, D., Perez, R.,
Kim, Y., & Bhunia, S., 2016)
It is not recommended to keep updating software because the developers can easily
target the innocent users of the free software and take that advantage to steal from them
without the consent of the users. Because it is very hard for the mere users to notice when
they are being attacked, the attackers steal what they want and let the user continue using the
software as usual (Mayrhofer, R., 2019).
For the PPS employees who are using windows 10 in their job place, it is
recommended to avoid many of the updates advertised on the windows 10 as it can expose
them easily to the attackers. Some of these updates are not clearly investigated and can bring
harm to them and the whole company (Turnbull, B., 2018).
Q3
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
CYBER SECURITY 8
The above ways to approaches cyber security has got many benefits associated with
the approaches. With the given budget of $25,000, these approaches are cost saving like
mostly when the employees are adequately trained they will be able to control themselves
with attacks like phishing and also Denial of service attacks because some comes due to
negligence of the employees or lacking knowledge on how to respond in such scenarios
(Prabadevi, B., Jeyanthi, N., Udzi, N. I., & Nagamalai, D., 2019).
Option like employing or contracting a third party to take care of the PPS company’s
information will be risking the exposure of such information by the company contracted. But
when all measures are handled from the company, they are confident with their information
as information is power (Kuacharoen, P., 2017).
The approaches discussed above are also easy to implement when compared to other
alternatives like of installing firewalls to an already existing network, this might be very
tricky more so if the firewall is being installed by junior IT guys or guys that are not much
experienced on the task and before they are through they might leave loopholes where
attackers can easily penetrate and cause damages.
Q4
Cost is very key in the implementation of any project, with $25,000, this is how the
issues discussed above could cost the PPS company in ensuring the company is safe from
attackers. The total amount of $25,000 provided by the company in the whole
implementation of the securities issues to make sure the discussed approaches are fully
implemented.
Item (service) Training Firewalls Lunch Installation of
The above ways to approaches cyber security has got many benefits associated with
the approaches. With the given budget of $25,000, these approaches are cost saving like
mostly when the employees are adequately trained they will be able to control themselves
with attacks like phishing and also Denial of service attacks because some comes due to
negligence of the employees or lacking knowledge on how to respond in such scenarios
(Prabadevi, B., Jeyanthi, N., Udzi, N. I., & Nagamalai, D., 2019).
Option like employing or contracting a third party to take care of the PPS company’s
information will be risking the exposure of such information by the company contracted. But
when all measures are handled from the company, they are confident with their information
as information is power (Kuacharoen, P., 2017).
The approaches discussed above are also easy to implement when compared to other
alternatives like of installing firewalls to an already existing network, this might be very
tricky more so if the firewall is being installed by junior IT guys or guys that are not much
experienced on the task and before they are through they might leave loopholes where
attackers can easily penetrate and cause damages.
Q4
Cost is very key in the implementation of any project, with $25,000, this is how the
issues discussed above could cost the PPS company in ensuring the company is safe from
attackers. The total amount of $25,000 provided by the company in the whole
implementation of the securities issues to make sure the discussed approaches are fully
implemented.
Item (service) Training Firewalls Lunch Installation of
CYBER SECURITY 9
experts firewalls
Cost($) 5,000 10,000 5,000 5,000
Conclusion
In conclusion, with all the discussed approaches well followed and implemented, the
PPS company will have one of the most secure network and the systems in general as the
measures addressed can assure if that. The manager just need to follow these approaches
keenly and hire experts, follow the stipulated budget and implement everything.
References
experts firewalls
Cost($) 5,000 10,000 5,000 5,000
Conclusion
In conclusion, with all the discussed approaches well followed and implemented, the
PPS company will have one of the most secure network and the systems in general as the
measures addressed can assure if that. The manager just need to follow these approaches
keenly and hire experts, follow the stipulated budget and implement everything.
References
CYBER SECURITY 10
Higbee, A., Belani, R., & Greaux, S. (2016). U.S. Patent No. 9,253,207. Washington, DC: U.S. Patent
and Trademark Office.
THOMAS, B., Scott, D., BROTT, F., & Smith, P. (2018). U.S. Patent No. 10,129,290. Washington,
DC: U.S. Patent and Trademark Office.
Wang, Y., Wang, Y., Liu, J., Huang, Z., & Xie, P. (2016, June). A survey of game theoretic methods
for cyber security. In 2016 IEEE First International Conference on Data Science in
Cyberspace (DSC) (pp. 631-636). IEEE.
Gagneja, K. K. (2017, February). Knowing the ransomware and building defense against it-specific to
healthcare institutes. In 2017 Third International Conference on Mobile and Secure Services
(MobiSecServ) (pp. 1-5). IEEE.
Kalita, E. (2017). WannaCry Ransomware Attack: Protect Yourself from WannaCry Ransomware
Cyber Risk and Cyber War.
Popoola, S. I., Ojewande, S. O., Sweetwilliams, F. O., John, S. N., & Atayero, A. A. (2017).
Ransomware: Current Trend, Challenges, and Research Directions.
Qabajeh, I., Thabtah, F., & Chiclana, F. (2018). A recent review of conventional vs. automated
cybersecurity anti-phishing techniques. Computer Science Review, 29, 44-55.
Hadlington, L. J. (2018). Employees Attitudes towards Cyber Security and Risky Online Behaviours:
An Empirical Assessment in the United Kingdom.
Kuru, H., & Ocak, M. (2016). Determination of cyber security awareness of public employees and
consciousness-rising suggestions. Journal of Learning and Teaching in Digital Age, 1(2), 57-
65.
Kolias, C., Kambourakis, G., Stavrou, A., & Voas, J. (2017). DDoS in the IoT: Mirai and other
botnets. Computer, 50(7), 80-84.
Bertino, E., & Islam, N. (2017). Botnets and internet of things security. Computer, (2), 76-79.
Forte, D., Perez, R., Kim, Y., & Bhunia, S. (2016). Supply-Chain Security for Cyberinfrastructure
[Guest editors' introduction]. Computer, 49(8), 12-16.
Mayrhofer, R. (2019). Insider Attack Resistance in the Android Ecosystem.
Turnbull, B. (2018). Cyber-resilient supply chains: Mission assurance in the future operating
environment. Australian Army Journal, 14(2), 41.
Higbee, A., Belani, R., & Greaux, S. (2016). U.S. Patent No. 9,253,207. Washington, DC: U.S. Patent
and Trademark Office.
THOMAS, B., Scott, D., BROTT, F., & Smith, P. (2018). U.S. Patent No. 10,129,290. Washington,
DC: U.S. Patent and Trademark Office.
Wang, Y., Wang, Y., Liu, J., Huang, Z., & Xie, P. (2016, June). A survey of game theoretic methods
for cyber security. In 2016 IEEE First International Conference on Data Science in
Cyberspace (DSC) (pp. 631-636). IEEE.
Gagneja, K. K. (2017, February). Knowing the ransomware and building defense against it-specific to
healthcare institutes. In 2017 Third International Conference on Mobile and Secure Services
(MobiSecServ) (pp. 1-5). IEEE.
Kalita, E. (2017). WannaCry Ransomware Attack: Protect Yourself from WannaCry Ransomware
Cyber Risk and Cyber War.
Popoola, S. I., Ojewande, S. O., Sweetwilliams, F. O., John, S. N., & Atayero, A. A. (2017).
Ransomware: Current Trend, Challenges, and Research Directions.
Qabajeh, I., Thabtah, F., & Chiclana, F. (2018). A recent review of conventional vs. automated
cybersecurity anti-phishing techniques. Computer Science Review, 29, 44-55.
Hadlington, L. J. (2018). Employees Attitudes towards Cyber Security and Risky Online Behaviours:
An Empirical Assessment in the United Kingdom.
Kuru, H., & Ocak, M. (2016). Determination of cyber security awareness of public employees and
consciousness-rising suggestions. Journal of Learning and Teaching in Digital Age, 1(2), 57-
65.
Kolias, C., Kambourakis, G., Stavrou, A., & Voas, J. (2017). DDoS in the IoT: Mirai and other
botnets. Computer, 50(7), 80-84.
Bertino, E., & Islam, N. (2017). Botnets and internet of things security. Computer, (2), 76-79.
Forte, D., Perez, R., Kim, Y., & Bhunia, S. (2016). Supply-Chain Security for Cyberinfrastructure
[Guest editors' introduction]. Computer, 49(8), 12-16.
Mayrhofer, R. (2019). Insider Attack Resistance in the Android Ecosystem.
Turnbull, B. (2018). Cyber-resilient supply chains: Mission assurance in the future operating
environment. Australian Army Journal, 14(2), 41.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
CYBER SECURITY 11
Prabadevi, B., Jeyanthi, N., Udzi, N. I., & Nagamalai, D. (2019). Lattice Structural Analysis on Sniffing
to Denial of Service Attacks. International Journal of Computer Networks & Communications
(IJCNC) Vol, 11.
Kuacharoen, P. (2017). An Anti-Phishing Password Authentication Protocol. IJ Network
Security, 19(5), 711-719.
Prabadevi, B., Jeyanthi, N., Udzi, N. I., & Nagamalai, D. (2019). Lattice Structural Analysis on Sniffing
to Denial of Service Attacks. International Journal of Computer Networks & Communications
(IJCNC) Vol, 11.
Kuacharoen, P. (2017). An Anti-Phishing Password Authentication Protocol. IJ Network
Security, 19(5), 711-719.
1 out of 11
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.