System Security Risk and Vulnerability Report- Assessing Attack Vectors and Mitigation Strategies

System Security Risk and Vulnerability Report- Assessing Attack Vectors and Mitigation Strategies

Attack vectors

Vulnerabilities enable the exposure of systems to attack. Many a time, the vulnerabilities avail a means through which an attacker executes unauthorized commands. The particular actions are commonly referred to as attack vectors (Ullah et al., 2018). In the scope of penetration testing, attack vectors are widely associated with injection attacks where a programmer writes a script that targets legitimate user credentials when using cloud platforms, sending data to a database, or logging in to a system (Ee et al., 2020). A typical attack is SQL injection.

Given that most organizations worldwide have adopted information technology (IT) in their workflows, there are numerous threats to their resources, including the company’s IT infrastructure, programs, systems, and computer networks. Threats to such resources could be from external parties or the company’s staff and categorically take two forms active and passive attacks (Ee et al., 2020). Concerning the active ones, if an attack occurs using social engineering techniques such as phishing or spoofing email attacks, the company’s data, networks, and systems are altered. In contrast, in passive cases, trained professionals may only notice the attacks, and they are quite stealthy to a company’s computing resources. Examples of passive attacks entail keystroke logging, brute-force attacks, and network sniffers (Ee et al., 2020). In the modern-day cybersecurity aspects, the most common attack vectors include logic bombs, wireless attacks, smurf attacks, cross-site scripting, buffer overflows, cracking passwords, phishing, trojan horses, SQL injection, and brute-force attacks. Menges & Pernul (2018) assert that software quality assurance for the enumeration of attacks and their patterns ought to use schemas like the Vocabulary for Event Recording and Incident Sharing and the Common Attack Pattern Enumeration and Classification.

Significance of Public-Key Infrastructure -PKI

PKI facilitates server-side security by providing rules, procedures, and policies that enable the management, storage, cancelation, or creation of digital security certificates and the management of public-key encryption (Lozupone, 2018). Its usage in cyber-security is asymmetric in cryptographic nature. Users are assured of security when accessing websites configured with HyperText Transfer Protocol Secure to access internet banking, emails, and other cloud-based services. The most critical question to establish is what core parts make up PKI?

To realize PKI’s full benefits, a certificate authority (a verified entity that facilitates the authentication of a user’s identity) is mandatory (Lozupone, 2018). The certificate authority (CA) works by generating digital certificates and assigning them to users. The CA and the system administrator sign the certificates digitally to counter any changes to the digital certificate. The digital certificate is typically signed using a public key and counter-signed by the public key infrastructure provider, a private key. Therefore, the private and public keys must match for verification of the certificate and provision of encrypted networking over the Internet (Lozupone, 2018). Users can verify the signed digital certificate courtesy of a repository offered by PKI providers.

Mitigation

Cybersecurity risk mitigation primarily consists of measures that adequately address a risk to a company’s computing resources. They entail identifying risks, evaluation, and classification, and applying an appropriate action such as monitoring, transfer, and control, or the risks can be avoided (Cassidy, 2016). Risk strategies are selected based on the company’s mission statement and business processes. Should the cost of mitigation be smaller than the potential damage or interruption to business processes, the organization must control the risk (Sokri, 2019). The company must implement procedures, policies, and technologies that will eliminate particular risk occurrences such as session timers, biometric access to server rooms, and periodic reset of strong passwords (Kure, 2018). If the company uses a technology that is obsolete and exposes its resources to attacks, newer technologies should be implemented. This practice, risk avoidance, can be attained through education, training, and review of procedures.

Once an organization realizes that an attack came from inside, perhaps outsourcing cybersecurity services should be considered. This technique is referred to as risk transfer (Cassidy, 2016). In this case, the organization ought to buy cybersecurity insurance premiums. In other cases, if the organization has a constrained budget, it would be advisable for the organization to monitor the risk till a full assessment of the risk is attained and proper actions generated. Therefore, the mitigation strategies have to be continuous and combat newer cybersecurity risks and threats that arise.

Countermeasures

An organization’s countermeasures are essential in ensuring its computer networks, applications, infrastructure, and systems are well-secured. They must enhance the three pillars of cybersecurity – confidentiality, integrity, and availability (Cassidy, 2016). The organization must be secured physically from the outside using swiping identity cards to know who accessed what floor. For highly protected floors and sections, there must be biometric scanners that grant access. Exterior doors to such areas should only be opened by specific security personnel, and all people making entries and exits must be logged in the system.

During software and application design, authentication and security features appropriate to the organization must be designed. Employees and staff should be given the least privileges of what they only need to perform their jobs. This minimizes the organization’s exposure in case the users misuse privileges and leak their credentials (Cassidy, 2016). Additionally, the organization must implement appropriate firewalls and intrusion detection systems, protect the company’s WIFI and cabled ethernet networks, set minimum characters allowed for a password and a periodic expiry duration, and consistently install and upgrade the latest anti-virus software. Cassidy (2016) proposes that the essential bit of cybersecurity is to conduct training for all users on the updated company policies concerning the security of the organization’s networks, infrastructure, applications, and other computing resources.

References

Cassidy, A. (2016). A practical guide to information systems strategic planning. CRC press.

Ee, S. J., Tien Ming, J. W., Yap, J. S., & Lee, S. C. Y. (2020). Active and Passive Security Attacks in Wireless Networks and Prevention Techniques.

Kure, H. I., Islam, S., & Razzaque, M. A. (2018). An integrated cybersecurity risk management approach for a cyber-physical system. Applied Sciences, 8(6), 898.

Lozupone, V. (2018). Analyze encryption and public key infrastructure (PKI). International Journal of Information Management, 38(1), 42-44.

Menges, F., & Pernul, G. (2018). A comparative analysis of incident reporting formats. Computers & Security, 73, 87-101.

Sokri, A. (2019, July). Cyber Security Risk Modelling and Assessment: A Quantitative Approach. In ECCWS 2019 18th European Conference on Cyber Warfare and Security (p. 466). Academic Conferences and Publishing Limited.

Ullah, F., Edwards, M., Ramdhany, R., Chitchyan, R., Babar, M. A., & Rashid, A. (2018). Data exfiltration: A review of external attack vectors and countermeasures. Journal of Network and Computer Applications, 101, 18-54.

ORDER A PLAGIARISM-FREE PAPER HERE

We’ll write everything from scratch

Write a three-page System Security Risk and Vulnerability Report. Include the attack vectors to the nation system in the report.

System Security Risk and Vulnerability Report- Assessing Attack Vectors and Mitigation Strategies

This report should comply with information assurance standards, practices, and procedures