Download Assignment 1 - Security - PASS and more Assignments Computer Science in PDF only on Docsity!
ASSIGNMENT 1 FRONT SHEET
Qualification BTEC Level 5 HND Diploma in Computing Unit number and title Unit 5: Security Submission date 13/08/2022 Date Received 1st submission Re-submission Date Date Received 2nd submission Student Name Huynh Minh Huy Student ID GCD Class GCD1001^ Assessor name Tran Trong Minh Student declaration I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism. I understand that making a false declaration is a form of malpractice.
Student’s signature Huy
Grading grid P1 P2 P3 P4 M1 M2 D
Summative Feedback: Resubmission Feedback:
Grade: Assessor Signature: Date: Lecturer Signature:
Table of Contents
Task 1 – Types of security threat to organizations. An example of a recently publicized security breach and its consequences (P1) I. What is a security threat?
- Definition. A cyber or cybersecurity threat is a harmful act that attempts to harm, steal, or disrupt digital life in general. Computer viruses, data breaches, Denial of Service (DoS) assaults, and other attack vectors are examples of cyber dangers. Cyber hazards can include the likelihood of a successful cyberattack aimed at gaining unauthorized access to, damaging, disrupting, or stealing an information technology asset, computer network, intellectual property, or any other type of sensitive data. Cyber risks might originate within an organization from trusted people, or they can originate in faraway regions from unknown sources. Figure 1 : Security Threat.
- Why it is necessary to protect against cyber threats? Cybersecurity hazards infiltrate every firm and aren't always within your IT security team's direct control. Increased worldwide connection, cloud service use, and outsourcing create a considerably bigger attack vector than in the past. Third-party and fourth-party risk are increasing, making third-party risk management, vendor risk management, and cyber security risk management even more critical in decreasing the risk of third-party data breaches. Combine this with company executives making technology-related risk choices in every department every day without even realizing it. Assume your CMO is testing a new email marketing tool. If even anti-virus software with inadequate security procedures, this might offer a significant security risk, exposing your clients' personally identifiable information (PII) and resulting in identity theft. Information security cannot be left to your Chief Information Security Officer (CISO) whether you work in the public or private sector; it must be an organizational-wide endeavor.
- How to protect against and identify cyber threats Strategic Assessments: Strategic evaluations Decision-makers should be informed on big, long-term concerns while also receiving prompt alerts to potential dangers. Strategic cyber threat intelligence creates a picture of the motivations, tools, and potential risks posed by malevolent cyber attackers. Operational Assessments: Operational assessments identify probable occurrences connected to events, inquiries, or actions and offer instructions on how to handle them. For instance, what to do if malware has been installed on a computer. Tactical Assessments: Daily assistance is provided through tactical assessments, which are in-the-moment evaluations of events, investigations, and actions. A speedier, more focused reaction is encouraged by properly used cyber threat intelligence, which offers insights into cyber dangers. It can support incident response and post-incident response
- Employees and Contractors. Unless it's a Zero-day virus, computers and software programs are rather adept at guarding against malware. Whether on purpose or by mistake, people are frequently the weakest link in the security system. Common errors like sending the wrong email to the wrong person can occur, but most of the time we catch the error right away and can fix it. Simple precautions like file password protection might assist to lessen the repercussions of such errors. Unfortunately, there are also resentful individuals who intentionally destroy organizations from inside. A recent incident involving a dissatisfied internal auditor who downloaded payroll and other HR personal data and posted it online involved Morrisons supermarket. The former employee was found guilty and sentenced to jail, but Morrisons was also punished because it lacked the necessary organizational and technical safeguards to stop this crime (note that Morrisons is currently appealing against the fine). There are other instances where businesses require specialized assistance and hire outside firms or contractors that require some level of access to their systems or data. Because they might not have the same levels of protection on their devices that have access to the controller's data, these third parties are frequently the ones that might cause issues.
- Terrorists and Hacktivists (political parties, media, enthusiasts, activists, vandals, general public, extremists, religious followers) The amount of harm these agents pose depends on your actions, much like the threat posed by nation governments. However, some terrorists aim their attacks towards particular nations or sectors, so there is always a chance that you may be the victim of a random strike. The publication of diplomatic cables and other documents related to the wars in Iraq and Afghanistan by Wikileaks in 2010 is perhaps the most well-known example of this.
- Organized crime (local, national, transnational, specialist). Criminals seek personal data for a variety of offenses, including bank account fraud, identity theft, and credit card fraud. These crimes are now routinely committed on a large scale. Phishing assaults and "Watering Hole" websites utilize different methodologies, but the final result is always the same: your information and you are taken and used for evil purposes. In 2017, there were over 175,000 incidents of identity fraud reported, according to the Credit Industry Fraud Avoidance (Cifas) 2018 Fraudscape study. Although there was just a 1% rise from 2016 to 2017, there was a 125% increase from 10 years prior, and 95% of these cases involved the impersonation of a victim who was not guilty.
- Natural disasters (fire, flood, earthquake, volcano). Despite not being cyberattacks, these occurrences might have a similar overall impact on your capacity to do business. You are still dealing with a data disaster if you are unable to access your offices, data centers, or cloud-based information, and this has to be considered. Although there is relatively little risk of an earthquake in the UK, we see images of towns and cities that are submerged each year.
- Corporates (competitors, partners). Although it is evident that the potential of a competitor stealing your intellectual property exists, we are increasingly collaborating with several partner organizations to bridge skill and resource gaps or to just offer services. Depending on their intentions, these partner firms could steal or expose your intellectual property or the personal information you are keeping. The 2013 attack on the US retailer Target may be the best illustration of how partner organizations may be the source of a breach. The hackers specifically targeted (pardon the pun!) suppliers before discovering a weak spot with the HVAC company Fazio Mechanical. In order to get access to Target's point-of-sale systems, the hackers finally sent a phishing email to a Fazio employee. They were now able to access up to 40 million credit and debit
Most malware types can be classified into one of the following categories: Trojan Horse: This is a software that looks to be one thing (e.g., a game, a beneficial application, etc.) but is actually a virus delivery mechanism. A trojan horse requires the user to download it (often through the internet or as an email attachment) and execute it on the target. Figure 3 : Trojan Horse. Virus: A virus is a sort of self-propagating malware that uses code injection to infect other programs/files (or even sections of a target's operating system and/or hard drive). This nature of malware propagation via injection into existing software/data distinguishes between a virus and a trojan horse (which has purposely built malware into one specific application and does not make attempts to infect others). Figure 4 : Virus.
Worm: A worm is malware that is meant to spread to other computers. While viruses and trojan horse malware are restricted to one infected target system, worms aggressively seek for new systems to infect (often without any human intervention). Figure 5 : Worm. Malvertising: Malvertising is a method through which fraudsters introduce harmful code into legitimate online advertising networks and web pages. Typically, this code links people to dangerous websites or installs malware on their computers or mobile devices. Even if users do not do anything to initiate the download, their devices may get infected. Malvertising may be used by cybercriminals to distribute a variety of money-making software, such as cryptomining scripts, ransomware, and banking Trojans. Figure 6 : Malvertising.
Adware: Adware displays unsolicited and aggressive advertising to the end user (for example, pop-up adverts). Figure 9 : Adware. Hybrid Malware: Modern malware is frequently a "hybrid" or a mix of harmful software kinds. For example, "bots" first look as Trojans and then function as worms once executed. Individual users are regularly targeted as part of a wider network-wide cyber assault. Figure 10 : Hybrid Malware.
- Social Engineering Attacks. The act of "human hacking" to perpetrate fraud and identity theft is known as social engineering. Psychological manipulation is used by hackers to generate fear, enthusiasm, or urgency. They'll exploit your heightened emotional state against you to obscure your better judgment. A socially engineered assault may be launched with just one human mistake. And it is because of this susceptibility that crooks are increasingly employing social engineering approaches. Most Common Types of Social Engineering Attacks: Phishing Attacks : Phishing attacks are a type of information security threat that employs social engineering to dupe users into violating standard security practices and disclosing sensitive information such as names, addresses, login credentials, Social Security numbers, credit card information, and other financial information. Hackers frequently send out phony emails that look to be from respectable sources such as financial institutions, eBay, PayPal, and even friends and coworkers. Figure 11 : Social Engineering Attacks.