Vulnerabilities at Work
Vulnerabilities at Work
The modern work environment has become increasingly interconnected. The increasing reliance on networks is an advantage, but can also pose major challenges to security. The greatest vulnerability in networks for organizations is unpatched networks. The reason for this is the possibility of hacking using this vulnerability. Hackers have a major security impact to organizations, ranging from simple denial or service to stealing of vital information and using it to harm the company. Simple patching of networks is necessary, but this is not the solution. This is because without identifying it, remedies cannot be put. The main solution is the implementation of a comprehensive security plan for the entire company.
Table of Content
Table of content……………………………………………………………………………………3
Description of the Vulnerability…………………………………………………………………..4
The Reasons for its Importance ………….………………………………………………………6
The Impact of this Vulnerability on Organizations………………………………………,………6
How Organizations can Best Address its Potential Impacts………………………………………9
The modern work environment has witnessed connections, via the various forms of the internet, in almost all of their functions and operations, including finances. Various connections and online applications offer access to all information related to a company every second and every day. Besides the connections to financial operations, there is connection to various other information such as content on social media, like YouTube, Facebook, and Twitter, as well as video games, magazines, and other forms of Web 2.0 content. This systems’ interconnectivity has offered access to different kinds of data at the individual level, while, for organizations, there is the capacity of leveraging the internet to become a critical part of the everyday business. This, according to Sales (2013), has provided potential cost savings as well as faster, streamlined processes. Regardless of these benefits, there is the downside of this networking of systems. Moore (2006) suggests that rather than being used for the benefits, there are some third parties who could intercept the networks for malicious or even illegal reasons.
Description of the Vulnerability
Such activities are performed by third persons taking advantage of vulnerabilities in the network. Given the importance of computers and the internet in organizations, the systems should always be checked and updated with pertinent security patches. Where a patch is in place, it suggests that vulnerability has been revealed and made public. Thus, the whole hacker community is aware and can use the vulnerability to launch attacks. This necessitates immediate placing of a patch. Without this, the organization is left vulnerable to attacks. This is why unpatched networks remain the most critical vulnerability in organizations (Sales, 2013).
There are different traffic patterns that can be a red flag in terms of identifying various kinds of suspicious activities. While a lot of time in network security is used up discussing the identification of anomalies that can indicate a risk of an attack, one of the things that are at times forgotten in this mix is how basic it is to begin with an understanding of what the normal” looks like. This means the establishment of the baseline data for traffic activity considered normal as well as the standard configuration for network devices. This can be of great importance in assisting security analysts to spot possible problems. It would ensure that the organization is aware when their networks are unpatched and thus, remedy the situation (Sales, 2013).
The Reasons for its Importance
It is unfortunate that the open nature of Internet traffic as well as the increasing and diverging user behaviors renders it difficult to develop cookie-cutter baseline recommendations for most organizations. In essence, networks serve the needs of the users. These users tend to be unique individuals and they tend to express differing preferences, tastes, and work styles in the manner in which they interact with the network. This makes it difficult to establish the area of vulnerability fast enough to solve it. As such, organized teams can follow particular targets through well-orchestrated, patient, long-running attacks, over and over again utilizing the undetected vulnerability. In most cases, adversaries make use of zero-day vulnerabilities in gaining access to data, systems, applications, and end-points. They also communicate over various channels in the efforts to exfiltrate data from the target organization using the known vulnerability (Sales, 2013).
Google’s advanced search tools have been used by hackers to hack into computer systems and networks. A total of 43,000 faculty staff alumni, as well as students of Yale University, are some of the latest victims to hacking with the use of Google search tools. Hackers are believed to have discovered an insecure File Transfer Protocol server that had the names and Social Security numbers. The hackers used Google FTP search application according to security firm RedSeal. According to Tom Rabaut, RedSeal analyst “with the addition of indexing data that is accessible via FTP, hackers can now identify wide-open FTP sites that may contain sensitive data or can be used to leapfrog to other machines on the company’s internal network,”. “Also, Google offers the ability to restrict searches to a single domain that will make it easier for hackers to limit their data mining to only target companies”(Acohido, 2011: para 3).
Large amounts of information have been stolen as a result of hacking. It is estimated over 50 of the reported cases of data bleaches in the year 2010, have been due to computer hacking. Computer hacking accounted for the highest cases of compromised private information in 2010, involving about 43 million people in the United States. Some well-known brands have been victims to lost data through hacking, such as Polo Ralph Lauren, DSW shoes, and BJ’s Wholesale (Simply Security, 2011).
The Impact of this Vulnerability on Organizations
As long as there is the vulnerability, different types of equipment can be used to invade computer systems and networks of companies and organizations. Some of these equipment are very sophisticated and thus able to hack into some of the most secure systems and networks. Databases can be hacked through various, the common of which is delivering of Trojan. Trojan can be delivered to an organization’s computer or network systems though the use of E-mail (spam), P2P, IM, DVD, CD, and pen drive among other means. Once the Trojan is executed it can obtain the database servers and login information, connect to database servers, steal information, obtain information on the next target, or deliver encrypted information to the hacker through e-mail covert channel etc. Hackers can also carry out their hacking tasks through the use of known or unknown vulnerabilities such as Buffer overflows, weak passwords, and SQL injection (Moore, 2006). Databases can be attacked from the internet.
It is possible for hackers to bypass firewalls. This is the simplest and preferred means that hackers utilize in stealing private information from organizations. Hackers can also install a rootkit/backdoor. This method is aimed at stealing data and sending it to the attacker or giving the attacker access to the system any time of the day. Oracle database hacking involves Live Oracle Database Attacks. This is where information is obtained through the installed rootkit and backdoor. A complete database can be stolen through the use of this method. Hacking can involve what is commonly known as inside job. This is where an employee of any other person with information about the information security of the company divulges such information to malicious hackers. With such information, it is possible for such an individual to access the system and even steal information (Moore, 2006).
Security events resulting from the use of the vulnerability and network anomalies can have adverse effects on an organization. The cost effect of attacks perpetrated through the use of the cyberspace is obvious, whatever the nature of the attack. For instance, a seemingly simple denial of access can cost an organization hundreds and even millions of dollars, through failed communications with clients. An attack using the cyberspace targeted on communications, transport, or the banking sector, can have very high economic costs on organizations. Managers and users of technology run the risk of losing data or having it used for malicious reasons due to the challenges. These are new ethical challenges that were not present prior to the development of computers and computing. They are new challenges that are related to the use and dependence on information technology, both in-house and outsourced. Some of the challenges include privacy, security, malicious programs, and other computer crimes (Whitman & Mattord, 2012).
The impact of the vulnerability on organizations is made worse by the fact that internet-based attacks are distributed. Thus, it is not so easy to establish the motivation behind the attack or even the party perpetrating the attack (Whitman & Mattord, 2012). This also means that it is not easy to tell when a particular act can be viewed as a malicious act. However, different perpetrators will have differing objectives in attacking critical information systems. Some of the goals included stealing software or information, denying access, gathering intelligence, compromising telecommunications and other systems, compromising data integrity, as well as perception management.
Research has revealed that hacking has become widespread in our society today. Hackers have been compromising the computer security of different famous companies and organizations around the world. A new report in Current News has revealed that the increase has been noted in the last five years. Dubbed Operation Shady RAT in the computer security industry, an indication of the equipment utilized to hack the servers, it was showed that approximately 72 international companies and organizations have been victims to hacking, most of them high-profile. Among the organizations affected were International Olympic Committee, the UN, a laboratory for the United States Energy Department, and various United States defense contractors among others. The Association Press’ New York has revealed to be targeted some times in the year 2009 (Simply Security, 2011).
Best Practice to Address Potential Impacts
Experts have recommended that companies should begin putting in place a strategic approach to cyber security. This includes a plan to keep the current systems safe as well as to maintain the company security going forward. As organizations become increasingly connected and linking more of their operations and processes to the cyber infrastructure, it is important to implement effective cyber security strategy to protect its resources and assets, such as its intellectual property (IP), reputation, staff and customers. Most companies hold the belief that after investing in complex technical solutions they become well protected from threats in the cyber space. Nevertheless, this is just a component of an effective defense.
Whitman & Mattord (2012) suggests that there are various activities in the modern networks with a high level of variance that renders it very hard to identify security problems without an understanding of what the “normal” looks like. Thus, it is generally agreed by experts that it becomes easier to track any deviation when there is a baseline set (Sabnis et al. 2012). To be able to address the developing cyber threats that face the organization, it is important for the leaders in the organization to develop an integrated approach to cyber security customized to their information technology needs and risk profile, focusing not just on the technical elements of the defense, but also on the organizational elements and the people (Whitman & Mattord, 2012). Then, a company will need to come up with solutions, policies as well as procedures to lower the risk of attacks or to remedy in case one occurs.
Protective monitoring helps in providing a coherent view of activities that are cyber-related across the organization while supporting a positive culture of deterring counter-productive behavior. This is also important to enable the organization to deal with threats that are posed ‘insiders’ who – intentionally or otherwise – might facilitate or perpetrate an attack exploiting the vulnerability. The company should undertake regular vulnerability assessment and remediation, such as to be able to patch the unpatched networks (Whitman & Mattord, 2012).
There are various technological tools which can be useful in maintaining cyber security for the organization, including, inventories for authorized and unauthorized devices, for authorized and unauthorized software; secure configurations for software and hardware on mobile devices, workstations, laptops, and servers; malware defenses; use of software security; use of wireless device control; data recovery capability; secure configurations for network devices like firewalls, routers, and switches; control and limitation of network ports, protocols, and services; boundary defense; data loss prevention; secure network engineering; and incident response and management (Jackson, 2013).
There are various other aspects of implementation that the company should consider to be able to protect its information systems from cyber attacks. To be able to effectively implement the cyber security plan, it is important to perform effective security skills assessment as well as carry out necessary training to fill gaps. The users of the system as well as those involved in the maintenance should be trained to ensure that they have the necessary skills and can be able to recognize any threats in time to address them before they cause major damage to the system and the organization. Use of administrative privileges should be controlled with all the users provided with secure log in details and trained on how to effectively use them. There should also be controlled access on the basis of the need to know. Once the plan is implemented, there is a need for continuous monitoring and evaluation is important for the company to ensure that its information systems remain secure and safe from various kinds of cyber attacks. Maintenance, monitoring, as well as analysis of audit logs is also necessary to maintain the systems safe. Account monitoring, as well as control, should also be taken into consideration in the implementation of the cyber security plan (Jackson, 2013).
Generally, cyber security can appear overwhelming to many leaders of organizations, especially considering the increase in the number of cyber threats today. However, considering the nature of threat to computer systems due to such threats, cyber security is one area that the company has no choice but to invest in. Having the knowledge as well as the resources to manage the many threats will make the difference between success and failure in the use of information systems. As the leader in the organization, there is a major responsibility in protecting the information and information systems of the organization. An effective cyber security plan will play a major role in ensuring this is effectively done.
Acohido, B. (2011). Google hacking exposes large caches of personal data, USA TODAY. Retrieved from http://content.usatoday.com/communities/technologylive/post/2011/08/google-hacking-exposes-large-caches-of-personal-data/1
Jackson, W. (2013). 20 critical controls do improve cybersecurity, but are you using them?Retrieved from http://gcn.com/Articles/2013/07/08/20-Critical-Security-Controlsimplementation-lags.aspx?Page=1
Moore, R. (2006). Cybercrime: Investigating High-Technology Computer Crime (1st ed.).Cincinnati, Ohio: Anderson Publishing.
Sabnis, S., Verbruggen, M., Hickey, J., & McBride, A. J. (2012). Intrinsically Secure NextGeneration Networks. Bell Labs Technical Journal, 17(3), 17-36.
Sales, N. (2013). REGULATING CYBER-SECURITY. Northwestern University Law Review,107(4), 1503-1568.
Simply Security (2011). Research reveals widespread hacking, Current News. Retrieved fromhttp://www.simplysecurity.com/2011/08/18/research-reveals-widespread-hacking/
Whitman, M. E. & Mattord, H.J. (2012). Principles of Information Security, Cengage Learning