Report on Identifying and Addressing Network Security Vulnerabilities

Verified

Added on  2023/01/13

|12
|3102
|67
Report
AI Summary
This report, presented from the perspective of a cybersecurity consultant, identifies and analyzes security vulnerabilities within a medium-sized business organization's IT infrastructure and its sole IoT device, a wireless temperature sensor. The report details two key security issues related to the IoT device: conduction error and inaccurate installation, which can lead to DDoS and wormhole attacks, respectively. It also highlights two IT infrastructure vulnerabilities: lack of a vulnerability detection system and system vulnerabilities in the networking switch, potentially leading to STP and MAC flooding attacks. Real-world attack examples, including the Dyn and Ukraine powerhouse attacks, are provided to illustrate the impact of these vulnerabilities. Furthermore, the report discusses vulnerabilities associated with specific hardware, including NETGEAR and Linksys devices, along with their corresponding CVEs. Finally, the report proposes specific countermeasures and solutions to mitigate the identified security risks, covering both the IoT device and the IT infrastructure to enhance the overall security posture of the organization.
Document Page
Running head: IDENTIFICATION OF SECURITY ISSUES IN A NETWORK
Identification of security issues in a network
Name of the Student
Name of the University
Author Note:
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
1IDENTIFICATION OF SECURITY ISSUES IN A NETWORK
Table of Contents
Introduction......................................................................................................................................2
Security Issues related to the only IoT device of the organization..................................................2
Security Issue 1: Conduction error..............................................................................................3
Security Issue 2: Inaccurate installation procedure.....................................................................3
Security Issues related to the IT infrastructure of the organization.................................................4
Security Issue 1: Lack of vulnerability detection system............................................................4
Security Issue 2: System vulnerabilities of the networking switch.............................................5
Example of real-world attack to support the above discussed security issues................................5
Description of an attack on IoT: Dyn attack................................................................................5
Description of an attack on IT infrastructure: Ukraine powerhouse...........................................6
Explanation of two vulnerabilities of selected organization with CVE..........................................7
Vulnerability 1: NETGEAR GS 116PP-100AJS.........................................................................7
Vulnerability 2: Linksys WRT 1900AC......................................................................................7
Proposed Countermeasure(s)/Solution(s)........................................................................................8
Conclusion.......................................................................................................................................9
Reference.......................................................................................................................................10
Document Page
2IDENTIFICATION OF SECURITY ISSUES IN A NETWORK
Introduction
The notable determination of the paper is to present the security vulnerabilities associated
with a medium sized business organization. The report will be presented from the perspective of
an external cyber security consultant (Alrawais et al., 2017). This technical report will be
evaluating the security vulnerabilities of the IT infrastructure so that the security issues of the IT
infrastructure can be addressed.
Security Issues related to the only IoT device of the organization
The security issues associated with the use of the wireless temperature sensor are the
conduction error and the inaccurate installation procedure of the device. The conduction error
may lead to cyber security attacks such as DDoS and the inaccurate installation of the device
which is the other security issue of the temperature may lead to security issues like the worm-
hole attack. Poorly designed temperature sensors may result in temperature reading errors as
well. The poorly designed temperature sensor is very much vulnerable to the cyber security
attacks like DDoS and the Warm-hole attack.
Security Issue 1: Conduction error
The conduction error of the temperature sensors can lead to numerous security issues
such as the DDoS attack. Poor probe design of the temperature sensors may lead this security
attack. This security attack can have a huge negative impact on their networking activities in an
organization (Borgohain, Kumar & Sanyal, 2015). Jamming and tampering at the physical level
can be the most significant impact of these security attacks on the wireless temperature sensor of
this organization. Collision and exhaustion are the other sources of concern in the link layer,
Document Page
3IDENTIFICATION OF SECURITY ISSUES IN A NETWORK
malicious flooding at the transport levels are the other security threats for this organization
regarding their utilization of the temperature sensors.
Security Issue 2: Inaccurate installation procedure
Inefficient installation of the temperature sensor which is used in this organization can
have a huge negative impact in terms of the security packets used in this organization. The
compromise of the data packets can lead to serious security threats such as the wormhole attack.
During this attack, the data packets of the medium-sized organizations are connected with the
data packets of other organization are compromised. The wormhole attack does not require any
compromising sensor; it makes it easier for cyber criminals to compromise the temperature
sensor which is readily used in this organization (Hajli & Lin, 2016). The temperature sensors
and the data associated with that device can be altered by the cyber criminals and at the same
time, other essential details of the system such as it location can be exposed by the cyber
criminals after the warm-hole attack.
Security Issues related to the IT infrastructure of the organization
There are few security issues which exists in this organization considering their IT
infrastructure such as the lack of vulnerability detection system can be very much responsible
for security attacks on the proxy servers used in this organization like the STP attack. The other
security issue of this organization is the system vulnerabilities of the networking switch of this
organization which can lead to security attacks such as the MAC flooding attack. The two
security issues which are related to the IT infrastructure of this organization are the security
attacks on the switches used by the network such as the STP attack and the MAC flooding.
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
4IDENTIFICATION OF SECURITY ISSUES IN A NETWORK
Security Issue 1: Lack of vulnerability detection system
Security issues in the network of the organization such as the lack of vulnerability
detection system in the IT environment of this organization can be a reason behind security issue
such as the STP attack (Razzaq et al., 2017). The lack of the vulnerability system may lead to
cyber criminals getting the access of the networking witches with the help of the root bridge. The
STP issue is very much common in the Ubuntu server 16.04 LTS and Windows Servers 2016
which are readily used in this organization. So, it can be said that these security issues may have
deleterious impact on the software and the protocols of this organization (Conti et al., 2018). All
the incoming and outgoing traffic of the IT infrastructure can be controlled by the social
engineers if the network switches of the organization are compromised by the cyber criminals
(Fennelly, 2016). It can be also said that the other switches of this organization which are
connected to the Cisco ASA 5585-X can be used as the root ports by the social engineers of the
STP attack.
Security Issue 2: System vulnerabilities of the networking switch
. The vulnerabilities of the networking switches which are used in this organization can
lead to security attacks such as the MAC attack (Sadeghi, Wachsmann & Waidner, 2015). All the
9 Windows 10 computer systems of this organization can be affected due to this security issue.
The contents of the MAC table are forcefully connected with the switches which are used by this
business organization (Hossain, Fotouhi & Hasan, 2015). This attack can be responsible for the
leaking of essential information of this medium sized organization. The data can be obtained by
cyber criminals directly from the physical ports. Packet analyzers are used by cyber criminals
after they establish a secure and strong connection with the IT infrastructure.
Document Page
5IDENTIFICATION OF SECURITY ISSUES IN A NETWORK
Example of real-world attack to support the above discussed security issues
This unit of the paper will be discussing security issues for both IoT based devices as
well as for the IT infrastructure.
Description of an attack on IoT: Dyn attack
One of the deadliest IoT security attacks is the Dyn attack which occurred in the year
2016. This security attack is considered as one of the biggest DDoS attacks in the last 10 years.
Websites of business organizations such as CNN, Reddit, Twitter, The Guardian, and Netflix
was compromised after this security attack. The IoT botnet played a huge role in this security
attack, it created a malware called Mirai. Once a computer system is infected the computer
searches automatically the nearby vulnerable IoT devices and then it used the default passwords
and the default usernames to log in to the systems (Sen, 2015). All the IoT botnet and the
insecure IoT devices were compromised in the attack (Stojmenovic et al., 2016). According to
the investigative sources, it was found that the main intention of the cybercriminals was to attack
the Microsoft game servers (Mahmoud et al., 2017). This network-level attack wiped down data
from the servers. The security holes of the cloud based technologies were capitalized by the
cybercriminals using the Mirai Botnet.
Description of an attack on IT infrastructure: Ukraine powerhouse
The cyber security attack on the IT infrastructure of Ukraine powerhouse is one of the
deadliest attacks in the last 5 years. The attack was conducted in the year 2015 in the Ukrainian
power grids (Yang et al., 2017). The Information Systems of three energy distribution companies
was compromised as a result of the attack. More than 30 substations were entirely switched off
after the attack (Sajid, Abbas & Saleem, 2016). This security attack resulted in the power
Document Page
6IDENTIFICATION OF SECURITY ISSUES IN A NETWORK
shortages for most of the western parts of Ukraine. More than 230000 Ukrainian people were
infected due to this attack. Phishing emails were the platform chosen by cybercriminals as a
medium for this attack (Soomro, Shah & Ahmed, 2016). The entire networking infrastructure of
the Ukrainian powerhouse was compromised in the first place after this security attack. The
Pivichna substation which is located near the city of Kiev was the most affected region for this
security attack. Hour-long blackouts were there throughout the western side of the country.
Explanation of two vulnerabilities of selected organization with CVE
The two vulnerabilities which exist in this medium sized organization are described in
this section of the paper along with their CVE.
Vulnerability 1: NETGEAR GS 116PP-100AJS
The network switches which are used in the IT infrastructure is very much vulnerable as
it allows the cyber criminals to hijack the authentication of the attackers if criminals request for
performing the Doman Name Server with the hostname parameter to dnslookup.cgi.
Problems associated with the device: The problem associated with this network switch
of this organization as that it needs manual help regarding managing of all IP addresses for all
the 9 computer systems which are used in this organization. There are connectivity issues in the
ports of this network switch.
Mitigation technique for the device: Rebooting the entire networking architecture can
be a mitigation step regarding the manual managing of all the 9 computers systems which are
used in this organization.
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
7IDENTIFICATION OF SECURITY ISSUES IN A NETWORK
Vulnerability 2: Linksys WRT 1900AC
The wireless routers of this medium sized organization have numerous vulnerabilities
associated with it (Jokar, Arianpoo, & Leung, 2016). The routers are very much susceptible to
the OS command injection vulnerability when it tries to improve the filtering of the data. The
default login credentials of the routers used in this organization are easily predicted by the social
engineers is the other vulnerability of the routers which are being used in this organization.
Problems associated with the device: The security issues associated with the wireless
routers used in this organization is the problem of re-setting, where the device always tends to
reset. This can be hugely capitalized by the cyber criminals for using this flaw in a cyber-security
attack. There are mirror issue in this wireless router as well.
Mitigation technique for the device: The issue of re-setting can be easily solved if the
network replaces this version of the wireless routers. The mirror issue of this organization can be
solved purposefully if the firmware of this router is frequently updated so that the interferences
can be restricted. The application of the Mesh network can be also important to deal with the
security issue coming from this network router.
Proposed Countermeasure(s)/Solution(s)
The security issue associated with the only IoT device used in this medium sized
organization is the conduction error and the inaccurate installation procedure of the temperature
sensor (Boroojeni, Amini & Iyengar, 2017). The two security vulnerabilities of the IT
infrastructure of this organization are the lack of vulnerability detection system and vulnerability
of the network switches. The counter measure for these security issues are described in the
following table.
Document Page
8IDENTIFICATION OF SECURITY ISSUES IN A NETWORK
Issues Counter Measures
Conduction Error The potential error sources of mail and the
proxy servers which are connected to the Net-
gear network switch has to be identified in the
first place. Sensor calibration is the other
solution for the conduction error for the
temperature.
Inaccurate installation procedure The in accurate installation procedure can be
corrected by increasing the immersion length
of the device. Regular fatigue analysis of the
device is the other counter solution for this
type of error.
Lack of vulnerability detection system The counter measure of this problem is the
installation of the vulnerability scanning tools
such as Nexpose and Acunetix.
Vulnerability of the network switches Firmware patches is the counter measure to
deal with the vulnerabilities of the networking
switches used in this organization.
Table 1: Counter measure of security issue
(Source: Created by the author)
Conclusion
The two security issues which can have a negative impact on the only IoT device used
by the organization which is the wireless temperature sensors is the conduction error and the
inaccurate installation procedure of the device. And the security issues of the IT infrastructure
of this organization are Lack of vulnerability detection system and the vulnerability of the
network switches. The detailed description of a real word attack on the IoT device as well as for
the IT infrastructure considering the given infrastructure diagram is highlighted in this paper
such as the power grid cyber-attack of Ukraine and famous dyn attack. The security
vulnerabilities of the network switch NETGEAR GS 116PP-100AJS used by this organization
Document Page
9IDENTIFICATION OF SECURITY ISSUES IN A NETWORK
and the wireless router Linksys WRT 1900AC used by the organization can be also identified
from the paper. The counter measures of each of the security risks which are also determined
from this paper. Thus, this paper is very much useful for the management team of this medium
sized organization to understand the security issues of their IT infrastructure.
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
10IDENTIFICATION OF SECURITY ISSUES IN A NETWORK
Reference
Alrawais, A., Alhothaily, A., Hu, C., & Cheng, X. (2017). Fog computing for the internet of
things: Security and privacy issues. IEEE Internet Computing, 21(2), 34-42.
Borgohain, T., Kumar, U., & Sanyal, S. (2015). Survey of security and privacy issues of internet
of things. arXiv preprint arXiv:1501.02211.
Boroojeni, K. G., Amini, M. H., & Iyengar, S. S. (2017). Smart grids: Security and privacy
issues. Springer International Publishing.
Conti, M., Dehghantanha, A., Franke, K., & Watson, S. (2018). Internet of Things security and
forensics: Challenges and opportunities.
Fennelly, L. (2016). Effective physical security. Butterworth-Heinemann.
Hajli, N., & Lin, X. (2016). Exploring the security of information sharing on social networking
sites: The role of perceived control of information. Journal of Business Ethics, 133(1),
111-123.
Hossain, M. M., Fotouhi, M., & Hasan, R. (2015, June). Towards an analysis of security issues,
challenges, and open problems in the internet of things. In 2015 IEEE World Congress
on Services (pp. 21-28). IEEE.
Jokar, P., Arianpoo, N., & Leung, V. C. (2016). A survey on security issues in smart grids.
Security and Communication Networks, 9(3), 262-273.
Mahmoud, R., Yousuf, T., Aloul, F., & Zualkernan, I. (2015, December). Internet of things (IoT)
security: Current status, challenges and prospective measures. In 2015 10th International
Document Page
11IDENTIFICATION OF SECURITY ISSUES IN A NETWORK
Conference for Internet Technology and Secured Transactions (ICITST) (pp. 336-341).
IEEE.
Razzaq, M. A., Gill, S. H., Qureshi, M. A., & Ullah, S. (2017). Security issues in the Internet of
Things (IoT): a comprehensive study. International Journal of Advanced Computer
Science and Applications, 8(6).
Sadeghi, A. R., Wachsmann, C., & Waidner, M. (2015, June). Security and privacy challenges in
industrial internet of things. In 2015 52nd ACM/EDAC/IEEE Design Automation
Conference (DAC) (pp. 1-6). IEEE.
Sajid, A., Abbas, H., & Saleem, K. (2016). Cloud-assisted IoT-based SCADA systems security:
A review of the state of the art and future challenges. IEEE Access, 4, 1375-1384.
Sen, J. (2015). Security and privacy issues in cloud computing. In Cloud Technology: Concepts,
Methodologies, Tools, and Applications (pp. 1585-1630). IGI Global.
Soomro, Z. A., Shah, M. H., & Ahmed, J. (2016). Information security management needs more
holistic approach: A literature review. International Journal of Information Management,
36(2), 215-225.
Stojmenovic, I., Wen, S., Huang, X., & Luan, H. (2016). An overview of fog computing and its
security issues. Concurrency and Computation: Practice and Experience, 28(10), 2991-
3005.
Yang, Y., Wu, L., Yin, G., Li, L., & Zhao, H. (2017). A survey on security and privacy issues in
Internet-of-Things. IEEE Internet of Things Journal, 4(5), 1250-1258.
chevron_up_icon
1 out of 12
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]