






























Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
You work as a trainee IT Security Specialist for a leading Security consultancy in Vietnam called FPT Information security FIS. FIS works with medium sized companies in Vietnam, advising and implementing technical solutions to potential IT security risks. Most customers have outsourced their security concerns due to lacking the technical expertise in house. As part of your role, your manager Jonson has asked you to create an engaging presentation to help train junior staff members on the too
Typology: Assignments
1 / 38
This page cannot be seen from the preview
Don't miss anything!































On special offer
ASSIGNMENT 1 FRONT SHEET Qualification BTEC Level 5 HND Diploma in Computing Unit number and title Unit 5 : Security Submission date Date Received 1st submission Re-submission Date Date Received 2nd submission Student Name LE DONG KHOA Student ID GCS Class GCS0904A Assessor name NGUYEN NGOC TU Student declaration I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism. I understand that making a false declaration is a form of malpractice. Student’s signature Grading grid
Assignment Brief 1 (RQF) Higher National Certificate/Diploma in Computing Student Name/ID Number: Le Dong Khoa/GCS Unit Number and Title: Unit 5: Security Academic Year: 2021 – 2022 Unit Assessor: Van Ho Assignment Title: Security Presentation Issue Date: April 1st, 2021 Submission Date: Internal Verifier Name: Date: Submission Format: Format: ● The submission is in the form of an individual written report. This should be written in a concise, formal business style using single spacing and font size 12. You are required to make use of headings, paragraphs and subsections as appropriate, and all work must be supported with research and referenced using the Harvard referencing system. Please also provide a bibliography using the Harvard referencing system. Submission ● Students are compulsory to submit the assignment in due date and in a way requested by the Tutor. ● The form of submission will be a soft copy posted on http://cms.greenwich.edu.vn/. ● Remember to convert the word file into PDF file before the submission on CMS. Note: ● The individual Assignment must be your own work, and not copied by or from another student. ● If you use ideas, quotes or data (such as diagrams) from books, journals or other sources, you must reference your sources, using the Harvard style.
● Make sure that you understand and follow the guidelines to avoid plagiarism. Failure to comply this requirement will result in a failed assignment. Unit Learning Outcomes: LO1 Assess risks to IT security. LO 2 Describe IT security solutions. Assignment Brief and Guidance: Assignment scenario You work as a trainee IT Security Specialist for a leading Security consultancy in Vietnam called FPT Information security FIS. FIS works with medium sized companies in Vietnam, advising and implementing technical solutions to potential IT security risks. Most customers have outsourced their security concerns due to lacking the technical expertise in house. As part of your role, your manager Jonson has asked you to create an engaging presentation to help train junior staff members on the tools and techniques associated with identifying and assessing IT security risks together with the organizational policies to protect business critical data and equipment. Tasks In addition to your presentation, you should also provide a detailed report containing a technical review of the topics covered in the presentation. Your presentation should:
Contents Task 1 - Identify types of security threat to organisations. Give an example of a recently publicized security breach and discuss its consequences (P1)
1
Task 1 - Identify types of security threat to organisations. Give an example of a recently publicized security breach and discuss its consequences (P1)
A computer threat is a term that relates to the security of a computer system being compromised. This threat can lead to cyber-attacks and data being stolen, lost or edited. The threat could be caused by poor information security practices or a ‘backdoor’ in the code of the system. Examples of computer threats include botnets, unethical hacking, ransomware, DoS attacks.
3
4 sending a phishing email to a Fazio employee. This allowed them access to up to 40 million credit and debit cards from customers who visited its stores throughout the holiday season of 2013. Target has spent more than $200 million on this.
3.1. Computer Viruses A virus is a software program that can spread from one computer to another computer or one network to another network without the user’s knowledge and performs malicious attacks. It has capability to corrupt or damage organization’s sensitive data, destroy files, and format hard drives. How does a virus attack? There are different ways that a virus can be spread or attack, such as: ▪ Clicking on an malicious executable file ▪ Installing free software and apps ▪ Visiting an infected and unsecured website ▪ Clicking on advertisement ▪ Using of infected removable storage devices, such USB drives ▪ Opening spam email or clicking on URL link ▪ Downloading free games, toolbars, media players and other software. 3.2. Trojans Horse Trojan horse is a malicious code or program that developed by hackers to disguise as legitimate software to gain access to organization’s systems. It has designed to delete, modify, damage, block, or some other harmful action on your data or network.
6 This type of threats monitor your internet activity, tracking your login credentials, and spying on your sensitive information. So, every organization or individual should take an action to prevent from spyware by using anti-virus, firewall and download software only from trusted sources. How does Spyware install? It can be automatically installs itself on your computer or hidden component of software packages or can be install as traditional malware such as deceptive ads, email and instant messages. 3.5. Worm Computer worm is a type of malicious software or program that spreads within its connected network and copies itself from one computer to another computer of an organization. How does worm spreads? It can spread without any human assistance and exploit the security holes of the software and trying to access in order to stealing sensitive information, corrupting files and installing a back door for remote access to the system.
7 3.6. Denial-of-Service (DoS) Attacks Denial-of-Service is an attack that shut down a machine or network or making it inaccessible to the users. It typically flooding a targeted system with requests until normal traffic is unable to be processed, resulting in denial-of-service to users. How does DoS attack? ▪ It occurs when an attacker prevents legitimate users from accessing specific computer systems, devices or other resources. ▪ The attacker sends too much traffic to the target server ▪ Overloading it with traffic and the server is overwhelmed, which causes to down websites, email servers and other services which connect to the Internet. 3.7. Phishing Phishing is a type of social engineering attack that attempt to gain confidential information such as usernames , passwords , credit card information, login credentials, and so more. How does Phishing attack? ▪ In a phishing email attack, an attacker sends phishing emails to victim’s email that looks like it came from your bank and they are asked to provide your personal information. ▪ The message contains a link, which redirects you to another vulnerable website to steal your information. ▪ So, it is better to avoid or don’t click or don’t open such type of email and don’t provide your sensitive information.
9 3.10. Malware Malware is software that typically consists of program or code and which is developed by cyber attackers. It is types of cyber security threats to organizations which are designed to extensive damage to systems or to gain unauthorized access to a computer. How does malware attack? ▪ There are different ways that a malware can infect a device such as it can be delivered in the form of a link or file over email and it requires the user to click on that link or open the file to execute the malware. ▪ This type of attack includes computer viruses, worms, Trojan horses and spyware.
4.1 What is security breaches? A security breach is any incident that results in unauthorized access to computer data, applications, networks or devices. It results in information being accessed without authorization. Typically, it occurs when an intruder is able to bypass security mechanisms. Technically, there's a distinction between a security breach and a data breach. A security breach is effectively a break-in, whereas a data breach is defined as the cybercriminal getting away with information. Imagine a
10 burglar; the security breach is when he climbs through the window, and the data breach is when he grabs your pocketbook or laptop and takes it away. Confidential information has immense value. It's often sold on the dark web; for example, names and credit card numbers can be bought, and then used for the purposes of identity theft or fraud. It's not surprising that security breaches can cost companies huge amounts of money. On average, the bill is nearly $4m for major corporations. It's also important to distinguish the security breach definition from the definition of a security incident. An incident might involve a malware infection, DDOS attack or an employee leaving a laptop in a taxi, but if they don't result in access to the network or loss of data, they would not count as a security breach. 4.2 Examples 4.2. 1. Yahoo Date: August 2013 Impact: 3 billion accounts Securing the number one spot – almost seven years after the initial breach and four since the true number of records exposed was revealed – is the attack on Yahoo. The company first publicly announced the incident – which it said took place in 2013 – in December 2016. At the time, it was in the process of being acquired by Verizon and estimated that account information of more than a billion of its customers had been accessed by a hacking group. Less than a year later, Yahoo announced that the actual figure of user accounts exposed was 3 billion. Yahoo stated that the revised estimate did not repr esent a new “security issue” and that it was sending emails to all the “additional affected user accounts.” Despite the attack, the deal with Verizon was completed, albeit at a reduced price. Verizon’s CISO Chandra McMahon said at the time: “Verizon is committed to the highest standards of accountability and transparency, and we proactively work to ensure the safety and security of our users and networks in an evolving landscape of online threats. Our investment in Yahoo is allowing that team to continue to take significant steps to enhance their security, as well as benefit from Verizon’s experience and resources.” After investigation, it was discovered that, while the attackers accessed account information such as security questions and answers, plaintext passwords, payment card and bank data were not stolen. 4.2.2. Alibaba Date: November 2019 Impact: 1.1 billion pieces of user data Over an eight-month period, a developer working for an affiliate marketer scraped customer data, including usernames and mobile numbers, from the Alibaba Chinese shopping website, Taobao, using
12 4.2.5. Facebook Date: April 2019 Impact: 533 million users In April 2019, it was revealed that two datasets from Facebook apps had been exposed to the public internet. The information related to more than 530 million Facebook users and included phone numbers, account names, and Facebook IDs. However, two years later (April 2021) the data was posted for free, indicating new and real criminal intent surrounding the data. In fact, given the sheer number of phone numbers impacted and readily available on the dark web as a result of the incident, security researcher Troy Hunt added functionality to his HaveIBeenPwned (HIBP) breached credential checking site that would allow users to verify if their phone numbers had been included in the exposed dataset. “I’d never planned to make phone numbers searchable,” Hunt wrote in blog post. “My position on this was that it didn’t make sense for a bunch of reasons. The Facebook data changed all that. There’s over 500 million phone numbers but only a few million email addresses so >99% of people were getting a miss when they should have gotten a hit.” 4.3 Consequences 4.3. 1. Financial Loss The financial impact of a data breach is undoubtedly one of the most immediate and hard-hitting consequences that organisations will have to deal with. According to a recent study by the Ponemon Institute, the cost of a data breach has risen 12% over the past five years to £3.2m on average globally. Costs can include compensating affected customers, setting up incident response efforts, investigating the breach, investment into new security measures, legal fees, not to mention the eye-watering regulatory penalties that can be imposed for non-compliance with the GDPR (General Data Protection Regulation). Organisations in breach of the GDPR can be fined up to 4% of annual global turnover or 20 Million Euros (whichever is greater). If organisations are under any illusion that these financial penalties will not be enforced, the recent fines imposed on British Airways and Marriot have highlighted just how seriously the ICO intends to take GDPR violations. A breach can also significantly impact a company’s share price and valuation. This is exactly what happened to Yahoo after it was breached in 2013. The breach came to light in 2016 when the company was about to be bought over by US telecoms company Verizon. The acquisition went ahead with the company buying Yahoo for a discounted rate of $4.48 billion, around $350 million less than the original asking price.
13 4.3.2. Reputational Damage The reputational damage resulting from a data breach can be devastating for a business. Research has shown that up to a third of customers in retail, finance and healthcare will stop doing business with organisations that have been breached. Additionally, 85% will tell others about their experience, and 33.5% will take to social media to vent their anger. News travels fast and organisations can become a global news story within a matter of hours of a breach being disclosed. This negative press coupled with a loss in consumer trust can cause irreparable damage to the breached company. Consumers are all too aware of the value of their data and if organisations can’t demonstrate that they have taken all the necessary steps to protect this data, they will simply leave and go to a competitor that takes security more seriously. Reputational damage is long-lasting and will also impact an organisation’s ability to attract new customers, future investment and new employees to the company. 4.3.3. Operational Downtime Business operations will often be heavily disrupted in the aftermath of a data breach. Organisations will need to contain the breach and conduct a thorough investigation into how it occurred and what systems were accessed. Operations may need to be completely shut down until investigators get all the answers they need. This process can take days, even weeks, depending on the severity of the breach. This can have a huge knock-on effect on revenue and an organisation’s ability to recover. According to Gartner, the average cost of network downtime is around $5,600 per minute. This equates to around $300,000 per hour. This will obviously differ depending on the size of organisation and the industry affected, but clearly, it can have a devastating impact and significantly affect business productivity. 4.3. 4. Legal Action Under data protection regulations, organisations are legally bound to demonstrate that they have taken all the necessary steps to protect personal data. If this data is compromised, whether it’s intentional or not, individuals can seek legal action to claim compensation. There has been a huge increase in class action lawsuits in both the US and UK as victims seek monetary compensation for the loss of their data. Equifax’s 2017 data breach affected more than 145 million people worldwide and the company has paid out more than $700 million in compensation to affected US customers. The breach affected an estimated 15