Your assignment is to write a paper in which you discuss recent security issues faced by organizations. In your paper you should address specific threats and countermeasures which have been proposed b

********** Issues Final ******************************************************** Issues ***** ****************************** *** faced **** multiple ******* to ***** system ** *** ***** time *** ***** has ************ to ********* *********** ** information ********** to ******* productivity Companies **** fail ** integrate ********** *** less likely ** attain *** efficiency ******** to be *********** ** the global economy **** ************* also use ************* *********** to reduce ***** *** ****** ******** ********** in the ***** ** ******* disasters ** ** voluntary integration or ****** integration; **** organizations *** ******* ******* ** information ********** *** their *********** *** ********* ***** *** ******** ** ************* reliance *** also ********* ***** that ****** ** ** ************ Growing economic ********** **** incentivized ******* ** ******** ***** attacks ** *** organization ************* ******* **** ****** playful with ** major ********* ** **** the ************ In ************ ******* ******* **** ** ******** ****** to ***** into an **************** system ********** ******* **** *** ******** ***** have ***** **** many organizations *** ** risk of cyberattack *** ******** ***** *** * ****** phenomenon **** impacted **** ************* including ********* *** ******* ******** payment *** *** ******* of ************ ******* The ****** ******** **** *** ****** of ********** was ******** and **** ************* that were ******* ** be ******** targets **** also exposed ** **** ****** that state ****** like ***** ***** *** ** ********* in ********* private infrastructure *** ********* *** ******** gains *** presence of ***** ****** *** ******** ******** ** *** ********** scene requires **** organizations explore *** possible ******* ** ***** ******* **** of the **** critical ******** ******* ** *** ******* cybersecurity environment ******* ****** ** ******* attacks SQL ********** ***************** attack ******** *** ******* ******* ************* **** to ********** the ******* *** ********* viable ******** to protect ***** systems *** patch *** *************** ** ***** possible ********************** ** a ****** intrusion ******** **** hackers *** ** **** ****** ** *** organization’s ******* *** ******** normally ******* ***** to *** system through *** **************** ********* ******* **** ****** emails ***** ** ***** the ********** ** **** employees ******** **** **** a ********** ****** ** encourage *** ****** to ***** ** *** ******* **** or attachment ********* ***** & ******* ***** Attackers **** ** ****** to *** ************ ******* to **** them ******* ******* ** ***** ******* programs ** ********* ***** ******* ** ***** ********* ** someone **** *** *** works ** ********** *** ****** to **** a particular ***** of ****** *** instance it ** ********* ** ignore an ***** **** the **** Hackers *** ****** a **** ***** ******* that ********* the ****** ***** credential ** send ******** ****** ** ************ ********* Phishing ******* **** ** ** ********* ** **** since **** **** ** human curiosity and ******** *** ******** ******* ****** ********* in a ********** ********* **** tend ** *** **** element ** ******* on the attachment ** email ** ******* *** victim **** ****** ******** **** to ******* *** ******** In *** ******* email ******* ** is *** **** ** **** the boss waiting **** **** ******* ******** *** ************** *********** *** employee will *********** send ***** *********** to an ********** **** ** ****** ** ****** it and endanger *** ************ Others ******* clicking ** ***** **** ******* ******* ***** ***** ***** ******* logins ***** *** ******* ******* *** compromise *** organizationEmail ******** ***** *** quite ****** *** **** organizations ******* **** *** ****** *** ********* ** detect ******* **** ***** **** ** design *** ***** ******** *** all *** ***** elements ** make *** email appear ***** ******* ****** **** ** ******** is ***** ******** ***** ******* * ******** ****** ** ************ ***** phishing ***** ** have * ****** target in **** ***** *** ** sent ** ****** Spear ******** is distinct in *** goal ****** ** ***** ********* *********** ******** & ** ***** ** **** *********** ******** ********* *** *** ************ ********* its ********** ********* The attacker **** send a ********** ***** to * specific employee and ******* **** ** *** ** ** * **** in *** ******** **** ***** *** usually * ***** **** ****** the ****** ** ***** sensitive **** **** *** ************ Depending ** *** **** of the ****** ***** phishing *** **** ** the ****** ******* ********** ****** ** *** **************** ******* ***** phishing involves more of insider dealing ** fraudulent ******* A ****** *** to ****** ********** ********* ****** *** clone **** **** ** additional ********* code **** *** **** *** * ********* ********** ** **** ** *** **** ***** hence ****** ** **** convincing ******* **** ** ** phishing is ***** ** ******* ** ******** ** *** target ** aims ** steal *** *********** of top ********** ** *** ******************** ******* **** a specific ************** that ****** should ***** One of *** tell-tale ***** is **** *** ***** ****** *** good ** ** **** *** ******* *** ** ****** to greed through ********** ****** that are difficult ** ****** *** email ******* ***** **** ** ******* ****** **** ** *** email seems ***** *** email ******* ** not ****** ********* ** *** ******** ****** **** emails **** **** ** ********** ******* ******* such ** ******* or ******* The ******** ***** ** document *** **** grammatical and ******** ****** That ******* ******** *** country ** ****** ***** phishing is an ************* ****** **** scammers ****** from ******* ******* that ******* ** *** ***** primary ******** ****** look out *** ******* ** *** ***** ** ******** **** conveys ******* *** ******* ****** *** ***** *** * way ** ****** the victim ****** ******* security ****** ** ************ ************ ** ** **** ******* ** **** *** for ******* ******** ***** *** ******* ***** ** ****** ******** *********** **** the victim Phishing **** ******* *** frequent *** of ***** **** *** unexpected ** the ********** ** ** ********* ** check **** *** links **** *** provided ***** *** URL that ** ** *** ***** content ** ** also prudent ** ***** unexpected *********** in *** ***** ******* ******** suspicious ** the ****** ****** ** verified ****** ****** *********** ******************** ********* ******** ***** ***** *** risks ** ******** ** an ************ *** ********* that understand phishing ********** **** ** ******** *** ** **** *** *** ***** ** ** **** ********* *** *** ********* ** ****** *** ******** ******** *** ********* *** ************ ** ** also prudent ** *** phishing *********** to ********* preparedness ** ** **** ******* ** ********* access ********** protocols *** ******** ** ensure **** ******** **** *** ****** the whole ************ The use ** ***** encryption and ************** ******* ***** ******** instances ************* should ******* ********** ************** to ***** ***** ********************* ****** focus on ***** the ********** ************** ****** ***** **** ***** an additional layer ** security ** adds ** ***** **** ** verification when ******* ** to sensitive ************ in the ********** Two-factor verification **** require the standard ******** *** password **** *** employee ** ***** **** **** them ** *** something **** have for ************ ** **** ***** ** is ***** ********* **** ******** a ****** **** once **** ******* ** ***** using ***** *********** ********** ***** That ** useful ***** *** ****** *** ***** ***** ***** *********** but will *** **** ***** ********* ***** ******** *** ************ **** Another ******** ** to ******* ******** ********** ******** *** ********* ****** ** required ** ****** ***** ********* frequently ** **** those **** manage ** steal ***** *********** **** not have ********** ****** ** *** ****** ******* management policy ** ** **** *** ********* *** ********* ****** to ******* ************ ** *** organization **** prevents ******* **** ********* many ****** ** *** ************ **** *** ****** ************************************ ******************* ****** ** session ********* ******* ****** ***** when a ****** ** ********* ** *** ******** ******** * presence on the internet ******** back *** forth ************ around *** world *** transactions ****** other ******** and ******** of **** ******** ** ********* *** ****************** ** the ******** ******* provides ** ****** *** ************ known ** ******* hijacking ** ***************** ******* *** ******** on other *** ******* should ******* ** ******** **** ******* to specific ******* should **** *** ******** ********* For the *********** **** is ***** ******** *** process ****** with simple browsing ** even **** you **** **** ******* *************** ** *** **** ** ********* and ********* A unique session ** ** **** ** link *** computer **** * ****** *** ****** The unique server ** ****** remain ******* between *** *** ******* **** *** ********** *********** (Kathrine ** al ***** ** ******** can ******* ****** *** session ******* successful attempts ** capture *** ******* ** ******** **** ******* ** their attempts ** posing ** *** ******** ****** *** ******** ***** ** turn allows **** ** log in ** the ******* It ** ****** *** *** **** ** ** unaware ** *** ************ ****** ****** *** ******* *** ******** *** use several ********** ** steal *** session ** *** *** of *** ****** **** ***** ********** scripting *********** ********** ********** ******* ********* ** **** ******* *** ***** ** session ******** in ***** the ****** *********** * unique ******* ID ** ** the ****** **** knows the ******* ** **** **** can ****** *** hacker ***** *** **** *** ** ******* ***** *** convinces them to use *** **** ** ** **** **** ******** but *** aim ** to hijack the ******** ******* *** user **** ********* their session ** they ***** on *** **** **** *** the ********** unique ******* ** The second form of **** ** the ******* **** ******* ** ***** *** hacker uses ******** ** **** ***** ***** *** attackers ****** *** *** of ****** ******** to **** *** traffic network ******* *** **** *** ******* *** steal ***** ******* ***** **** to use *** ********** ** ******* *** ***** *********** *** ***** ***** ******* ** *** other **** ***** the *** encryption ** waiting *** the **** ** ***** before ********** ** ****** the ******* The SSL ********** **** *** protect ***** ***** after *** ***** ******* That allows *** ****** ** ****** *** *********** **** *** ********* between the ****** *** *** ****** Since *** **** ***** exchanged includes ******* the ****** can ****** impersonate *** ****** ******* using *** passwords ****** sniffing ** particularly frequent ** unsecured ***** ********* ** the ****** *** **** the *********** ******* *** traffic nodes *** *** ****** point *** ***** **** ** ****** ** cross-site ********* which masks trustworthy ***** ** their ******** ********* use ***** **** ****** ******** to ****** *** servers ** ***** **** to **** *** ******* ** ***** **** ** ******* ***** malicious operations Attackers *** also use ******* and ***** ******** that they ******* **** *** client’s ********* ******* ***** knowledge ********* *** **** *** their ****** to the system to ***** ******* ******************** ** *** approach ****** themselves ** the server communication ** steal ******** **** *** ******* *** occur ** unsecured public ****** ***** *** ********* ***** ********** ******* *** servers and the unsuspecting ***** ******* ******** ** ** ******* ******* ** steal *** **** **** they ****** the ******* ** ******* *** the ******* ** ******** *********** **** ******* try *** ****** their **** ******** ** ***** ********* institutions It ** possible ** stop *** ***************** attacks ******* SSL/TLS ********** ********* ***** *** *** ******* **** ********* ** is *** responsibility ** *** ************ to install *** *********** *** ******* its customers **** **** attacks ***** ******** **** **** *** *** ******* a *********** *** large websites like Chrome *** ****** *** certificates **** to ** present for *** website ** ***** *********** ** **************** ******* as ****** Secure” **** classifications will make *** ************ lose ******** and ******** ******* ******* ******** ** ** ********* ******* and ********* ** avoid using ******** ****** Wi-Fi ******** ** ** ********* ** avoid **** ******** due ** ***** ************* to ******* (Khader ***** *** ***** ***** **** ****** avoid ***** ****** ******** ****** *** *** *** ******* ******* ******** (VPNs) on ******** ******** ****** ******** ** prudent ** **** and ******* ******** ******** **** connections **** *** ***** For ******** ***** ***** online banking **** ****** ******** *** ******* hold **** in * ****** private ******* ** home *** **** ******** should **** ****** encryptions ***** **** ********** ********** *** *********** to ***** ***** ******* *** **** ******** should **** **** ****** ******** *********** The router ****** ****** ** strong ** ******* ******* from hijacking *** *** ******* ***** ***** malicious ******* Public key ********** ************** **** ** *** *** ****** ** **** ** *** ******* ************** levels **** undermine **** ************* ** ******* ************ ***************** ****** ** DoS ******** ******** * server **** *** **** ******* than it is ********* designed ** ****** *** **** is ** ***** the ******* and prevent *** ******** from accessing *** server ** ******* ***** DoS ******* could **** **** **** *** servers ******** ** ******** to ********* ********* ******** ********* ** al ***** Website ********* *** ***** ******* *** use ** ******* ** ** ******** **** *** **** ****** **** *** drive ******* to the ******* until ** ******* **** ** ************ ******** ** *** era ****** ***** where **** ******* fast *** any trending ***** can ******** ******* traffic to *** ******** **************** website *** ************ *** to ** ******** ***** ** is ****** for **** ******* ** be ********* ********* flood *** ******* or ****** ** **** other users out *** some ********** ********* *** **** ***** ** *** attacks *** *** ******** *** crashing ******* ******** ******* *** *** **** ****** form of *** attack ***** ******** ************ a system with ******** **** *** server ** unable ** handle *** much traffic **** ***** *** ****** ** **** **** ***** attacks ******* of sending ******* packets of *********** to all ********* ** *** ******** ******* It ***** ********* of *** ************* devices in *** ******* ** ****** *** ****** *** ***** ******* exploit *** connection ********* *** are **** ***** as * ********* ********* ******* the **** and *** ****** ****** ***** ******* ***** ** the attack the ****** ******** * handshake ******* **** is *** completed ****** the ****** *********** *** ******** ******* the ******* that ********** the ********** open ***** Crash attacks ** *** ***** **** ******* *** attacker ******* **** to **** ********* the system The bugs exploit *** ***** ** *** ****** ****** forcing ** to crash *** attacks *** to ***** ******* users **** ********* *** ****** ******* common **** of DoS attack is the *********** *** ****** ***** gained ********** ** ****** **** *** attack uses * large number ** compromised ********* ** ********** ******* to ***** a shutdown ** * ****** ****** ** ********** ******* are normally ******* out **** ******** computers at the **** time Hackers **** to ****** multiple computers with ******* *** *** **** ** ******** ******* ** the ****** ******* ** ******* **** ******* *** ********* ** ********* ***** ** ******** ******** IP addresses **** *** ******** from different ***** ** the ***** The ****** ** the attack ** ********* to ********* *** ******* reason for **** ******* ** ** ****** ******* ** ** *********** *** ************ *** *** ***** reason **** DoS ******** *** hardware ***** ****** against *** ******* ** ** possible ** ******* ******** **** offers a ******* **** *** ******* is too **** ** ****** *** **************** ****** ********** Hardware ******* ******* setting ******* ** **** ******** ***** is * possibility of * DoS ****** ******** ************ such ** ************ ******* ************** **** make ** ********* for *** attacker to ***** *** ********** is ******** ** ******** * *** attack ** *** ******* ** ********* **** ** **** * ********** ******* ** unavailable ******* monitoring *** ******** makes ** ******** *** **** identification of a DoS ****** ** ** **** ** ***** *** defense **** *** ******** ****** ** ** ******* ** ******* a router with ******** DoS ********** Organizations ****** also use ******* ******* ******** **** **** ***** security against DoS ******* ** ** **** ******* ** **** **** *********** ******** ** ******** the ***** ** an ****** Protect the ********* victim through ******* *** neutralizing ******** ** ** also ******** ** ******* *** filter for ******** traffic *** ********** process ******* that **** genuine ***** **** ****** ** *** ****** Enforcing ******** packet ******** ****** *** ** *** ********** process ** in-depth ******* ******** ****** ** ****** since the ****** can **** ***** ********** ******* ***** **** appear to ** ***** users *** ** throttle logic ** control ******* ** **** the ****** shuts **** when the **** requests ***** * certain threshold *** ********** **** ********* ** ****** excess traffic ** *** ***** ** ** ********* ********* AttackAn *** ****** ***** pronunciation ** ************ ** * *********** language ***** ** ********** query language that ** **** in ******** communication SQL ** **** ** ******* that ****** ******** **** *** websites *** ******** *** servers *** ******** *** *** *** to ****** *** ********* ** *** injection attack will target *** ******* ** ******** **** **** on *** *** of the ********** query ******** *** attacker will use ********* **** ** attack *** ****** *** **** ** release ******** information that ** **** not ******* ** normal ***** ******** ***** Bethel ***** *** ******* will ****** ***** information ** the ********* ***** ***** ******* the ****** card ******* and ***** ***** *********** **** their ********* Attackers will **** personal *********** **** they *** ****** ** **** in *** black ****** ** *** it *** ********* ***** *** attacker ******* inserts a ********* **** and uses it ** **** unrestricted access on *** website ** ** usually ****** to ****** ********* ***** especially when *** ****** ** ******* has ******* ******** features *** ********* attack **** ***** on *** ***** *************** **** ********* the malicious **** In *** ******** *** ******** *** ** ** *** ******* ****** *** *** **** ** *** ********* *** **** a ****** ******** in ** insecure ******* ***** force *** ****** ** ******* ******** ****** *********** ***** ***** ******* *** ********* and ********* ** the siteThere *** several ***** ** *** ********** **** ****** *** security ** ** ************ *** first is *** ******* *** ********* ***** *** ******** **** *** **** ******* of ************* ** ********* *** attack *** ********** ***** results *** ********** makes ** *** ** *** **** ****** ***** ** *** ******* *** ******** can ******* ******** actions that **** ** error ******** *** ***** ******** can **** the ******** to ****** information ** the ********* ** *** database ********* *** **** *** ***** SQL ********* to generate * ****** **** response **** ******** ****** exploitable *********** ****** ****** ***** ******* ***** *** ****** **** ** the inferential or ***** *** **** sends data ******** ** *** server *** ***** for responses that aid ** ******* *** ********* It ** ***** as ***** SQL since *** ******** ** not **** to *** *** **** ******** **** *** ******* *** attack could ** **** ***** ** ****** ** *** response *** behavioral ******** ** the target server ***** ******* *** ********** ******* the ******** ******* an *** ***** **** ******* *** ****** ** ******* The ******** has ** verify if the ***** ** **** or false * ********** blind *** ******** sends * ***** ** *** ****** **** makes ** wait *** ******* before responding *** ******** can ********* if *** ******* ** **** ** false ******* ******* ** *** ******** *** third **** of attack ** *** ************ *** injection that ** mostly **** as an *********** ** the in-band and *********** tactics It ***** when *** webserver ******* a ******* ******* ** *** ******** ******* ****** ***** an SQL attack can also ****** *** **** ** *** website *** ********** *** **** successful ** ***** *** *************** in *** ******** ** ** possible to ****** *** ***** *** ******* ****** **** *** damage *** company ** ** ******** ** detect *** intrusion ** *** *********** *** *** ******* ********* ** the traffic **** *** ******** of ********* against the ****** ** **** *** ************ ****** ****** *** *** ************* data ** ***** the ********* ** ********* ***** The validation ******** ************ *** ************ user-generated data ************ involves ******** ******** ****** **** ********* the **** That ******* **** ***** *** injection codes *** ******** in the ********* *** will ******* ******** ******* ************ ******** ********* ***** ********** ******* * **** of characters **** *** ********* Only *** ********* characters *** ******* Whitelisting ** ****** **** ************ since ** **** *** ******* the ************ ** ****** ***** ********* code **** ************ ** usually **** ** ******** ******* SQL ********* ******* *** ********* developers **** ******** That implies *** ********** ****** install detection systems **** *** web application ******** ***** **** ***** *** ********* ******* Intrusion ********* ******* *** ** host-based *** ************* ******* ***** ******** ***** The ********* ********* ******* tend ** ******* ******* *** ***** *** ****** if there ** *** ******* issue **** the ****** is detected it ** **** ** ****** ** **** *** server *** ******* ********** ******** should be ** ********* due diligence ** *** ****** ** ****** start ** forming * ****** ****** **** ** ****** *** has ******* issues ********** should **** ******* installing ****** and ****** systems ** ** ********* ** ******* ******* from eliminating **** after ******** data ** ******************** love ***** ******* in ***** ************ Other ***** of ************* ******** **** ** ****** on ******* to ******* ***** attacks Malware ******* ***** ******* ** **** ****** ** *** computer in the ************ to ***** *** their ********* ********** ******* ** * **** **** *********** ******* ******** that ******** ransomware *** ******* *** ******* can ** **** ** ***** havoc **** **** take ******* ** *** ******* ***** hackers can ******* ******* and wait *** * **** **** ****** ********* ***** attacks *** ******* can **** ******* ** the machine ** ****** botnet ******* ** ***** ******* They *** also take ******* ** *** ******** for ***** ******* ***** hacks involve monitoring the ********** *** other ******** on *** ********* ** ***** ************ data from the organization’s ******* *** ********* ** *** ************ is **** *** **** *** ** **** some ****** ** allow the ************ ** *** ******* ** ******** ****** ******* ******* ** *** ****** unless **** **** direct ****** ** *** an employee or ***** ******* ** ******* *** ********** organization *** defend ******* ******* ******* ********* endpoint security **** *** **** ******* ********* or antimalware ******** to ****** ******* ***** ******* ******* ****** ********** ***** ******** ***** ******** ******* to *** ******** ******** ****** **** *** organization ** ********* from new malware ******* ** ** **** ********* ** ***** ****** *** application privileges ** *** ************ That ******* only knowledgeable ***** ****** be ******* ** make installations ** *** **************** ******* **** **** ******* ********* **** little ********* ** *********** technology from mistakenly installing ********* ******* ** *** ****** ** ** **** necessary ** **** ******** ********* programs to ***** employees ** ********** ** ***** installing *** malware ** *** systemConclusion Denial ** ******* attacks *** ********** man-in-the-middle ****** ******** and ******* ******* *** **** ** *** **** ******** ******** threats ** *** contemporary ************ ************* the ***** ****** ************* ** develop * ******* ** ******* ** ******** them *** five attacks **** ** **** ********* ** weaknesses in *** ****** ****** ** ******* ********* Others **** ** take advantage ** *** ***** ******* to ****** the organization’s ******* ******* ******* *** ***** ******* ***** **** *** ** **** ** ******** the ***** **** ***** of attacks ****** ***** ** infect the ****** with ******* ** ***** information ** *** **** ** ********* other forms ** ******** ******* ** *** ****** The ************ ****** ******* ******* **** ******* **** *** ************* ********* of ***** ******* They ****** **** ****** **** ***** ******* have very few ****** **** ******* can ******* *** other ****** form ** ******* ** the ************ ** antivirus ** ***** malware protection ******** It is **** possible to ******* ************ ** *** ****** **** target ******** ***** ** attacks ************* ****** also ****** ***** ******* **** the ****** ********** ************ since ******* **** ******** ******* *** **** ******* **** an ********* ********** ** ****** systems hence the **** for ******** *** care ************* should ******** their ********** ** ******** *** ******* their staff ** the ****** ** avoid ******* ******* to ********* ****************************** V ***** ******** * ****** ********** ********** of *** Injection Database ******** An ************ ******** ** Emerging ******** ** ********* *********** ************* and ************ *** ****** ******** New DelhiHansen * * ****** T * * ********** M ***** Pedersen * * ***** ********* ** ******** *** detection *** ****** ************** ** malware ***** ** ********** ******** ** **** International Conference ** ********* ********** and ************** (ICNC) (pp **** ************* * ****** ********** ********************** **** in SMS phishing attacks ******** ***** & Security ******* 6-8Kathrine * * * ****** P * **** * * ***** ********* * * ***** ****** Variants of phishing ******* *** their ********* ********** In **** 3rd International ********** on ****** ** *********** *** *********** (ICOEI) *** 255-259) IEEEKhader * * & *** * (2015 ****** ********** man-in-the-middle attack ** ************** *** ******** ******** In **** **** ************* ********** ** ****************** (ICT) *** 204-208) ********* * * Sultan * B * ***** ******* A * (2016) Systematic ********** ****** ** *** ********* ****** International Journal ** **** Computing ***** ************* * * ******** N * ******* M * Jonker * **** A ***** ******** A (2019) ** **** *** ******* The *** ** Denial-of-service Attacks during Elections ** ************* ******* ******* of Conflict Resolution ********************* * & ******* R ****** *********** ******** ** the ********** techniques ** ****** ** ******* ******* ** ******** ****** ******* ******** ******** Science 48 ************** * ***** Bethel * * (2016 April) * ****** ******* ******** *** ********** *** injection ******* ** **** *** International ********* on Digital ******** *** ******** ******* *** 169-169) ************** * ******** * ***** ** * * ****** ********* cognition and automaticity ***** of ******** ************** ************* ******** ***** 1146-1166Williams * * Hinds J ***** Joinson * N (2018) Exploring ************** to ******** ** the ********* ************* ******* ** ************** ******* *** **********

Click here to download attached files: Security Issues Draft Paper.docx

Click here to download attached files: Security Final Paper.docx