Gloriane R. Mangindin
$15/hr
SEO Content Writing, Technical Writing, Software Development Documentation
- Reply rate:
- 33.33%
- Availability:
- Part-time (20 hrs/wk)
- Age:
- 28 years old
- Location:
- Cabangan, Zambales, Philippines
- Experience:
- 4 years
Sample Work
Final Document
1. Quantitative Data
Spoofing - It is an act of disguising a trusted or authorized source to steal sensitive information or to send malware. Below is the common list of spoofing techniques of hackers:
1. Domain Name System (DNS) Spoofing - A DNS or Domain Name System translates alphabetic domain names into their corresponding Internet Protocol (IP) addresses. A DNS spoofing, also known as DNS cache poisoning, is a security attack wherein a user is redirected to a malicious website disguised as a real one with the intention of stealing information. The hacker spoof the DNS server and send a fake IP address that redirects the user to a fake website. This attack may occur in the organization with a high probability since most of the employees rely on the internet for research or study to improve services, communication, or any type of transaction.
2. Address Resolution Protocol (ARP) Spoofing - The ARP is a communication protocol that sends a request packet to all the devices connected in a LAN. When a device identifies the IP address and matches its own with that IP, it will send its Media Access Control (MAC) address to connect with the sending device and proceed with the communication. ARP is used to detect a specific device and communicate over the network. In ARP spoofing, the hacker intercepts the communication by sending fake ARP responses to connect his or her MAC address and disguised as the legitimate one that matches with the request. This can be done by an insider since the attacker should have an access to the network first.
3. Email Spoofing - It is an attack in which the hacker sends an email with a forged header or address that looks like a trusted one to deceive his or her target to share sensitive information.
Spoofing has been a major problem in the business industry when it comes to cybersecurity. According to a study by the Center of Applied Internet Data Analysis (CAIDA), there were about 30,000 spoofing incidents every day. Over 66,000 downloads of spoofing software tools were also recorded as of 2018. Since email became an essential part of the business process, it is mostly used by cybercriminals to attack organizations and research shows that about 92% of malware is sent via email.
One example of a spoofing incident is the phishing scam that victimized a Canadian university in 2017. MacEwan University reported a $12million loss in this cybercrime. The attackers built multiple fake websites of construction companies and sent out fake invoices to the real company’s business partners.
Another is the attack that occurred in FACC. It reported a loss of over $61million due to this attack. The hacker successfully tricked an employee to transfer funds into a fake account by disguising the CEO and sent phishing emails.
Tampering - It refers to unauthorized manipulation of data. The attacker may modify, edit or damage important data once he or she gets access to the system. This attack can destroy the integrity and reliability of the organization and it indicates a weak information security system. It is considered one of the dangerous security threats in cybersecurity. Data tampering is another way of falsifying information systems by embedding destructive programs to delete or corrupt data. Hackers are able to trick users into fabricating data and it becomes easier for them to do by taking the advantage of advanced technology as new tools and programs used for data tampering continue to evolve and upgrade.
One common type of tampering is ransomware. The attacker locks or encrypts the information system of the organization until the ransom is paid. This year 2021, about 1500 business companies were affected by a ransomware attack centered on U.S. information technology firm Kaseya. It is a company that offers software tool to IT outsourcing shops. The hacker demanded a $70 million ransom for data restoration.
Ransomware is one of the biggest attacks in the history of cybersecurity. According to a study, about 4000 ransomware attacks have occurred in the US daily since the year 2016. It has a huge impact both on business and the clients, and it takes about 21 days for an affected organization to experience downtime after the attack (Coveware, 2021).
According to a survey conducted with 1,263 companies, 86% of them who gave a ransom to hackers were targeted again by another attack soon after the incident and 46% of them were able to retrieve their data but it was damaged (Cybereason, 2021).
Repudiation - It is when a user denies having performed a specific action. It is more likely to happen when the organization’s controls on tracking and logging user’s actions are not strong enough that allows falsifying data and forging identification. Non-repudiation, on the other hand, ensures that the validity of actions, transactions, or communications cannot be denied. It provides proof of the origin of data making it hard to deny where the data came from as well as its integrity. Proper monitoring and a stable information security system can prevent this type of attack so considering this risk in an information security plan is a must.
Information disclosure - It refers to information leaks or exposure. This sensitive information that is meant to be secured is released which may result in identity theft. This incident may occur inside or outside the organization. Insiders can use their privilege to dive into the information system and take actions that they are not permitted to do such as stealing information. The third-party network activities, if not properly monitored, can lead to this attack as well. Since an organization holds sensitive data that can harm its employees, clients, and even the whole business if it goes to the hands of cybercriminals, it is the organization’s responsibility to protect its assets against attacks. Information disclosure is becoming more common and is one of the major threats in the business world. According to statistics, about 156 million data records were exposed in the year 2020. In the same year, a database of Mashable.com with 1,852,595 records was leaked by hackers (IdentityForce).
According to IBM, 54% of organizations require remote work due to this pandemic, and video communication applications, such as Zoom, were widely used. Last April 14, 2020, the information of over 500,000 Zoom accounts was found for sale on the dark web (IdentityForce). This proves that even big and stable companies that are expected to have strong information security are still prone to this attack.
Denial-of-Service - DoS, also called Distributed-Denial-of-Service (DDoS), aims to bring down a network by sending a bunch of useless traffic greater than what the server can handle until it crashes and is inaccessible by the users. According to research, about 28,700 or nearly 30,000 DoS attacks happen on the internet daily. About 58% of businesses around the world were attacked by DDoS in 2018. NETSCOUT’s ATLAS Security Engineering & Response Team (ASERT) study shows that there are about 2.9 million DDoS occurred only in the first quarter of this year and this great number of attacks is very alarming.
Elevation of Privilege - It is an information system intrusion to which a user has access that is primarily not allowed and beyond what is entitled to him or her. Privilege refers to access or action that a user is allowed to do and escalation of this means a user has privileges more than they are intended to have. It can be classified into two categories - horizontal and vertical.
1. Horizontal - it is gaining access to the rights of another user with similar privileges.
2. Vertical - it is when the attacker gives himself higher privileges that are not intended for him to use.
This attack became number 1 in Microsoft vulnerabilities in the year 2020 making up 44% of the total, nearly three times greater than the previous year.
2. Insight
Cyber-attacks are widely spreading worldwide and these data show that cybercriminals are becoming sophisticated in executing their attacks and they are now more innovative in creating complex strategies and techniques through technological advancements. The increasing rate of attacks in statistics and studies shows that every organization can be a victim whether it is a big or small industry. Therefore, creating strong information security is essential. Some companies do not take it seriously and they only set aside cybersecurity without knowing that this can lead to huge damage to them and the worst, it is able to stop their operation permanently. Researches indicate that these attacks are common and are proven to destroy businesses even before. These quantitative data should be considered by cybersecurity personnel in their information assurance plan. One of the keys to having an efficient preventive measure against attack is to be updated on the trends in cybersecurity. In this way, the organization can create plans and defense against a specific threat. The reason why some of the companies failed to prevent such attacks is the lack of preparation. Hackers may strike in an unexpected moment and mostly, that’s when the organization thinks there is nothing wrong or any suspicious activities inside its network. Some incidents in the past left a huge loss to the victim because the attack was not detected immediately. The security strategies of the organization should be updated in line with the new trends of cyber-attacks. All network activities must be properly observed and ensure that there is no suspicious activity, the information system must be protected at all times against all kinds of threats, and all the programs and software tools should be up to date as well as the reliability of hardware components such as the servers, computers and storage devices.
3. Trend in Resources
Companies around the world are showing involvement in gathering this kind of data and many organizations are using different devices in their business operations to secure their information system. One of the most common examples of these is the technology of Biometrics.
The Internet of Things (IoT) is the new technology that connects objects or devices to collect and exchange data in real-time over the internet by using embedded sensors. This new trend is rapidly growing and becoming more popular. As the security threats are increasing as well on the internet, IoT security is strengthened in order to provide a stronger defense against attacks. Through gathering these data, we are able to analyze threats and risks to build robust securities and protection.
4. Evaluation
Here are the effective ways on how to protect information systems against these attacks:
Spoofing
1. Do not click and open suspicious attachments. Malware is often sent through emails as unknown attachments or links.
2. Pay attention to the website address. Always check the letter “s” in “https”. This “s” means “secure” and the website is protected against cybercriminals. You should consider as well the lock symbol on the left side of the URL since it indicates that the website is secured.
3. To prevent most spoofed emails from coming into your inbox, be sure to enable your spam filters.
4. Install cybersecurity software. These programs are used to defend data from scammers and attackers.
5. Don’t reply to emails from unknown or unreliable senders. This can prevent any transaction with a potential attacker.
Tampering
1. Use File Integrity Monitoring (FIM). It checks if any changes in the data have been made.
2. Use Copy-on-write (COW). It is a data monitoring technique wherein delta snapshots are taken when there are any changes or modification in the database.
3. Enforce data encryption and implement multi-factor authentication to prevent unauthorized access to the system.
Repudiation
1. Non-repudiation should be used to prevent repudiation. Regular monitoring of user activities, user logins, implementing digital signs, and keeping records of transactions are ways to prevent repudiation attacks.
Information disclosure
2. Manage and control data access. Information disclosure occurs when unauthorized access gets into the database.
3. Having a backup of important information is essential to businesses. However, it can be vulnerable to attacks as well. Just like how we protect and encrypt the original files, backup servers must also be secured.
4. When data is no longer needed in your organization, it should be disposed of securely or be erased appropriately to make sure that it cannot be retrieved and altered.
5. Minimizing user privilege can limit access to sensitive data as well and can prevent the risk of information disclosure.
DoS
1. Always monitor network traffic. It can be done by using an Intrusion detection system or anti-DDoS services to help you identify DoS/DDoS attacks.
2. Firewalls and routers should be up to date to discard illegitimate traffic.
3. Implement Network Vulnerability assessment. This technique aims to spot weaknesses in your network to prevent attacks.
Elevation of Privilege
1. Ensure that all privileged accounts are secured and used according to what is intended for them.
2. Monitor user behavior by keeping logs of their activities.
3. Train users to perform security measures and make them aware of the vulnerabilities and cyber threats.
