Recommended
Recommended
More Related Content
Similar to Riordan Network VulnerabilitiesVulnerabilityThreatProbabil.docx
Similar to Riordan Network VulnerabilitiesVulnerabilityThreatProbabil.docx (20)
More from joellemurphey
More from joellemurphey (20)
Recently uploaded
Recently uploaded (20)
Riordan Network VulnerabilitiesVulnerabilityThreatProbabil.docx
- 1. Riordan Network Vulnerabilities Vulnerability Threat Probability Impact Suggested Mitigation Steps 1 USB DRIVE The most common way to infect a network from inside a firewall Implement and enforce policies regarding use of such devices. 2 LAPTOP Can tap directly into the network and infect with malware allowing others access Implement and enforce policies regarding portable devices. 3 BLUETOOTH Identity detection, DOS, involuntary control and access of data Implement and enforce policies regarding use of such devices. 4 WI-FI Clear text data can be captured Implement and enforce policies regarding use of such devices.
- 2. 5 FIREWALL Protects content on desktops and in turn keeps entire network safe Install and configure firewalls 6 NETWORK PROTOCOLS Flawed unpatched protocols can cause remote sabotage and DOS Disable unused protocols and monitor ones being used. 7 SMARTPHONES Potentially pose the same threats as notebooks and thumb drives Implement and enforce policies regarding use of such devices. 8 OPTICAL MEDIA Being able to steal and leaking confidential data Implement and enforce policies regarding access and use of recordable media. 9 ROUTERS Exposed ports, Network access Install and configure routers based on industry standards 10 NETWORK CABLES Reduce the danger of electronic interference or loss of network
- 3. connectivity Install cable in areas to minimize interference. Label cables. 11 PRINTERS While the print task is in the queue, the data is unencrypted and vulnerable to theft Update printer firmware and keep an update inventory of all printers and drivers 12 FAX MACHINES Unsecure faxing will put you at risk for confidential and identity theft Implement and enforce policies regarding information distribution 13 SAN STORAGE Network availability Limit access to data storage based on classification and need to know. 14 EMPLOYEES Individuals having access to restricted area of the network Maintain a strict access control policy for restricted areas. 15 SERVERS Open to brute force attacks, botnets, cross-site scripting and
- 4. DOS Harden servers against cyber attacks using industry standard or better. 16 WORKSTATIONS Can be used by attackers as "slave" machines in coordinated attacks. Harden workstations against cyber attacks using industry standard or better. 17 VIDEO CONFRENCING Machines set to auto answer will allow the attacker to essentially gain a front-row seat inside corporate meetings Should be hardened disable auto answer to prevent eaves dropping. 18 THEFT Attacker steals privilege information to gain access Access control and password policy 19 IMPERSONATION Attacker poses as a service provider or custodial crew to physically gain access Security awareness training and policy 20 LAPTOPS/TABLETS
- 5. Portable and easy to hide and attach to network. Implement and enforce portable device policy 21 USB DEVICES MP3 Players, etc Implement strict policies regarding USB devices. 22 FIRE ALARM Fire retardant system does not work when needed Test fire alarm system periodically 23 ELECTRICAL POWER No backup power in case of public power outage Backup generators and UPS for critical systems 24 AIR CONDITION SYSTEM Cooling system fail causing equipment to overheat and fail Service and maintain heating and cooling system. 25 POOR MAINTENANCE Do not know when unauthorized equipment is attached to the network Inventory and label all equipment and document change management
- 6. Logical Network Vulnerabilities 1 DATABASE SQL Injection, DOS Attacks, Database Exposure and Privilege elevation 2 VPN Confidential information can be inadvertently downloaded. Unobstructed route for Malware. 3 MAN-IN-THE-MIDDLE Attacker monitors and steals Information in real time Use cryptography and Hashed Message Authentication Codes 4 PRIVILEGE ESCALATION Individual gains access to network higher functions due to misconfiguration Check Roles, Use strong ACLs; and use standard encryption 5 PHISHING Used by an attacker to collect sensitive information to gain access Segment network and encrypt data
- 7. 6 FOOTPRINTING Attacker use default username and weak or blank password to gain access to the network Strong password, do not use blank password or weak 7 HIJACKING Attacker can take over your internet browser downloading additional malware Use session and communication encryption. Apply patch to fix vulnerabilities 8 SOCIAL ENGINEERING Attackers will trick users into revealing their passwords Security awareness training. 9 PASSWORDS Easy guessable passwords, hackers gain initial access to a system. Enforce strong password; lock out and audit trails 10 DIGITIAL CERTIFICATE Attackers hack into certificate authorities and issue false certificates for legitimate websites Revoke PKI and maintain list of revoked keys to id false certificates.
- 8. 11 OPERATING SYSTEM If not patched regularly the network is open to security vulnerabilities Harden OS 12 TCP/IP Vulnerable to a variety of attacks ranging from password sniffing to denial of service Disable unnecessary protocols 13 EMAIL Spyware, Virus, Phishing, and spam Conduct cyber security awareness to educate end user of email threats. 14 WEB BROWSERS Attacker can take over your browser making you vulnerable if the browser plug-ins are not fully patched Configure secure web permissions; Use .Net Framework access control 15 INSTANT MESSAGING Vulnerable to firewall tunneling, identity theft, data security leaks, and authentication spoofing Strong password, do not cache password,
- 9. 16 SECURITY MISCONFIG Attackers can access networks virtually without attracting attention Configure based on industry standard. Avoid custom configuration 17 WEB APPLICATIONS DOS, Elevation of privilege, Information disclosure, and impersonation Input validation Use HTMLEncode and URLEncode functions to encode any output 18 MALWARE Can infect networked resources and possibly bring down the network Update definition files and patches. 19 SOFTWARE DEFECT Allows data to be viewed by unauthorized people Apply updates and patch vulnerabilities. Or uninstall and replace. 20 SPOOFING An attacker pretends to be an entity to take over communication between systems
- 10. Strong authentication. Do not store secrets Do not pass credentials in plaintext over the wire. Protect authentication cookies with SSL. 21 DOS ATTACK An attack on a network that causes a loss of service to users Resource and bandwidth throttling techniques. Validate and filter input. 22 SNIFFER ATTACK Can read, monitor, and capture network data exchanges Segment network. Encrypt data. 23 BUFFER OVERFLOW Exploits poorly written software to allow attackers to take over the target system Validate input Inspect API managed code. Use the /GS flag to compile code 24 REMOTE ACCESS Without the appropriate security measures (SSL VPN), all communications are being transmitted in clear text Configure remote access with the necessary security parameters
- 11. to ensure secure communication. 25 NO ANTIVIRUS Not Protected against virus and other malware attacks Install, configure and update antivirus software. 3 Created a table of 50 vulnerabilities and threat pairs relevant to the organization 0.00 0.70 0.85 1.00 0.85 Comment: Trying to find 50 vulnerabilities is not an easy task. Not every item is a vulnerability. Some are attacks, some are threats, and some are vulnerabilities.