+44 203 318 3300 +61 2 9052 0853

Dealing with Cyberattacks Assignment Sample

Pages Pages: 18

Words Words: 4600

Dealing with Cyberattacks Assignment

Get free samples written by our Top-Notch subject experts for taking Assignment helper.

Introduction - Dealing with Cyberattacks

In current times, the growth and development of the internet is generally considered as the most effective technological as well as social change of people’s daily life. People are allowed to communicate with each other through the internet across the world; also related barriers regarding trades can be reduced by using the internet. On the same time, as dependencies are increased on cyberspace, new risks and threats have been found in this. Risks can be like the threat of damaging the key data along with a system in which people are effectively connected for the technological opportunities and benefits.

Generally Cyber attack is considered as an attempt for disabling the computer systems, stealing data and also using a breached computer system for launching additional attacks. Different methods and techniques have been used and utilized by the cyber criminals for launching various cyber attacks such as phishing, man-in-the-middle attack, malware, ransomware etc. The information and data that is stored in the computer system of any organization can be damaged and compromised in various ways; it can be through accidental as well as malicious actions or by the failure of electronic components or software.

Discussion

The computer systems of the organizations can be compromised through various ways, GCHQ is taking necessary steps for understanding the attackers and the malicious actions. The risk to the computer assets and the information generally comes from a broad threat spectrum with a broad capability range (Alzahrani et al. 2017). The impact and effect on the business will generally be based on the opportunities that are presented to the attackers, the attackers’ capabilities for exploiting them and also the motivations for the attack. The attacker’s motivation can vary from revealing their technical ability regarding financial gain, political protest, commercial advantage, through to the diplomatic and economic benefits for the country. Though attackers have the capability and motivation for attacking, an opportunity is still required for them to deliver any attack successfully.

In the UK cyber attacks are a major and effective issue that causes various economical effects on the organizations and affect the development of the country. That is why the government of UK has taken these risks seriously and due to this “2010 National Security Strategy” valued the cyber attacks as a “Tier 1 threat”, as well as despite tough financial circumstances, the government has spent over 640 million dollars for the last five years for developing cyber security. To solve and reduce the cyber attacks there are several steps that have been taken for the betterment of the organizations.

There are two types of capabilities that are discussed in this essay for characterizing the capabilities that are employed by the attackers.

Commodity Capability

This type of capability basically involves techniques as well as tools that are openly available inside the internet that can be utilized in a simple way (Hadlington, 2018). This consists of tools which are designed for the security specialists that can be also utilized by the attackers because they are developed and designed for scanning the vulnerabilities inside the applications and the operating systems. A proper example of commodity tool is “Poison Ivy”.

Bespoke Capability

This type of capability generally involves techniques along with tools which are designed, developed along with utilized for specific reasons and that is why maximum specific knowledge is required. It includes malicious code that generally takes the advantages of the vulnerabilities regarding the software which are not properly distinguished to the anti-malware organizations, basically recognized as “Zero-day exploits”. It also consists of applications that are poorly designed and also the features of the undocumented software.

Un-targeted attacks

In the untargeted attacks, many services, users or devices are targeted by the attackers indiscriminately. The attackers don't care about the victims as a number of services along with machines will be there with the vulnerabilities. The techniques that have been used for taking the advantages related to the openness regarding the internet include:

Phishing, which consists of sending various emails to various people asking about personal and sensitive information and data or to encourage them for visiting fake websites.

“Water holing”, in this technique the attackers set up fake websites for exploiting the visiting users.

Ransomware, it is consisting of circulating extortion malware regarding disk encryption.

Targeted Attacks 

In the targeted attacks, a specific organization is selected by the attackers as they have specified interest in the business of the organization or have been paid for targeting the business. Targeted attacks consist of:

Spear-phishing, which includes sending emails to the targeted people with the attachment of malicious software or any link by which malicious software can be downloaded.

Deploying a botnet, this technique is utilized for delivering a “DDOS (Distributed Denial of Service)” attack.

Supply chain subverting, this method is used for attacking the software along with the equipment which is going to be delivered to the company.

Generally, the attackers will initially utilize the commodity techniques as well as tools for probing the system of the organization for a vulnerability that is exploitable.

Vulnerabilities

Various opportunities have been provided by the vulnerabilities to the attackers for gaining the access to the cyber systems. It is able to occur through user error, features or flaws (Alzahrani et al. 2017). These can be utilized by the attackers through exploiting one of them or by combining them for achieving their major goal. 

A flaw is generally considered as an unintended functionality. It can be either a result regarding poor design or by the mistakes which are made during the process of implementation. These kinds of vulnerabilities are exploited in current times by maximum common attacks. In the previous year, vulnerabilities regarding nearly 7500 unique as well as verified software were revealed in the “UK National Vulnerability Database”.

A feature is basically considered as an intended functionality that can be distorted by the attackers for breaching any system. The experience of the users can be improved by the features, problems can be diagnosed by this but features are also exploited by the attackers to fulfill their end goal. JavaScript, it is broadly utilized in the dynamic web implementation, majorly used purposely by the attackers. This consists of diverting the browser of the user to a website that is malicious and also installing the malware silently, and the malicious code is hidden for passing through general web filtering.

A computer system which is designed and also implemented carefully is able to minimize related vulnerabilities regarding the internet exposure. These types of efforts cannot be done easily. Also users are considered as a major source related to vulnerabilities (Hadlington, 2018). Various mistakes have been made by them, like choosing a password that can be guessed easily, or leaving their used phone along with laptop unattended. Mostly the cyber users are trapped by giving outside their private password, doing installation of the malware and also revealing the data information that can be useful for the attackers. Providing these details can allow the attackers to properly target and also time the attack accordingly.

Espionage campaign against the energy sector of the UK 

“Watering Hole” is an effective technique that is utilized by the attackers for distributing the malware inside the businesses in the energy sector of the UK. Scripts have been added by the attackers for legitimating websites that are accessed by the staff of the energy sector. The browsers of the visitors were redirected surreptitiously as well as automatically for downloading the malware from the server which is owned by an attacker. The main targets by the malware are the patches along with known vulnerabilities in the browsers of older internets, Java and and also the current Microsoft Windows version (Alzahrani et al. 2017). The credentials as well as the information of the computer systems of the visitors are harvested by the malware and this information is sent with the help of the domains of the attacker to the controller.

Initially, it is discovered by the attackers that a single web designing organization hosted various websites related to the businesses of the energy sector. It can't be said for sure how the attack is delivered by the attackers. The networks of the web design company may have been infiltrated by a hidden user with the stolen credentials and data information by spar phishing method and also exploited a vulnerability that is unpatched over the web server.

The web server is compromised by the attacker and then the code is added which is the reason for overloading their own website whenever someone visits the legitimate website. In the stage of delivery, the website of the attacker generally delivers malicious code to the computers of the victims. The browsers which are unpatched are breached through the flaws of the known software in general internet browsers and Java.

The website of the attacker basically installed a “Remote Access Tool (RAT)” on the computer of the visitor, and a usual kind of script related to web application is enabled. The communication process then started between the malware and domains that are owned by the attackers by frequently sending the “beacons” for showing that it was active as well as for requesting commands from various attackers. The malware is basically developed and designed for capturing the information of the system, keystrokes of the user and also the contents of the clipboard for enabling the attackers for consolidating the position of them as the movement was done by them for affecting the target. However, the security monitoring related to the activity of the network generally detects the control messages along with the commands from the malware on the computers that are affected and infected and for this case the attack can be destroyed and broken before affecting the business that is previously targeted.

Dealing with Cyberattacks

Figure 1: Watering hole Attack

(Source: Hadlington, 2018)

Capabilities, vulnerabilities and mitigations

Various commodity techniques and tools have been used and utilized by the attackers for compromising the targets inside the energy sector. The main goal was to access the lawful websites of the organization by using the scanning tools that are automated and also kits are exploited for identifying as well as exploiting the vulnerabilities that are unpatched and also the social engineering is utilized for taking the advantages of training along with awareness of poor users (Mousavinejad et al. 2018). The exploited applications of the website of the attacker are hosted by the script with the vulnerabilities of the known software for installing the “Remote Access Tool”.

While the attack is rectified and also spotted by the security monitoring process, this control can not affect fully, as it is dependent heavily on the skills along with technology. If proper effective and important controls are utilized, the attack can be prevented successfully.

The major essential and effective mitigations related to this attack can be,

Defenses related to network perimeter, this process includes deploying a web filtering, web proxy, content checking along with firewall policies that can prevent executable access as well as downloads to the internet malicious domain.

Defenses related to malware protection, by this the code of the commodity attack can be detected which are used and utilized for exploiting the browser of the victims.

Patching the flaws of the previously known software, it can prevent the system from the script and successful access of the malware. 

White listing as well as execution control, it is able to prevent the software that is unknown from being installed and run by it. 

The “User access control” is able to restrict the capabilities of the malware.

Security Monitoring can identify any activity that is suspicious. 

Precautions for reducing the Cyber Attacks 

Detecting, disrupting and preventing the attack at the early stage can reduce the business impact and also the reputational damage. Once the presence of the attackers has been consolidated, it can be difficult to find and remove them.

Breaking the pattern of the attack

The maximum motivated attackers who are capable of carrying out various stage attacks, commodity techniques along with tools are used by them frequently which are easier for them to utilize and also cheaper (Hadlington, 2018). So in the proper place if the security processes as well as controls can be put, it can be tough for them to target the business. Also, an approach of defense-in-depth for mitigating the risks by the entire range related to potential attacks can give the business more protection from the attacks which utilize more bespoke techniques along with tools.

Reducing exposure using important security control

There are various effective as well as affordable and essential ways for reducing the exposure of the organization to more general kinds of cyber attacks which are exposed in the internet on the computer systems. The below mentioned processes are considered in the “cyber essentials”.

The Boundary Firewalls along with gateways of the internet can establish defenses regarding network perimeters, specifically web filtering, web proxy, firewall policies can detect and also able to block the access to the previously known malicious domain and the computers of the user can be prevented from direct communication with the internet.

The Malware protection is able to establish and also maintain the malware defenses for detecting as well as responding to the attack code that is previously known. 

In the Patch management, the known vulnerabilities are patched with current software versions for preventing the attacks by which the software bugs can be exploited.

White listing along with Execution control, this method can prevent the software from being auto installed that also includes Auto run on the CD along with USB drives.

Secure configuration is able to restrict the functionality of the operating system, application and the device to the minor requirements regarding the business.

A proper password policy should be maintained and placed properly.

The user control access consists of limiting the permissions of the execution related to the normal users and also enforcement of the least privilege principle.

Security monitoring can identify any suspicious activity along with unexpected activity (Mousavinejad et al. 2018). 

Also by proper awareness and training education, the staff can be able to understand the role and responsibility for keeping their organization safe and secure from the attacks and also report if any unusual or unexpected activity occurred.

Mitigation of the stages of attack

In mitigating the survey stage, user training, awareness as well as education is essential. The users should have the knowledge of how the potential vulnerabilities can be revealed by the operations. Also the users have to be aware about the risks of demonstrating or discussing the topics related to works on the social media, and how phishing attacks can target these potentials. They also have to understand the risks regarding the business of revealing and releasing sensitive personal data and information in email recipients, normal conversations and telephone calls that are unsolicited (Casa et al. 2018). Also the secure configuration is able to minimize the data information that is disclosed by the devices dependent on the internet, about the related configuration, versions of the software.

In the mitigation process of the delivery stage, the options of delivery that are available and can be utilized by the attacker can be effectively reduced by maintaining and also applying some security controls that are more significant while applying in the combination.

The upgraded malware protection is able to block the emails that are malicious and also prevent the downloading process of the malware from the websites. Unnecessary as well as unsecure services can be blocked by the proxy servers along with firewalls and it is also able to maintain the known negative websites list. Also subscription to the reputation service of the website for generating the blacklist of the websites can also offer extra protection.

A password policy that is technically enforced can prevent the users from selecting the passwords that are easily guessed and also the accounts are locked after specific times of wrong attempts.

The functionality of the system can be limited by the secure configuration to the minor requirements regarding the operation of the business and also it can be applied systematically to the devices which are utilized for conducting business. 

Mitigation process of the breach stage

The capability of successfully exploiting the vulnerabilities that are known can be mitigated effectively and significantly with some controls.

The entire commodity malware is based predominantly on the flaws of the known patchable software. The patch management that is effectively related to the vulnerabilities can ensure that the patches can be utilized at the initial stage of opportunity and is able to limit the time when the organization can be exposed to the vulnerabilities of the known software.

Malware protection inside the internet gateway is able to detect and identify the malicious code that is previously known in an item that is imported, like an email. The devices inside the internet gateway have to be utilized for preventing the access that is unauthorized to inherently insecure and also crucial services that can be required by the company internally. Also the gateway can identify and detect any inbound as well as outbound connections which are unauthorized.

Properly maintained and also well implemented user access controls can restrict the privileges, data and applications that are accessed by the users (Mousavinejad et al. 2018). Unnecessary software can be removed by the secure configuration and also accounts of the users can be defaulted. It is also able to ensure that the default passwords have been changed successfully and the automatic features by which malware can be activated frequently are deactivated.

User training, awareness along with education is essentially valuable for reducing the possibility related to “social engineering” to be successful.

Finally, it is critical and effective to detect and identify a breach, which is considered as the capability of monitoring the entire activities of the network and also for analyzing it for detecting unexpected and malicious activity.

Mitigation process of the affect stage

If the complete measures related to the survey stage, delivery stage along with the breach stages are properly placed and implemented consistently, the attacks that are dependent on the commodity capability can be unsuccessful and fail to attack the target (Casa et al. 2018). Also if the adversary of the user is capable of using bespoke capabilities then the user should assume that the capabilities can be evaded by them and are able to get inside the system. Specifically, the user should have proper knowledge about which effective and essential process of security monitoring has the potentiality of identifying and detecting the unusual and suspicious activity.

Once a motivated as well as technically skilled attacker has got the entire access to the user’s system, it can be difficult and tough for detecting their actions and also eradicating the presence of that attacker. Here, an entire defense-in-depth method is essential to solve this issue.

The major way to deal with these kinds of key threats, “ten steps to cyber security” has been followed by the maximum business organizations of the UK to reduce the cyber attacks and protect their respective systems.

Ten steps to Cyber Security

  1. Regime of risk management, the risks is assessed to information as well as the systems of the organization by embedding a proper risk management regime. It can be controlled and supported by the senior managers along with boards.
  2. Secure configuration, a strategy should be developed for removing or disabling system’s unusual and unnecessary functionality and also for fixing the known vulnerabilities with the help of patching.
  3. Network security, Proper security to the network can diminish the possibilities regarding the technologies along with systems to be attacked by constructing and also implementing normal policies as well as proper technical and also architectural responses.
  4. Managing user privileges, the risks can be increased if there will be unnecessary rights of data access and also system privileges are found. Reasonable rights and system privileges should be provided to all the users.
  5. User awareness and education is also essential as the staff should be educated about the security of the organization and the effective cyber risks that can help them to work properly.
  6. By creating effective policies as well as processes of incident management can help for improving the resilience and also the confidence of the stakeholder along with the customer and the impact can be reduced potentially.
  7. Malicious software and codes are very effective and harmful for hampering the system. These are the main usable tools by the attackers (Casa et al. 2018). These risks can be diminished by developing and also properly implementing policies of anti malware.
  8. System monitoring is majorly utilized for detecting the actual attacks on the business services and the system. Appropriate monitoring is important for responding significantly to the attacks.
  9. A policy should be produced for controlling the entire access to the media that is removable. All the media should be scanned for malware before utilizing them inside the system.
  10. Mobile working along with access related to remote systems has major benefits that can be utilized for avoiding cyber attacks.

Conclusion

In this study, the key threats inside the cyber systems have been discussed and evaluated. In current times, Cyber attacks are a major and effective cause that affects the business system negatively. Different methods and techniques have been used and utilized by the cyber criminals for launching various cyber attacks such as phishing, man-in-the-middle attack, malware, ransomware etc. To detect these attacks properly and prevent them, there are various steps that are discussed here. These mitigation strategies are essential for solving this issue.

Reference Lists

Journals

Mousavinejad, E., Yang, F., Han, Q.L. and Vlacic, L., 2018. A novel cyber attack detection method in networked control systems. IEEE transactions on cybernetics48(11), pp.3254-3264.

Huang, K., Siegel, M. and Madnick, S., 2018. Systematically understanding the cyber attack business: A survey. ACM Computing Surveys (CSUR)51(4), pp.1-36.

Rana, M.M., Li, L. and Su, S.W., 2017. Cyber attack protection and control of microgrids. IEEE/CAA Journal of Automatica Sinica5(2), pp.602-609.

Bendiek, A., Bossong, R. and Schulze, M., 2017. The EU's revised cybersecurity strategy: half-hearted progress on far-reaching challenges.

Hadlington, L.J., 2018. Employees attitudes towards cyber security and risky online behaviours: an empirical assessment in the United Kingdom.

Tvaronavi?ien?, M., Pl?ta, T., Casa, S. and Latvys, J., 2020. Cyber security management of critical energy infrastructure in national cybersecurity strategies: Cases of USA, UK, France, Estonia and Lithuania. Insights into Regional Development2(4), pp.802-813.

Koujalagi, A., Patil, S. and Akkimaradi, P., 2018. The wannacry ransomeware, a mega cyber attack and their consequences on the modern india. BEST: International Journal of Management Information Technology and Engineering (BEST: IJMITE) 6.4 (2018)14.

Kim, K., Alfouzan, F.A. and Kim, H., 2021. Cyber-Attack Scoring Model Based on the Offensive Cybersecurity Framework. Applied Sciences11(16), p.7738.

Lakshminarayana, S., Teng, T.Z., Yau, D.K. and Tan, R., 2017, May. Optimal attack against cyber-physical control systems with reactive attack mitigation. In Proceedings of the Eighth International Conference on Future Energy Systems (pp. 179-190).

Hakak, S., Khan, W.Z., Imran, M., Choo, K.K.R. and Shoaib, M., 2020. Have you been a victim of COVID-19-related cyber incidents? Survey, taxonomy, and mitigation strategies. Ieee Access8, pp.124134-124144.

Johns, E., 2020. Cyber security breaches survey 2020. London: Department for Digital, Culture, Media & Sport.

Finnerty, K., Motha, H., Shah, J., White, Y., Button, M. and Wang, V., 2018. Cyber security breaches survey 2018: Statistical release.

Tsakalidis, G., Vergidis, K., Madas, M. and Vlachopoulou, M., 2018. Cybersecurity threats: a proposed system for assessing threat severity. In Proceedings of the the forth international conference on decision support system technology–ICDSST 2018.

Chapman, J., 2019. How Safe is Your Data?: Cyber-security in Higher Education. Higher Education Policy Institute.

Kalakuntla, R., Vanamala, A.B. and Kolipyaka, R.R., 2019. Cyber Security. HOLISTICA–Journal of Business and Public Administration10(2), pp.115-128.

Nikolov, L. and Slavyanov, V., 2018. Network infrastructure for cybersecurity analysis. In International scientific conference.

Radziwill, N.M. and Benton, M.C., 2017. Cybersecurity cost of quality: Managing the costs of cybersecurity risk management. arXiv preprint arXiv:1707.02653.

Alzahrani, M.G. and O'Toole, J.M., 2017. The Impact of Internet Experience and Attitude on Student Preference for Blended Learning. Journal of Curriculum and Teaching6(1), pp.65-78.

Siraj, A., 2018. Impact of Internet Use on Social Capital: Testing Putnam’s Theory of Time Displacement in Urban Pakistan. The Journal of Social Media in Society7(1), pp.456-468.

Obaidullah, M. and Rahman, M.A., 2018. The impact of internet and social media on the habit of reading books: A case study in the southern region of Bangladesh. Studies in English Language and Education5(1), pp.25-39.

Akram, W. and Kumar, R., 2017. A study on positive and negative effects of social media on society. International Journal of Computer Sciences and Engineering5(10), pp.351-354.

Kurniasih, N., Rhefhansha, R.F., Wajdi, M.B.N., Haluti, A., Sari, D.A.P., Manurung, R.T. and Mudjanarko, S.W., 2018, November. Internet and learning resources: a case study of the Library and Information Science Students at Universitas Padjadjaran. In Journal of Physics: Conference Series (Vol. 1114, No. 1, p. 012086). IOP Publishing.

Castells, M., 2014. The impact of the internet on society: a global perspective. Change, 19, pp.127-148.

Free Download Full Sample
Recently Download Samples by Customers
Our Exceptional Advantages
Complete your order here
16000+ Project Delivered
Get best price for your work

Ph.D. Writers For Best Assistance

Plagiarism Free

offer valid for limited time only*