With the current trends in technology, organizations have found themselves in the receiving ends of the risks which have emerged as a result of these trends. These risks are specifically due to many threats and risks associated with information systems. As a matter of fact, cases of security breaches have been increasing year in year out. This is an indication that any organization is at risk of information security breach in this era. It is therefore importance for all the organizations to be aware of some of the potential risks to their information security and ways to mitigate such threats or reduce their impacts if they happen to hit the organization. In this paper, activities related to security audits, BCP planning, Controls, risk analysis and control, and appropriate tools as well as techniques of containing organization information tools have been discussed with Google Company as the case study.
Among the above list, ransomware, a common network information system malware is the first in line to be discussed.
In its basic definition, Ransomware has been defined as malicious software threatens a computer operation once inside the computer by preventing the access to personal data in the computer. Under such situations, the attacker can freely demand for a ransom from the person who has been affected in order to bring things back to normal and which is not always truthful (Andrei, CEBERE & ACHIM, 2018). Based on the chosen organization, Google Company, Ransomware can gain access to a personal computer in various ways and the common one is through Phishing spam, an attachment that can appear to the victim as an email and masquerading as a trustworthy file. They trick the owner to download them but once downloaded and opened, they then take over full control of the victim’s computer and deny him access especially if built with social engineering tools that trick the owner into giving full administrative access.
Once these malwares take over the victim’s computer, they encrypt all the user files and which cannot be decrypted easily without a mathematical key which is only known by the attacker (Al-rimy, Maarof & Shaid, 2018). This is the moment when the user is send a message being explained that the files can only be decrypted under certain attacker conditions like paying some amount of money or things of the sort. In some of the previous attacks witnessed, the attackers claimed to be law enforcement agencies shutting down the user’s computer because of violations such as pirated softwares and demanded for fines to restore the computers. Such tricks scare the victims from reporting the incidences to relevant authorities (Andronio, Zanero & Maggi, 2015).
Kaspersky Anti-Ransomware Tool is a well-known tool when it comes to malware and anti-virus protection. It was designed with SMB’s mind and leverages System Watcher and Kaspersky Security network technologies in identification of ransomware behavior patterns when protecting windows based devices at the endpoints. The Kaspersky Security Network collects all the information from the voluntary users to keep the tool up to date with latest threats while System Watcher technology scans all the crucial system events hence preventing malicious attacks (Baykara & Sekin, 2018).
AVG Ransomware Decryption software has many tools which are designed to counter specific ransomware threats. Such tools ensure that all files are scrutinized before being opened in the computer and in case a malware is detected, it is discarded immediately to prevent its consequences. These tools however work effectively when the software is maintained up to date. The tools utilized by this software include Crypt888, Apocalypse, Legion, TeslaCrypt, BadBlockSZ, FLocker and Bart
Unlike the case of Kaspersky Anti-Ransomware Tool which puts more emphasis on protection of a computer against malware attacks, this tool works at the extreme end when the computer has already been affected through its special features which enable it decrypt files which are already attacked by the ransomware (Chandrashekhar, Gupta & Shivaraj, 2015).
3.0 Threats against Google Company Network Routers and Switches
Threats against network routers and switches are many including the distributed denial of service attacks (DDoS), denial of service attacks (DoS), social engineering and malware. These are just but a few and an indication that there are many threats towards these network devices and a call for different protection approaches if a network must be secure. Solutions to these threats are designed to cover multiple attacks but can never cover all the threats. Therefore, a network needs a multilayered security approach to achieve maximum security objective.
DoS and DDoS works on a principle of making routers and switches so busy to an extent that they cannot play their roles in a network. To understand this principle, it is considered that any networked device has a standard capacity of devices it can serve when connected and which highly depend on device factors like processors, memory size, networking buffers, NIC processor and the network connection speed (Esan, 2015). When router or switch abilities to work are hindered or in other words prevented, a successful DoS is said to have taken place. This is achieved by sending very large amounts of traffic at the network router or switch to trigger these devices to fill their buffers or enter error condition status. This can be achieved through configuring a single third party network device to focus its full networked capacity towards another less capacity device. Considering my case study Google, since it supports large number of networked capacity, an attack from single device won’t be able to put any dent in its capacity and therefore distributed denial of service attacks comes into play. In this attack, the attacker utilizes a group of exploited devices also known as botnet instead of using a single device to send traffic to perform an attack on network devices. Since the path to get to the attacker is indirect, it makes it harder to trace the executor of these attacks (He, Dong, Ota, Fan & Wang, 2016).
This has been one of the popular and most obvious methods of attack to network devices for years. It utilizes social methods to extract sensitive information which can hardly be given directly. A good example is the phishing which can be send to network administrators to lure them into disclosing network control credentials like password and access controls to the routers and switches. The attackers can therefore compromise the network routers and switches using these credentials given by the administrator.
Malwares are short forms for malicious softwares. In the current technology trend, they include Trojans, viruses, adware, worms, spam and rootkits. Although they differ in the way they operate, they have a common goal of exploiting network devices like routers and switches to compromise their operations. For instance, viruses are programmed to attach itself on specific executing code which after being run executes and reproduces itself by spreading to completely interfere with the normal functioning of a network device. On the other hand, worms works by taking advantage of the network operating systems of these devices and are programmed to turn network devices into bots for later attacks.
System manufactures have set it clear that systems are hardly perfectly reliable and can rarely anticipate all failure modes. Windows Server 2012 has been with some features to ensure reliability and availability of web services. However, these features are not adequate for full functioning of the server. Google Company has implemented some measures to ensure reliability and availability of its web services (Hwang, Hsu & Lee, 2015).
The organization works very hard to prevent any external violations to its server memory space. It has also adopted the .NET Framework which imposes constraints on potential rogue processes which can interfere with proper functioning of the server. Also, it has implemented mechanisms of ensuring proactive validation to detect correct behavior of processes (Jin,Tomoishi, Matsuura & Kitaguchi, 2018).
This company has implemented both automated and remote software and patch distribution upgrades hence minimizing their server downtimes and reducing the risks of human errors during maintenance processes.
This service allows over 10,000 system user access through different ways such as scripting, application and command lines as well as fine monitoring, controlling and reporting of any malfunctioning of the server whenever it is detected.
These features ensure quick troubleshooting and restoration of the servers to their normal conditions quickly as possible to avoid incidences of non-response or slow responses when accessing the servers. They include system recovery, logging, built-in performance monitoring, and tracing capabilities (Voit & Verma, 2018).
Despite of the fact that message security features in Microsoft Exchange Server have been there right from the first version of the product, only the customers with specialized security skills and security experts have used the features. However, due to the increased support for S/MIME (Secure/Multipurpose Internet Mail Extensions) in the current Message Exchange Servers and the high demand for regulatory compliances, the need to comprehend these principles has risen (Knorr & Aspinall, 2015).
To achieve email confidentiality and integrity most messaging platforms have adopted S/MIME. For instance, the Messaging and Security Feature Pack for Windows Mobile 5.0 has begun to support S/MIME certificates on current smart phones. Also, most Microsoft Exchange Server Service Packs are offering support for S/MIME in the Microsoft Outlook Web Access. Before S/MIME, the most common email protocol under use by the administrators to transfer messages was the Simple Mail Transfer Protocol and which inherently proved to be less secure. However, with the current S/MIME certificates, e-mail options are now provided under greater security compared to SMTP protocol. This has enabled widespread and secure e-mail connectivity. S/MIME achieves its security objectives through two approaches digital signatures and message encryption (Kharraz, Robertson & Kirda, 2018). These two approaches are not mutually exclusive services because each addresses its own specific security issue. On the side of Digital signatures, it addresses both authentication and repudiation issues while message encryption deals with confidentiality issues. For that matter, for integrity and confidentiality of email messages to be achieved, both digital signatures and message encryptions have been used by the Google Company.
DoS and DDoS works on a principle of making servers so busy to an extent that they cannot play their roles in a network. To understand this principle, it is considered that any server has a standard capacity of devices it can serve when connected and which highly depend on device factors like processors, memory size, its buffers, its NIC processor and its processor speed. When server abilities to work are hindered or in other words prevented, a successful DoS is said to have taken place (Maurya, Kumar, Agrawal & Khan, 2018). This is achieved by sending very large amounts of traffic at the server to trigger its buffers to fill or enter error condition status. This can be achieved through configuring single third party devices to focus its full capacity towards another less capacity server. Considering my case study Google, since it supports large number of servers, an attack from single device won’t be able to put any dent in its capacity and therefore distributed denial of service attacks comes into play. In this attack, the attacker utilizes a group of exploited devices also known as botnet instead of using a single device to send traffic to perform an attack on the server. Since the path to get to the attacker is indirect, it makes it harder to trace the executor of these attacks (Wong & Kerkez, 2016).
These include the attacks like SQL injections, cross-site request forgery (CSRF) and cross-site scripting (XSS) which are launched by Cyber criminals to break into servers and access data for different purposes.
DNS servers have increasingly become targets for attackers because when DNS servers are taken offline, the attackers keep thousands of millions of Internet users from gaining access to the Internet. So, if an ISP’s DNS server is incapacitated by the attacker, ISP’s subscribers are prevented from resolving their domain names, sending emails, visiting websites and using other important Internet services (Mathew & Varia, 2014).
With the increased number of applications supporting SSL, 40 percent of applications are currently using SSL technology or change ports. SSL encryption has proved to be an enormous loophole that can be utilized by malicious people to exploit webservers. This is because of the inability of firewalls and intrusion prevention tools to keep pace with the growing SSL encryption demands. For instance, the SSL key transitions from 1024 bits – to 2048-bits has burdened many security devices because 2048-bits certificate require almost 7 times more processing power to be able to decrypt SSL certificate encryptions (Ozzie et al, 2015).
Scalable applications with high availability are not easy to find because application problems usually crop up in some unexpected ways to cause the applications stop working appropriately as they were designed. Application availability problems arise from the least expected areas. For that matter, it becomes very hard to anticipate where the problems may originate. There are different approaches which can be used by an organization to improve email server availability. Here are the two most common (Polyakov et al, 2014)
As indicated above, scalable applications with high availability are not easy to find because application problems usually crop up in some unexpected ways to cause the applications stop working appropriately as they were designed to, an email server that supports a certain amount of traffic today might experience significantly more traffic in future and that may lead to denial of service. So, an email server should be built in an architecture that can accommodate increased sizes of databases and applications.
To ensure that a server is highly available, potential risks to the server must be removed first. This is in consideration to the fact that systems failures are caused by risks. Therefore, identifying those risks is a key approach to increasing server availability.
When cyber security threats are mentioned on organization information system, many people tend to conjure up the images of expert hackers conducting attacks from an enclosed room. However, statistics have indicated that employees are the biggest security threat for any organization information system. Out of the 75 percent of the organizations which suffered data breach in 2015, 50 percent of the worst breaches originated internally, from the organization employees (Shu, Wan, Li, Lin, Vasilakos & Imran, 2016).
Recklessness among organization employees has been taken as an opportunity by malicious attackers to obtain organization system passwords and end up penetrating into those systems to carry on their agenda. This is achieved by tricking the employees to reveal such credentials and then the hackers can go ahead to impersonate and access the organization systems. So, employees should be top in the list when an organization is looking at mitigation methods to its information security (Safa & Von, 2016).
Most of organization employees are not even aware of the potential threats they can cause to the whole organization out of their recklessness. It therefore plays a major role to enlighten them on some of the activities they can get into leading to risk on the organization information systems.
Potential risks to organization information security should be discussed centrally and ways to mitigate those threats implemented centrally through the involvement of every member in the organization fraternity. This helps in reducing the external forces which can take the advantage of naïve employees to gain access into the organization information system (Safa, Solms, & Furnell, 2016).
Unmanaged passwords have been used before as the easiest way of breaking organizations information systems. So, organizations should implement strong policies in regard to Password usage through issuing guidelines on strong password requirements and emphasizing on the importance of having strong and unique passwords.
The most important measure of server performance that can be obtained from system data logs is the system Response time. They enable the analyzing team to understand the time taken by requests to be returned. For instance, a web server log data may give an insight on how long a request took to return the response to the client devices. This enables the analyzers to know whether the performance of the server meets its standard or there is some interference (Thubert, Levy & Ribiere, 2015).
On the other hand, log reports enable the auditing team of an organization in various ways. First of all, it enables the team to obtain all the data and operations which took place in particular time. For instance, if there is any communication which was carried out by the team under investigation it is obtained. Also, any calculations and data deleted by the team under investigation can also be retrieved through log reports to provide insights on whatever subject under investigation.
Being aware of threats towards an organization security system is an importance step when an organization is trying to mitigate risks on its network infrastructure. Considering that fact, and that these two tools help in identification and protection of both wired and wireless networks against several security threat types makes the tools very important (Tayan, 2017).
Just like the Intrusion Detection and Prevention Tools, Anti-malware helps in identification, blocking and removal of malwares. They help in tailoring anti-malware policies in the identification of known and unknown malware sources.
These tools bolster security in a network through monitoring and controlling security devices remotely. Further, these tools can remotely lock stolen, compromised or lost mobile device as well as wiping all the data stored in those devices (Vexler, 2014).
These tools control the BYOD policy approaches in an organization by granting only compliant devices the access to network assets.
This tool provides application visibility, controls and web security essentials. They also improve the standard firewall abilities through application-awareness features.
Conclusion
From the above scrutiny, it’s clear that information security has extended its boundaries under the new digital era and any organization which wishes to withstand the pressure from the security threats should consider adopting the new technologies. Through that only, the organizations can survive the test of time.
References
Andrei, R. U. S. U., CEBERE, B. C., & ACHIM, A. I. (2018). U.S. Patent Application No. 10/045,217.
Al-rimy, B. A. S., Maarof, M. A., & Shaid, S. Z. M. (2018). Ransomware threat success factors, taxonomy, and countermeasures: A survey and research directions. Computers & Security.
Andronio, N., Zanero, S., & Maggi, F. (2015, November). Heldroid: Dissecting and detecting mobile ransomware. In International Workshop on Recent Advances in Intrusion Detection (pp. 382-404). Springer, Cham.
Baykara, M., & Sekin, B. (2018, March). A novel approach to ransomware: Designing a safe zone system. In Digital Forensic and Security (ISDFS), 2018 6th International Symposium on (pp. 1-5). IEEE.
Chandrashekhar, A. M., Gupta, R. K., & Shivaraj, H. P. (2015). Role of information security awareness in success of an organization. International Journal of Research, 2(6), 15-22.
Esan, A. B. (2015). Development of Countermeasures against some Internet Security Threats (Doctoral dissertation, Landmark University, Omu-Aran, Kwara State Nigeria).
He, J., Dong, M., Ota, K., Fan, M., & Wang, G. (2016). NetSecCC: A scalable and fault-tolerant architecture for cloud computing security. Peer-to-Peer Networking and Applications, 9(1), 67-81.
Hwang, S. Y., Hsu, C. C., & Lee, C. H. (2015). Service selection for web services with probabilistic QoS. IEEE transactions on services computing, (1), 1-1.
Jin, Y., Tomoishi, M., Matsuura, S., & Kitaguchi, Y. (2018, March). A Secure Container-based Backup Mechanism to Survive Destructive Ransomware Attacks. In 2018 International Conference on Computing, Networking and Communications (ICNC) (pp. 1-6). IEEE.
Knorr, K., & Aspinall, D. (2015, April). Security testing for Android mHealth apps. In Software Testing, Verification and Validation Workshops (ICSTW), 2015 IEEE Eighth International Conference on (pp. 1-8). IEEE.
Kharraz, A., Robertson, W., & Kirda, E. (2018). Protecting against Ransomware: A New Line of Research or Restating Classic Ideas?. IEEE Security & Privacy, 16(3), 103-107.
Maurya, A. K., Kumar, N., Agrawal, A., & Khan, R. A. (2018). Ransomware: Evolution, Target and Safety Measures.
Mathew, S., & Varia, J. (2014). Overview of amazon web services. Amazon Whitepapers.
Ozzie, R. E., Ozzie, J. E., Moromisato, G. P., Narayanan, R., Augustine, M. S., Shukla, D. K., … & Ghanaie-Sichanie, A. (2015). U.S. Patent No. 9,003,059. Washington, DC: U.S. Patent and Trademark Office.
Polyakov, A., Seinfeld, M., Mody, J. J., Sun, N., Lee, T., & Chu, C. (2014). U.S. Patent No. 8,667,583. Washington, DC: U.S. Patent and Trademark Office.
Shu, Z., Wan, J., Li, D., Lin, J., Vasilakos, A. V., & Imran, M. (2016). Security in software- defined networking: Threats and countermeasures. Mobile Networks and Applications, 21(5), 764-776.
Safa, N. S., & Von Solms, R. (2016). An information security knowledge sharing model in organizations. Computers in Human Behavior, 57, 442-451.
Safa, N. S., Von Solms, R., & Furnell, S. (2016). Information security policy compliance model in organizations. Computers & Security, 56, 70-82.
Thubert, P., Levy-Abegnoli, E., & Ribiere, V. J. (2015). U.S. Patent No. 9,015,852. Washington, DC: U.S. Patent and Trademark Office.
Tayan, O. (2017). Concepts and tools for protecting sensitive data in the it industry: a review of trends, challenges and mechanisms for data-protection. International Journal of Advanced Computer Science and Applications, 8(2).
Vexler, V. (2014). U.S. Patent No. 8,849,793. Washington, DC: U.S. Patent and Trademark Office.
Voit, E. A., & Verma, J. (2018). U.S. Patent Application No. 15/475,235.
Wong, B. P., & Kerkez, B. (2016). Real-time environmental sensor data: An application to water quality using web services. Environmental Modelling & Software, 84, 505-517.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download