CYBERSECURITY RISK ASSESSMENT STEPS 6-7

CYBERSECURITY RISK ASSESSMENT STEPS 6-7. Name University of Maryland Global Campus Capstone in Cybersecurity Date.

[Audio] As part of the FVEY, the Australian team has carried out a detailed forensic analysis, and focus has been considered on this data exfiltration since it has happened on the nation's intrusion detection system holding the international summit. Furthermore, each nation's server at the summit reveals further at greater risk, with likelihood of certain attacks including buffer overflows and denial of service depending on the Australian reported irregular pattern of network traffic detected. This Australian team presentation identifies current measures for authentication, authorization, and access control, and enlightens on weaknesses within the organization's security including technology, people, and policy) that might lead in successful exploitation of vulnerabilities and/or threats..

[Audio] Current security measures Mitigations and Weaknesses of the Security Attack Vectors Attribution Analysis Vulnerability Matrix Recommendations.

[Audio] People Physical security Training/ Education- ensure improved Threat Awareness and Response Continuous monitoring of the Network Device Accountability.

[Audio] Technology Hardware Security Intrusion Detecting Software Authentication Devices Network Monitoring Firewall.

Current Security Measures Authentication, Authorization, and Access Control.

[Audio] Weaknesses Poor password selections Phishing attacks ( emails) and social engineering Mitigations Password creation guidelines and techniques Establish awareness training Teach all users to think and act like an attacker.

[Audio] Weaknesses Rainbow tables- These tables requires being stored in a big memory ( Hard Disks). Mitigations Network mapping- is the physical connectivity of networks such as the Internet. Hash password storage System segregation.

[Audio] Weaknesses Evolving advanced technology Misconfiguration BYOD Malicious Devices and Computers Mitigations Software updates and vendor support Firmware updates and vendor support Penetration Testing Software Patch Management.

[Audio] Keystroke Injection Tool-Rubber Ducky Write the payload on Micro-USB in simple and easy scripting language Load after its inserted to the USB port Keystroke injection on the payload executed to the system file Attack deployed USB Harpoon The cable often allows MD to execute HID attacks when plugged into a computer's USB port. HID attacks via USB drives have become too suspicious. Conceals a chip Copy files Deliver payloads Executes commands.

[Audio] Backdoors- cybercriminals conceal malware inside of a free file converter. Malware Injection Devices- for example the cloud computing infrastructure is prone to malware injection attacks. Supply Chain Attacks- often work by delivering malicious software or other viruses via a vendor or supplier. Physical Tampering- this involves the deliberate adulteration or altering of a product, package, or system. USB, phone charging cords- they can be embraced to hack into the system and allow attackers in, thus compromising user security. Near access and close access attacks- A common form of close access attack is social engineering..

[Audio] Email Attachments- email attachment reveal as a top malware vector that results to data breaches. Supply Chain Attacks- this often seeks to harm an organization by targeting less-secure elements in the supply chain. Backdoors- A malware type that refutes normal procedures for authentication to access a system. Malware Spread- this occurs when user's install or download an infected software..

[Audio] Social engineering- broad range of malicious activities accomplished through human interactions. Poor Credential Management- often observed in applications and can result to significant loss of reputation during data breaches. Webpage- serious vulnerabilities or weaknesses allow criminals to gain direct and also public access to databases and webpages.

[Audio] Anomalous network activity was also identified in the overall network of FVEY; therefore the team becomes all affected. Potential attack vector routes are further considered SERVER Australian hardware is about seven years old, therefore does not meet the security construction requirements of current years. Conventional Basic Input / Output System ( BIOS) appears vulnerable to possible attacks Uses HP Sure Start (HP. 2019)..

[Audio] Utilizing Linux operating system, because it is an open-source attacker might exploit easily. C programming using Linux reveal also vulnerable to buffer overflow. In this case, Australian's server is about three months behind the modern version. Software: One application is also vulnerable to DoS attack, therefore it requires being patched. Because all the five teams are further affected, the software and server is not most like to be the main cause. ( CISA. 2019)..

[Audio] Human Factor is doubted Social engineering reveals also most likely Uploaded malware using USB flash drives to entire servers physically or even an upload attacking the overall network by a member contributing in the summit. Trojan attack that established and led to backdoor might possibly from email phishing..

[Audio] Policy – Mitigate Policy Risks might be mitigated Continuing reassessment of threat environment A rule imposed is generally a rule opposed Enforcement.

[Audio] Technology-Accept the Risk (Short Period) Supply Chain reveals complex and hard to effectively manage and not cost effective. The period of the summit appears much shorter. New technology poses challenges to stay consistent and updated Constant backup and no avoidable devices.

[Audio] People-Mitigate Some of the Risks Limit the access control level and further limit the capability to execute the harm Good management Response Training and Threat Awareness Physical Security.

References. Balbix . ( n.d. ). 8 common cyber-attack vectors and how to avoid it. Retrieved from Balbix : https://www.balbix.com/insights/attack-vectors-and-breach-methods / CISA. (2019). Understanding Denial-of-Service attacks. Retrieved from https:// www.cisa.gov/uscert/ncas/tips/ST04-015 HP. (2019). HP Sure Start. Retrieved from http ://h10032.www1.hp.com/ctg/Manual/c06216928 IBM. (2019). Database security. Retrieved from https:// www.ibm.com/cloud/learn/database-security Malwarebytes . (2021). Backdoor computing attacks. Retrieved from https://www.malwarebytes.com/backdoor /.