A Software Engineer designs, develop, tests, and evaluates the software and the systems that allow computers to execute their applications. Take on the role of Software Engineer for the organizatio
Michelle Smith Security, Threats, and Vulnerability assessment University of Phoenix
Table of Contents
Introduction 2
Assessment scope 2
System model 3
Existing countermeasures 4
Threat agents and possible attacks 6
Exploitable vulnerabilities 7
References 8
Introduction
This is a security threats, attacks, and vulnerability assessment paper for an organization known as Brainhub. Brainhub is an organization that is located in Europe, Poland and it deals with software development. The organization only deals with one programming language, JavaScript. Brainhub has it’s headquarter in Gliwice, Poland. It also has got two other offices in Poland, one in Bielsko-Biala and another one in Krakow.
According to Ahmed Z (2014) JavaScript is a “computer language which is used in most of the web browsers like Chrome, Firefox, Netscape, Safari and it is mainly used for establishing interactions via interfaces”.
Assessment scopeOur assessment scope will include virtualization, cloud, database, network, mobile devices and software
Virtualization
This will involve virtual storage devices, desktop virtualization etc.
Cloud
This will include cloud computing services that are offered to users such as cloud databases
Network devices
This will include network cables, patch panels, cabinets, routers, switches, gateways, modems, wireless access points, firewalls and proxy servers
Servers
This will include mail servers, web servers, application server, telnet server and database servers
Mobile devices will include mobile phones and tablets that are used for organizational purposes
Information system
This will include the Operating System, utilities system such as antivirus, commercial applications such as photo editing software e.g. Photoshop, database management system among other softwares.
System modelFrom the diagram we can see that we have network architecture that interlinks the three Brainhub offices and has routers, switches, computers, mobile devices, and various servers such as database server, web server, email server etc.
Router – router is a networking device that forwards packets between networks
Switch – switch is a network device that connects devices together in a network
Firewall – firewall is software or hardware put on the network and it prevents forbidden communication
Server – server is a computer or computer program that manages access to a centralized resource in a network
Mobile devices – these are mobile devices that are used for organizational purposes and they can access the network. They include tablets, and smart phones
Existing countermeasuresLet us first define countermeasure, vulnerabilities and threats
According to Pfleeger C et al (2015) countermeasure is seen as control.
According to Pfleeger C et al (2015) vulnerability is a “weakness in the system that can exploited to cause loss or harm”.
According to Pfleeger C et al (2015) a threat to a computing system is a “set of circumstances that has the potential to cause loss or harm”.
The countermeasure in place is that Brainhub has got security policies in place and they are adhered to. Examples include:
Password policies
Passwords needs to be changed every fortnight
Password should not be less than 10 characters and should contain letters, numbers and special characters such @
Users should not leave their passwords in plain sight
The system should log out a user who has tried to input password thrice without succeeding
Network devices and infrastructure
Network devices such as routers should only be accessed by the network administrator
The network administrator should access the network devices such as switches over a Secure Shell (SSH)
The network devices should have an encrypted password
Antivirus policy
All computers and mobile devices should be installed with an up to date antivirus
Always scan devices attached to the computer before using them
Scan online attachments before opening them
Don’t download files from unknown sources. For example, don’t download apps on Android devices that do not originate from Google play store
Threat agents and possible attacksAdvanced persistent threat – this is whereby a group of elite team of hackers target users so as to steal information over a specific period of time using techniques such as phishing etc.
Malvertising attack – an attacker can put a malicious code in an online advert and when a user clicks on the advert then the code infects the system
Phishing attack – this is whereby an attacker sends emails or sets up a website asking a user to enter personal details such as bank details leading to identity theft.
An employee can decide to steal laptop from the office leading to physical attack
Scan attacks – an attacker can come up with a code that looks at opened ports on a system and exploiting that vulnerability
An attacker can perform SQL injection – this is whereby an attacker enters SQL commands on an input text box resulting in manipulating the data on the database
Malware attacks – an attacker can set up a website that has kits to find vulnerabilities in a system and when a user visits that website, malware is forced into their system.
Worm attacks – an attacker can attach a worm to an email and when unsuspecting user opens that attachment, then the worm starts infecting his/her system as it propagates through the network.
Denial of services attack- this is whereby an attacker overwhelms the server with traffic leading the server to crash
Brute force attack – an attacker with time on his hand can keep on guessing the network passwords through trial and errors and eventually gaining access of the system.
Software such as an antivirus can lack the latest security patches leading to attacks on a system
Cross site scripting – a user can attack a website server through inputting data on a website input text box.
The following are the vulnerabilities that can be exploited:
Lack of proper design in programming of software using JavaScript
Lack of having well thought and implemented passwords
Lack of having an antivirus that is up to date with the latest security patches
Lack of closing unused ports
Having unprotected communication lines
Having poorly designed network architecture
Lack of performing adequate recruiting process of personnel
Ahmed, Z (2014). Which one is better – JavaScript or jQuery. Retrieved from https://www.ijcsmc.com/docs/papers/June2014/V3I6201456.pdf
Pfleeger, C., Pfleeger, S., & Margulies, J. (2015). Security in computing. Retrieved from https://ahsanghazi.files.wordpress.com/2017/03/263973122-security-in-computing-5-e-charles-p-pfleeger-pdf1.pdf