Technology Brief
Information Security Overview
The methods and processes to protect information and information systems
from unauthorized access, the disclosure of information, usage or
modification. Information security ensures the confidentiality, integrity, and
availability. An organization without security policies and appropriate
security rules are at great risk, and the confidential information and data
related to that organization are not secure in the absence of these security
policies. An organization along with well-defined security policies and
procedures helps in protecting the assets of that organization from
unauthorized access and disclosures. In the modern world, with the latest
technologies and platforms, millions of users interacting with each other
every minute. These sixty seconds can be vulnerable and costly to the private
and public organizations due to the presence of various types of old and
modern threats all over the world. Public internet is the most common and
rapid option for spreading threats all over the world. Malicious Codes and
Scripts, Viruses, Spams, and Malware are always waiting for you. That is
why the Security risk to a network or a system can never eliminate. It is
always a great challenge to implement a security policy that is effective and
beneficial to the organization instead of the application of an unnecessary
security implementation which can waste the resources and create a loophole
for threats. Our Security objectives are surrounding these three basic
concepts:
Data Breach
eBay Data Breach
One of the real-life examples describing the need for information and
network security within the corporate network is eBay data breach. eBay is
well-known online auction platform that is widely used all over the world.
eBay announced its massive data breach in 2014 which contained sensitive
data. 145 million customers were estimated having data loss in this attack.
According to eBay, the data breach compromised the following information
including:
Customers' names
Encrypted passwords
Email address
Postal Address
Contact Numbers
Date of birth
These sensitive information must be stored in an encrypted form that uses
strong encryption. Information must be encrypted, instead of being stored in
plain text. eBay claims that no information relating to Security numbers like
credit cards information was compromised, although identity and password
theft can also cause severe risk. eBay database containing financial
information such as credit cards information and other financial related
information are claimed to be kept in a separate and encrypted format.
The Origin of eBay data breach for hackers is by compromising a small
number of employees credentials via phishing in between February & March
2014. Specific employees may be targeted to get access to eBay's network or
may eBay network was entirely being monitored and then compromised.
They claimed detection of this cyberattack within two weeks.
Google Play Hack
A Turkish Hacker, “Ibrahim Balic” hacked Google Play twice. He conceded
the responsibility of the Google Play attack. It was not his first attempt; he
acclaimed that he was behind the Apple's Developer site attack. He tested
vulnerabilities in Google's Developer Console and found a flaw in the
Android Operating System, which he tested twice to make sure about it
causing crash again and again.
Using the result of his vulnerability testing, he developed an android
application to exploit the vulnerability. When the developer’s console
crashed, users were unable to download applications and developers were
unable to upload their applications.
The Home Depot Data Breach
Theft of information from payment cards, like credit cards is common
nowadays. In 2014, Home Depot’s Point of Sale Systems were compromised.
A released statement from Home Depot on the 8th of September 2014 claimed
breach of their systems.
The attacker gained access to third-party vendors login credentials and
accessed the POS networks. Zero-Day Vulnerability exploited in Windows
which created a loophole to enter the corporate network of Home Depot to
make a path from the third-party environment to Home Depot’s network.
After accessing the corporate network, Memory Scrapping Malware was
released then attacked the Point of Sale terminals. Memory Scraping
Malware is highly capable; it grabbed millions of payment cards information.
Home Depot has taken several remediation actions against the attack, using
EMV Chip-&-Pin payment cards. These Chip-& Pin payment cards has a
security chip embedded into it to ensure duplicity with magstripe.
Essential Terminology
Hack Value
The term Hack Value refers to a value that denotes attractiveness, interest or
something that is worthy. Value describes the targets’ level of attraction to
the hacker.
Zero-Day Attack
Zero-Day Attacks referrs to threats and vulnerabilities that can exploit the
victim before the developer identify or address and release any patch for that
vulnerability.
Vulnerability
The vulnerability refers to a weak point, loophole or a cause in any system or
network which can be helpful and utilized by the attackers to go through it.
Any vulnerability can be an entry point for them to reach the target.
Daisy Chaining
Daisy Chaining is a sequential process of several hacking or attacking
attempts to gain access to network or systems, one after another, using the
same information and the information obtained from the previous attempt.
Exploit
Exploit is a breach of security of a system through Vulnerabilities, Zero-Day
Attacks or any other hacking techniques.
Doxing
The term Doxing referrs to Publishing information or a set of information
associated with an individual. This information is collected publicly, mostly
from social media or other sources.
Payload
The payload referrs to the actual section of information or data in a frame as
opposed to automatically generated metadata. In information security,
Payload is a section or part of a malicious and exploited code that causes the
potentially harmful activity and actions such as exploit, opening backdoors,
and hijacking.
Bot
The bots are software that is used to control the target remotely and to
execute predefined tasks. It is capable to run automated scripts over the
internet. The bots are also known as for Internet Bot or Web Robot. These
Bots can be used for Social purposes such as Chatterbots, Commercial
purpose or intended Malicious Purpose such as Spambots, Viruses, and
Worms spreading, Botnets, DDoS attacks.
Elements of Information Security
Confidentiality
We want to make sure that our secret and sensitive data is secure.
Confidentiality means that only authorized persons can work with and see our
infrastructure’s digital resources. It also implies that unauthorized persons
should not have any access to the data. There are two types of data in general:
data in motion as it moves across the network and data at rest, when data is in
any media storage (such as servers, local hard drives, cloud). For data in
motion, we need to make sure data encryption before sending it over the
network. Another option we can use along with encryption is to use a
separate network for sensitive data. For data at rest, we can apply encryption
at storage media drive so that no one can read it in case of theft.
Integrity
We do not want our data to be accessible or manipulated by unauthorized
persons. Data integrity ensures that only authorized parties can modify data.
Availability
Availability applies to systems and data. If authorized persons cannot get the
data due to general network failure or denial-of-service(DOS) attack, then
that is the problem as long as the business is concerned. It may also result in
loss of revenues or recording some important results.
We can use the term “CIA” to remember these basic yet most important
security concepts
Comments
Post a Comment