Print Email Download Reference This Send to Kindle Reddit This
submit to reddit

Types Of Possible Threats and attacks on computer systems

2. TYPES OF POSSIBLE THREATS/ ATTACKS

2.1 Data loss due to human error/failure

Data loss can occur on any device that stores data. Even a simple misplacement of data is considered as a data loss. Permanent loss of data is a major threat to the organisation. Studies have consistently shown different failures and human errors to be two most common sources of data loss, accounting for roughly 3/4 of all such incidents.

Various Human Errors are:

Failures

Data corruption: This includes a file system corruption or database corruption.

2.2 Trespassing of information

Trespassing is defined as the act of knowingly entering another person's property without permission. Such action is considered to be an infringement of rights. In a pharmaceutical company, important information about drugs is stored in the database. Any trespassing will lead to the company losing its rightful ownership of its research details.

2.3 Malicious code

Malicious code refers to a broad category of software threats to the network and systems. Perhaps the most sophisticated types of threats to computer systems are presented by malicious codes that exploit vulnerabilities in computer systems. Any code that modifies or destroys data, allows unauthorized access and leads to destruction of data without the knowledge of the user is called a malicious code.

A malicious code can take the form of:

Once a malicious code enters the network, it propagates itself and causes wide spread damage to the data stored.

2.4 Worms

Worms are programs that reproduce themselves and run independently on systems and travel across network connections. The vital difference between a virus and a worm is that a virus is dependent on a host file to propagate itself. The worm on the other hand is independent of files and spreads on its own across networks. An example of a worm is the internet worm of 1988. There are different types of worms that can attack a system. They are:

2.5 Trojan horses

Trojan Horse is a program that masquerades itself as a benign application. They do not replicate themselves like the virus. The types of Trojan horse that can damage the system are:

2.6 Back door

Back door is a technique that is used as a means to access a computer program by by-passing the security mechanisms. It is legal for a programmer to sometimes install a back door so that the program can be accessed for troubleshooting purposes. However, attackers often use back doors so that they detect or install themselves, as part of an intended attack.

An example of a non-interactive backdoor would be an unauthorized SMTP server, say to facilitate relaying email spam; and one somewhat in between would be an FTP backdoor used to provide access to illicit content such as pirated software.

2.7 Password cracking

Password cracking is described as the penetration of a network, system, or resource with or without the use of authorized tools to unlock a resource that has been secured with a password.

Password cracking doesn't always involve sophisticated tools. It can be as simple as finding a sticky note with the password written on it stuck right to the monitor or hidden under a keyboard. Also the attacker can involve in "dumpster diving," and go through the garbage to find discarded documentation that may contain passwords.

Some of the common techniques used in password cracking are:

Dictionary Attack

A simple dictionary attack is by far the fastest way to break into a machine. The attackers run through a dictionary to find a possible password.

Hybrid Attack

Another well-known form of attack is the hybrid attack. A hybrid attack will add numbers or symbols to the filename to successfully crack a password. E.g.: first month password is "cat"; second month password is "cat1"; third month password is "cat2"; and so on.

Brute Force Attack

A brute force attack is the most comprehensive form of attack, though it may often take a long time to work depending on the complexity of the password. The attacker tries all possible forms of passwords and tries cracking it.

2.8 Social engineering

Social engineering is described as a non-technical kind of intrusion that relies heavily on human interaction and often involves tricking other people to break normal security procedures. An example would be to contact an employee with some urgent problem and with that they tap important data. This technique exploits the weakness of people who are not tech savvy and those who are careless.

2.9 Sniffing

A sniffer is a program that monitors and analyzes network traffic, detecting bottlenecks and problems. Using this information, a network manager can keep traffic flowing efficiently.

A sniffer can also be used legitimately or illegitimately to capture data being transmitted on a network. In a network, a router with a sniffer , will be able to read the data in the packet as well as the source and destination addresses.

2.10 Physical attacks

Physical attacks are attacks that involve penetrating the physical security protecting information systems. In a facility with low physical security or public access, it can be as simple as walking into a building and sitting down on a computer system and gaining access to the system.

The possible physical attacks are:

3.INFORMATION CLASSIFICATION:

Level

Information type

Details

Public

Staff details

Basic and general bio-data of staff employed

Chemical & drug details

Patents obtained for drugs

Chemical composition to be printed on the tablets

Accounts

Investments made- accounts to share holders

General

Public domain

Standards used

Certifications obtained

Government registrations

Awards

Private

Staff details

Rank of staff

Accounts

Accounts related to distributors and pharmacies

Sales

Pharmacies being supplied

Private

Sales

Sales target

Sales figures

Restricted

Staff details

Salary of the staff

Chemical & drug details

Inventory of drugs

Accounts

Salary details of staff

Confidential

Staff details

Project staff are employed in

Accounts

Investment in drugs

Top Secret

Chemical & drug details

Drugs being researched

Chemical proportions

4. COUNTER MEASURES

Information is an asset for every organisation. Every component in an organisation requires protection. Information requires high level of protection. This organisation has a large database of information that includes chemicals and a lot of information on R&D. With the organisation already facing a hurdle with outsourcing of information a lot of steps need to be taken to protect the information.

4.1 Training on Information Security

The right kind of training needs to be imparted to the employees to make them realise the kind of information they possess and the possible threats that are there to harm their information. The organisation should not just follow a one-time training but should continuously train the employees with the latest updates. The employees need to be aware of their duties as a holder of information. Training on information security should be provided to the whole management- right from the top management to the bottom most level in the hierarchy.

4.2 Physical Security Measures

Any premise requires utmost security to protect all the components in the organisation. Information security just involves the network security. The right kind of physical security measures should be in place to avoid any breach of confidential information. It also helps protect against trespassing and physical attacks. The level of access to each employee should be scrutinised and only the rightful employee can access whatever he/she is allowed to access. Proper control measures need to be put in place.

4.3 Network Securities

From the case we come to understand that the network was least protected. This allows the network to be an open field to attack. Proper control measures like firewalls, content filtering have to be used to protect the network from any kind of unwanted attack.

5. FUTURE RECOMMENDATIONS

This pharmaceutical company needs a complete revamp of its security measures and processes. These recommendations need to be dutifully carried out to protect the company in the long run.

Training & Education - This is the primary step to protect the company from any threat. The employees need to be aware of what is being carried out in the company. Every employee should be regularly updated about the procedures carried out to reinforce security.

Risk Identification & Risk Assessment - A comprehensive procedure of risk identification should be carried out. by identifying the risks, the organisation can pin point their possible vulnerabilities and loop holes in the organisation and there by rectify them. After identifying the risks, an assessment should be carried out to plug the risk.

Software Development Cycle/ SecSDLC - This process should be rigorously dutifully carried out. A proper implementation of this procedure will result in minimal risk.

Security Control - A fool proof security control mechanism should be put in place. This will almost eradicate the threats the organisation may face.

Documentation - A key to protecting data is to document all data and maintain proper logs.

Print Email Download Reference This Send to Kindle Reddit This

Share This Essay

To share this essay on Reddit, Facebook, Twitter, or Google+ just click on the buttons below:

Request Removal

If you are the original writer of this essay and no longer wish to have the essay published on the UK Essays website then please click on the link below to request removal:

Request the removal of this essay.


More from UK Essays

Doing your resits? We can help!