The following paper will explain the approach to correcting the various malware. The three malicious attacks and threats that are identified from the previous investigation are called man in the middle (MITM), Denial of Service (DOS) and advanced persistent threats (APT). These three malicious attacks and threats not only expose the company to risk but can avoid the proper tools and training. An MITM is very dangerous to any company because data sent over a network, and the MITM threat can intercept this data.
This information is then sent to the receiving individual fter the MITM has reviewed or changed the data from the sender. In order to avoid the risk, you can receive help with decryption. Data in plain text is easily sniffed out or stolen; data sent over a network that encrypted is only readable by the sender and receiver if the proper decryption tools are present. Both parties will avoid the risk altogether with encryption. A strategy to use against a Denial of Service (DOS) attack would be risk acceptance.
Customers and company employees utilize the company’s website on a day to day basis, without a functioning website revenue will be lost. Because a DOS attack can ake a business’s website unserviceable, the company will have to take into account this factor while the site is accessible to the public. Risk avoidance and risk assignment cannot be utilized in this situation because the site has to be up and running for customers and employees alike. If a website is subjected to a DOS attack, measures such as shutting the site down for a brief period is the only remedial action taken.
An advanced persistent threat (APT), can sit dormant inside organizations servers or employees computers for extended periods Of time. This threat can avoid the risk mitigation and risk voidance. Training to all employees should be given to show how quickly APT’s can contract. Websites and links should avoid but should include the training. The use of preventative, detective, and corrective controls can be effectively applied to the organizations network to reduce the risk of malicious malware. APT’s can minimize with risk prevention.
Anti-virus software along with an intrusion detection system will run on organizational computers/servers. Viruses will help catch or eliminate threats from downloading an APT. DOS attacks can happen at any time to any site running on the Internet. With a mind; preventative, detective, and corrective controls are in place regarding this threat. If the organizations website is subjected to a DOS attack, after so many requests from users the web site will automatically shut down to reduce downtime and damage.
Detective and corrective controls such as locating the source of the requests from their IP address and blocking those IP addresses for future use. Wireshark will monitor network traffic to check for any bottlenecking or slowdown of web service afterward. MI TM attacks are preventative risks and can minimize the use of encryption. No data will communicate over the organizations network in an unsecure connection. Using the Hypertext Transfer Protocol Secure (HTTPS), it will be in use. Standard Hypertext Transfer Protocol (HTTP) will not apply because third parties can read the data transmit in plain text and.
Out of the three types of controls, preventative control seems to be the best. The reason say this is because they minimize the possibility of loss because they prevent the reoccurring event. They say that Corrective controls are next in line since they reduce the amount of impact that lost because of restoring the ystem back to the main point. However, the recovery process will lose some productivity because the restoration process leads the unavailability of applications and systems. The reason this happened is because the possibility of lost productivity and customers dissatisfaction.
The least useful control used more frequently is a detective control by identifying the events after they happened. The business might fail the event long after the opportunity to limit the amount of damages. The critical ones that are within the company is risk management, selection processes, and control dentification. The particulars of this organization are malware/unidentified risks can wreak havoc on the companys present and future goals/mission. Of the three, risk management would be categorized as priority. Risk Management, 201 4), “Risk management is the systematic process of understanding; evaluating and addressing risk. In order to maximize the chances that objectives are being achieved and making sure the organization, individuals, and communities sustained. Risk management also exploits the opportunities by bringing, and allowing organizations by being aware of new ossibilities. After risk management is correctly and thoroughly thought out, the control identification and selection processes will become much easier to accomplish.
In conclusion, (Eckel, 2009), ” Information Technology professionals must encourage their users to follow several security practices to minimize virus, spyware, and malware exposure. Many computer techs are too busy to spread the word, or they don’t have the time to build an appropriate memo or handout. Training will become mandatory if not already done so. Once vulnerabilities identified potential threats, malicious attacks ave been identified, and one can begin to take countermeasures to eliminate the number of vulnerabilities.
A computer system has made it harder for potential threats and malicious attacks to damage it. Countermeasures such as risk management plans, firewalls, computer monitoring programs, was given strict access control to computer networks and systems. LJser training can aid in the protection of the computer system after potentially being attacked with threats (Kim & Solomon, 2012). Risk reduction is a strategic plan to prioritize the risks identified in risk evaluation nd take steps selectively. It is impossible to know for certain what attacks will happen.