Introduction
Computer security/IT security or cybersecurity refers to the process of protecting systems from any kind of damage or theft to software, hardware and data from misdirection or disruption of services which are being rendered by them. Information security has become an important aspect with the evolution of technology as it has increased number of threats which can arise on the data which is processed by them (Basta and CISSP, 2013). This is mandatory for each firm to maintain the overall health of their system to remain protected from malware and viruses so that programs can be executed in a smoother and quicker manner. To understand the concept of computer security, a utility company has been taken. They are liable for maintaining infrastructure for public services like water, natural gas, coal, telephone, sewage, transportation, broadband internet and many others. This report comprises security elements, issues related to computer security, frameworks related to that along social, legal and ethical considerations.
Overview
This report is based on a utility company's website which has been attacked by a botnet. It is a program which spreads online rapidly by injecting themselves within the website and waiting for users to click on the specified site. They have the ability to get installed within the system who have visited their website. This implies that both firms and users will get affected by this (botnet) and need to take some preventive measures to eliminate such kinds of activities or attacks.
Task 1
5 Elements of Computer Security That Can Act as Potential Risk
The protection of data along with computing systems which are stored and accessed is referred to as computer security. It implies a global demand for the protection of computer systems from any kind of malicious attacks that can be created on services rendered by a firm (Boyle and Panko, 2014). It is crucial for organisations to ensure that their systems are protected from any kind of illegal activities and for this it is necessary to identify critical elements which might be impacted. They are specified below with respect to utility organisation:
Confidentiality: The protection of information from unauthorised parties from being accessed is defined as confidentiality. Basically, it denotes that people who are authorised can have access to sensitive data. This is the concealment of resources or information which is required for keeping data secret. An instance can be taken into consideration, like civilian and military institutions restricting access to information (Carroll, 2014). Computer security was initiated by the attempt of the military to enforce the âneed to knowâ principle. This generalisation must be ensured by utility firms so that their proprietary designs can be secured so that their competitors can't steal their confidential information. Examples: phishing, keylogging, packet sniffing and many others. For this, access controls can be applied to ensure confidentiality. For this cryptography can be applied which makes it incomprehensible. An instance can be taken into consideration if sensitive data is encrypted then the intruder needs a key for deciphering this otherwise there will be no use of this data as it cannot be read.
Integrity: The technique that is being utilised to ensure that resources or data that are accessed in real-time are protected, correct and legitimate from unauthenticated user (hackers) alterations. Basically, it denotes the trustworthiness of resources or data. For instance, by hijacking a session the person might alter the details present on the website of the company (Conklin and et. al, 2015). Utility companies need to ensure that information which is published on their website is guarded, accurate and real. Therefore, appropriate steps must be taken by utility companies to ensure that data is not modified by unauthorised people. For this cryptographic checksums can be utilised.
Availability/Authorisation: It implies whether resources or data is available when this is requested or required by an individual. The information which has been requested by an individual possesses actual value only in cases when authenticated users have access to it at the specified time. This is being executed by making use of methods like software patching, network optimisation and hardware maintenance. An instance can be taken of this, Botnet (is part of availability), DoS, DDoS and other physical attacks on the infrastructure of the server. This attack has been made on the website of a utility organisation. To prevent this, statistical models can be utilised for analysing the anticipated patterns of usage.
Accountability/Authentication: The process that is being utilised for confirming as well as ensuring the identity of users is referred to as authorization or authentication. This occurs when individuals tend to gain access to specified information or data. In this context, passwords and usernames are being utilised (Fisch, White and Pooch, 2017). An instance can be taken to acknowledge this aspect like a spoofing attack, it is a condition in which an individual or program identifies them by falsifying data to gain an illegitimate edge. For this appropriate authentication methods can be utilised like the public key infrastructure (PKI) method for authentication in which digital certificates are being utilised for proving the identity of users. They can also opt for USB tokens or key cards.
Non-Repudation: The way for rendering assurance that the message being transmitted between two or more users through usage of encryption or digital signature is accurate as well as none can deny the authorization of digital signature present on any document is referred to as non-repudiation (Gupta, Agrawal and Yamaguchi, 2016). Attacks like phishing and man-in-the-middle attacks can compromise the integrity of data. For this, utility organisations can make use of digital signatures to have proof of sending as well as attaining messages.
Classical and Modern Cyphers
The algorithm that is utilised for carrying out encoding or decoding (a series of specified steps which can be utilised like a procedure) is defined as a cypher. Classical cypher refers to the transformation of digits or numbers. An instance can be taken to acknowledge this:
A text message is: H E L L O
Key used is: +1
The encrypted message is: I F M M P
So, the message which will be sent is IFMMP and the receiver can decrypt it by making use of key â-1â. The classical cyphers can be created by making use of substitution and transposition cyphers.
Modern cyphers are a cornerstone of communication and computer security that depends on concepts of mathematics like computational complexity, probability and number theory. In this, symmetric and asymmetric key encryption can be utilised (Shim, Qureshi and Siegel, 2013). Examples of this are AES, RSA, Diffie-Hellman, DES and many others are there.
Difference Between Classic and Modern Ciphers
Classical Cypher |
Modern Cypher |
This is liable for the manipulation of letters and digits directly (Manku and Vasanth, 2015). |
These carry their operations on the basis of binary bit sequences. |
It depends on security by obscurity. The technique is known to sender and receiver only. But still, there is a higher threat from intruders. |
It is dependent on publicly known mathematical algorithms for encoding the information. There exist little scope to get into the system due to higher computational difficulties related to an algorithm, the secret key is absent and many others. It is only possible in case a third person possesses knowledge about distinct algorithms. |
This needs a complete cryptosystem for carrying out communication confidentially. |
Modern cryptography needs parties who are interested in secured communication for possessing secret keys only (Peltier, 2016). |
Task 2
Illustrate an Understanding of Issues Related to Computer Security Through the Usage of the Threat Intelligence Concept
The measures which are being taken by organisations to ensure that computer systems are protected is referred to as preventive measures (Stallings and et. al, 2012). In the context of utility organisation, the steps which can be taken by them are specified beneath:
- Antivirus: It is liable for detecting as well as eliminating viruses from systems in order to secure them from malicious programs such as botnets, ransomware, spyware, keyloggers and rootkits.
- Antispyware: This is responsible for the detection and prevention of the installation of unwanted spyware programs. Utility firms can use them to find out if any program is present within their system that might be liable for affecting this (Peltier, 2013).
- Firewall: It enforces rules associated with data packets which assist in entering or leaving the networking. Utility organisations need to make sure that a firewall is implemented by so that traffic can be filtered and security risks can be minimised in the context of malicious packets.
Identification of potential vulnerabilities: Distinct tools are present which can be used by individuals or groups to identify the present state of the system within the network. They are responsible for verifying open ports and unpatched software. ShadowScan can be utilised by utility firms for the detection of vulnerabilities within their systems as well as websites (Pfleeger and Pfleeger, 2012).
Spotting possible threats: The process related to the determination of risks that are present on the system, network or application is called threat detection. Utility firms can make use of distinct tools to make sure that the system is not exploited. This can be done by making use of different ways. They are mentioned beneath:
- Security information management (SIEMs): This is a platform which is responsible for connecting associated threats and attacks. This renders a holistic view of the entire threat or attack. In addition to this, it is liable for integrating distinct technologies associated with threat detection.
- Cloud access & security brokers technology: Utility Companies can determine the unauthenticated access to applications of the cloud or their storage through the utilisation of this technology (Pieprzyk, Hardjono and Seberry, 2013). It is responsible for providing a pattern in which services are accessed by individuals.
- Network firewalls: They denote appliances which can be either physical or virtual and can be used for tracking traffic with respect to malicious activities that are being carried out on the cloud, system or website of the firm. It acts as a suitable method that can be used for detecting and blocking threats. This can be used by utility organisations to ensure that their network is protected.
Detection of compromised systems: It is important for firm to find out whether their systems are exploited or not so that appropriate steps can be taken by them. They have to answer certain questions related to their network, they are mentioned beneath:
- Does network traffic behave in per standardised manner or do some unwanted users have access to this?
- From which IP traffic comes and where it is going along with this whether the URL is known or not?
- Does there exist any abdicable protocol which utilises network ports? Along with this, activities in DNS have to be monitored (Shim, Qureshi and Siegel, 2013).
- Is Utility organisation able to determine security threats which exist at lower levels of their system?
Manipulation of incidents against cyber threats: It denotes the incident response that is an organised method and can be used for dealing with incidents, cyber threats and security breaches. This is a well-formulated plan which can be utilised by Utility organisations for identification, reduction of damage and minimisation of costs that is related to cyber attacks (Stallings and et. al, 2012). This can be done by the technical team of the Utility organisation in different ways; plans must be developed in advance for handling the incidents and preventing them so that the firm can render their services as per desired standards. Along with this, potential attacks must be identified in terms of if any kind of signs are identified and they must be prioritized.
Threat intelligence concept: The knowledge which assists individuals or firms in preventing or mitigating cyber attacks is defined as threat intelligence. This will assist in the formulation of informed decisions related to security by responding to questions such as who is making an attack, what is the motive behind this and many more (Tan, 2016). This illustrates evidence-based knowledge that can be utilised by utility firms.
Task 3
Appraise Cyber Security Frameworks for the Protection of Different Actors
The technologies, practices and processes which are used for securing programs, data, networks and devices from unauthenticated damage or access is defined as cyber security. The conceptual or real structure that is liable for serving as a support or guiding for the formulation of something which is liable for expanding within something important. To make sure that systems are not vulnerable to attacks, Utility firms can make use of diverse frameworks according to specified needs (Vacca, 2012). A framework of cyber security has been mentioned beneath that can be utilised by Utility organisations:
SABSA (Sherwood Applied Business Security Architecture) Framework: The methodology that is being utilised for the development of business-driven, opportunity and risk-emphasised security architectures at both enterprises as well as solutions levels which is liable for supporting objectives of the business is denoted by SABSA. This is utilised widely for risk management framework, assurance architecture and seamless integration of security. There will be affirmative impact on Utility organisations through the utilisation of this framework as this renders them with business-driven, comprehensive, modular, open-source and transparent features which will lead to two-way traceability and scalable scope (Basta and CISSP, 2013). This can be utilised by Utility organisations for having an enterprise security architecture, individual solution architecture, seamless security alignment & integration with other frameworks like NIST, COBIT, ITIL and many others. This framework will aid in the formulation of strategies as well as carry out planning, design, implementation, management along measurement. It will ensure that the needs of the organisation are addressed entirely as well as security services are being planned, delivered as well and supported like a crucial part of information technology management and infrastructure.
Payment Card Industry Data Security Standard (PCI-DSS): This framework is liable for rendering support for protecting payment card data. This comprises tools, support, measurements and specifications of resources which will assist the firm for ensuring maintaining information of cardholders. Utility organisations can use this to have actionable support for the development of robust payment card data security (Boyle and Panko, 2014). This will allow both organisation and their customers to make online payments for services they have opted for. Through PCI-DSS, there will be improvisation within security aspects which will lead to a decline in security breaches, improvisation within the relationship of customer, and enhancement of profit and it will also lead them to sustain their business. This will be liable for illustrating security assessment and needs procedures which will assist in making sure that payment application developers will be able to secure confidentiality as well as integrity of transactions which are made (Tan, 2016). The other aspect associated with this is that it aims to guide development teams within ways through which application security can be maintained.
NIST Cyber security framework: The US National Institute of Standards & Technology is liable for securing critical infrastructure like power plants, dams, etc. from distinct times of cyber attacks. For having better security standards, Utility Organisations can opt for this. It is responsible for processing activities that are required for the attainment of different results in the context of cyber security (Carroll, 2014). Through its utilisation, the firm will be able to detect, protect, respond as well as recover from certain security threats. There are certain categories on the basis of which unlike tasks can be conducted. Antivirus programs must be installed which acts as an initial step in the protection of the system. Furthermore, there are some subcategories which assist with the implementation of updates of software and for this, each system must have turned on the option of auto-update. Informative sources imply documents or manuals which will furnish details related to specified tasks for individuals in the context of ways in which activities are conducted (Conklin and et. al, 2015). For instance manual can be used for having details related to ways in which auto-update can be carried out. It will provide Utility Organisations with a method to authenticate, identify, self-assess and manage of supply chain along with disclosure of exposure. But the execution is not easy as an answer with in the context of how much improvements have been made cannot be attained.
COBIT framework: A Control objective for information and related technology is formulated for management as well as IT governance. It can be utilised by Utility organisations as a supportive tool which will allow them to bridge the gap among business risks, control requirements and technical issues. It is liable for ensuring that control, reliability and quality of information systems can be attained. This framework is liable for the formulation of plans, their organisation, delivery, support, acquisition, execution, tracking as well and evaluation of systems for attaining the desired level of security (Fisch, White and Pooch, 2017). The major components of this include framework, description of process, control objectives, maturity models and management guidelines. This will lead Utility organisations to maintain their security levels and ensure that their systems are secured from any kind of threats.
ISO framework: This acts as an international document standard for ensuring cyber security within the system of the firm. It is dependent on the hypothesis that the organisation is making use of ISMS (Information Security Management System). This will allow Utility Organisation to consistently manage information security risks along with threats and vulnerabilities. Apart from this, it will assist organisations in designing and executing of information security controls that is comprehensive and coherent. The purpose of the ISO framework is to aid in the mitigation of risks that are determined. The PDCA (Plan do check and act) cycle can be utilised in this context in which plans can be formulated in the context of processes, policies and procedures for carrying out risk management (Gupta, Agrawal and Yamaguchi, 2016). After the development of the plan, implementation can be carried out with respect execution of InfoSec strategies and many other aspects. Furthermore, activities can be monitored and reviewed through which performance can be measured in context of policies and objectives. Depending upon all this, Utility organisations can update and enhance the overall information security management system. Through this, corrective as well as preventive measures can be utilised for carrying out internal audits (Manku and Vasanth, 2015). By its utilisation Utility organisations can render an enhanced benefit which involves skill enrichment, interoperability, technical agreements, and protection of businesses along with furnishing satisfaction to their customers.
Task 5
Explicate the Code of Conduct Needed by It Professionals in the Context of Ethical, Social as Well as Legal Considerations
The principles or goodness with respect to what is morally right and wrong is referred to as ethical consideration. A social aspect denotes the factors that are apprehensive with the interests of society, communities, groups and individuals involved within interventions in the economic framework. Legal consideration implies the exchange of valuable data or different assets by binding legally into certain contracts (Peltier, 2016). All these are associated with conflicts, situations and trends which prevail within the marketplace with respect to specified technology. An instance can be taken into consideration with respect to Utility Companies, when an individual fills up their detail within the form it must be kept confidential and must not be shared with anyone. In case it is important to be shared then written consent can be taken from the respective individual. This will be an ethical as well as legal way through which individuals can carry out their services. In case, if the consent is not taken then it is illegal. With respect to Utility Companies certain aspects must be taken into consideration, they are specified below:
- Privacy: The data of Utility firms is present on the internet which enables users to understand what is being delivered to them by the respective firm. Along with this, each user enters their details and that is also present on the network. It can be either on the network or servers of the organisation or might be on the cloud. Things may seem secure but there is the possibility that unauthenticated users have access to emails or private accounts (Peltier, 2013). For this, employers monitor the activities that are being carried out by employees so that if any unlawful activity is carried out then, it can be identified. There are certain legal, social and ethical implications with respect to this. No one like someone is monitoring them there are certain privacy concerns associated with this.
- Digital ownership: It allows data to move freely like sending emails it just involves the transmission of messages. This comes with certain ethical, social and legal backlash. In this context, questions like how the digital realm can be built up by the owner as things can be easily copied as well as pasted (Pfleeger and Pfleeger, 2012). This implies that it is critical to control intellectual property rights. In the digital era, it becomes difficult to keep up with legal notions like patents, copyrights etc.
- Data gathering: Each individual is aware that their data is monitored when they are on the network. This can be understood by taking an instance like in US legislation has been passed for monitoring activities of privacy individuals for the concern of security. This seems legally right but socially and ethically each individual has their own freedoms. This led to debates like what information must be collected from individuals and the way it is required. It creates a question with respect to the consent of employees of Utility Companies like do they (the workforce) know that they are being monitored (Pieprzyk, Hardjono and Seberry, 2013). Along with this, they know for what purpose their information is being utilised. Do they possess the right to know this? There are certain questions which need to be addressed by Utility Companies so that their employees do not think that illegal practices are being carried out within their working environment.
- Security liabilities: Digital security is not easy to attain as technology is evolving so the hackers are also getting proficient and are able to make use of vulnerabilities which exist within the system. Security systems for digital networks are digitalised to protect important assets as well as vital information. But this enhanced security can be attained through high-level or intensified surveillance. All systems possess certain kinds of risks, which leads to confusion with respect to what risks are acceptable, what impact, can they create along what freedom will be forfeited. This implies that Utility Organisations need to make sure they have an effective system that is ethically maintained.
- Access costs: Due to the legislative issues net neutrality has become the trendy issue which leads to a question associated with access. Proponents want the internet must remain open but some need that there have to be tiered access so that activities carried out by them are not monitored (Shim, Qureshi and Siegel, 2013). There comes an ethical question of whether digital exchange is a universal right or not. The cost associated with access can impede the growth of business and the expression of individuals.
Conclusion
From above it has been found that it is important for firms as well as individuals to make sure that their systems are secured from any kind of threats which might occur. For this, it is crucial to make use of appropriate methods or techniques which will lead them to do this. Computer security implies the process associated with protecting systems, data, software and hardware from any kind of outside impact or intruders. For this, they might make use of physical or virtual methods which may enable them to enter into the system of probable individuals. The firm needs to make sure that enhanced predictive measures can be used to protect the system from attacks. Along with this, threat intelligence can be utilised as it will provide a way to identify attacks which might occur. Furthermore, different frameworks are available which provide the entire process from planning to such attacks are resolved. IT professionals also need to take into account aspects associated with ethics, social and legal.