Table of Contents
Server Attacks
One of the common attacks on servers is Brute force coupled by weak authentication. In most cases, applications depend on authentication in verifying identity of the users, and as such, allowing the owners of the applications to restrict the accessibility to the authorized users and as such, customize the content based on the identity of the users (Middleton, 2017). However, like for LLP, it is common that the system has enforced only single-factor, pass-word based authentication. Therefore, the arrangement exposes the system to various threats, including guessing of passwords, stolen credentials, as well as the automatic brute force attacks from the password-cracking tools since most of the plug-ins on the systems have been downloaded from the internet. The attack is common because many users may have selected the same password for multiple accounts and as such, when compromised, it puts other users at risks.
The second attack on the serve is the Distributed Denial of Service or DDoS attack of which the attacker focuses on exploiting the domain system server vulnerability (Middleton, 2017). In this attack, small queries are turned into much larger payloads and as such, can be used in bringing down the entire of the victim’s servers. It explains why in the scenario, the individual customers would experience unavailable services, the website being down or unable to access the website. The attacker may uses various techniques for amplification and inflate the UDP packet sizes thereby making the attacks such large that it brings down even the most robust Internet infrastructure.
Application layer attack is another possibility, of which web server, or the application servers are being targeted from which the attackers flood them with enough traffic to knock of the serves (Middleton, 2017). In essence, the application for the LLP is targeted in such a fashion that they appear as real request from users.
Botnet attacks are equally part of the server attacks or threats, usually created using a virus, mostly Trojan horse and they are located within the IRC networks (Middleton, 2017). Such attacks can affect the server by launching IRC client, joining chat room and as such, spamming and creating DoS attacks.
Finally, a sniffer attack can affect the server, as software that track everything going them of which the attacker will be looking at unencrypted usernames and passwords (Middleton, 2017). The sniffer is installed on a computer which is connected to a local network, especially exposed on unsecure Wi-Fi. Particularly, the sniffer attacks operate by impersonating devices on the specific network, through spoofing attack of which the aim is on stealing sensitive information.
The Workstations or Company Data
Malware attack is a possibility on the LLP, which is much more attributed to the tech savvy employees within the company using back doors, gain entry into the computers, leave program on the system network for stealing information or performing or conducting damage (Middleton, 2017). Nonetheless, malware is regarded or considered as an umbrella term encompassing worms, viruses, ransomware, Trojan horses, scareware, adware, and spyware.
The next threat on the workstation or company data is from end user, of which the threat is performed by the individual disabling the security settings or even installing unauthorized software which expose the system to attacks or even making the company legible for violating licensing rights (Middleton, 2017). End user security threat is of profound concern because of the security technologies in the world which have the best mechanism for averting any threats of attacks cannot prevent or protect the company against its users. It can be through malicious intent, carelessness, or naivety which may expose the LLP to serious security threat or vulnerability.
Accordingly, there are the networks attacks of which the intruders gain accessibility into the network within the workstation via an open or insecure port within the system (Middleton, 2017). The end user can eavesdrop by following the entry paths and observing or reading the traffic patterns. From this, it is possible to sniff or snoop into the network system. Another possible attack is data modification, identify spoofing, and password-based attacks.
The network can equally be attacked through compromised-key by targeting a secret code or a number vital for interpreting the specifically secured information (Middleton, 2017). Despite the difficulty, it is always possible getting the key and upon obtaining the key, it is then regarded as “compromised key.” From this, the compromised key is applied in gaining access to secured communication which happens without receiver or sender having knowledge of the attack, used in modifying, decrypting, and computing additional keys for allowing the attacker the access to various secure communications.
Similarly, man-in-the middle attack is part of the security vulnerabilities to company data or workstation of which the person between the two people communication is actively monitoring and uses the opportunity to capture as well as control the communication in a transparent fashion (Middleton, 2017). An excellent example is the attacker re-routing data exchanges. Under this attack, the computers are communication within lower levels of the network layer of which it becomes difficult determining the channel and direction of exchanging the specific data.
Website Attacks
One of the most common website attacks is defacement, whereby the hackers change the display of the page with the messages, of which the page is deleted (Middleton, 2017). Although no financial loss occurs, aim of such attacks is to expose the security vulnerability of the website.
SQL attacks are also common, of which vulnerabilities are injected into the website, targeting major applications as well as web developers focusing on utilizing the gains of storing important information within the local database (Middleton, 2017). From this attack, a string is crafted by using unique Structured Query Language (SQL) commands, with the aim of forcing the database to give up requests. Most are entered through login forms, search boxes, even injected into the URL directly for negating the simple client-side security incentives on the specific page.
Website attack also comes from unpatched software, which target the browser add-ins including Adobe Reader as well as other programs that individuals apply in surfing through the web much easier (Middleton, 2017). It is most common with the companies because through audits, most of them barely have perfectly patched software.
Inclusion vulnerabilities are equally common with websites by making use of insecure coding of which the attackers identity a specific functionality within the web application and they use some of their mechanics in executing their codes (Middleton, 2017). It can be done through execute code within the system or an execute code off the system.
Finally, an attack can occur through cross-site scripting (XSS), an attack of which the front website functions as the launching point for the attack on users visiting the site (Middleton, 2017). However, it is common when the website developers are not properly testing the codes for the any possibility of allowing script injection into the website. From the attack, the scripts are executed without the original functionality of the website as it intended them to be.
Likelihood of Attacks
Data analysis as recent as 2016 have indicated that on average, there are 13, 000 attacks on a daily basis. In addition, 20 countries have been flagged as main culprits, with Ukraine currently accounting for 15% of the overall attacks (Maunder, 2016). DDoS is chosen for LLP because it ranks among the most rampant, because between 2015 and 2016, there was an increase by 137.5% in the attacks with 2016 recording 19 100Gps attacks in the first three months (Vaughan-Nichols, 2016). Application layer attacks have become serious, with 60% currently reported in comparison to 40% for network layer. By 2018, the ratio will be 50:50, representing 445 attacks every week with the numbers increasing on a yearly basis (Greene, 2016). For Botnet attacks, an excellent example was when 770, 000 computers from 190 countries were affected from the UK, Canada, USA, Turkey, and Russia among others, of which malware was distributed for sealing financial credentials (Chipurici, 2017).
Accordingly, website attacks have been on the rise with the latest report indicating that in the last quarter of 2017, the attacks had soured up to 69% in comparison to the same time in 2016, with 217% attacks sourcing from the United States, a 48% increment in the third quarter in comparison to 2016. Specific attention has been on SQL injection, at 62% for 217 in comparison to 19% since 2016 (Cilliers, 2017). XSS threats have equally been on the rise, with reports indicating that from 2012, around 50% of the website vulnerabilities are attributed to the attack (Podjarny, 2017). From current survey, LLP should understand that the XSS attacks have smaller impacts but practically, it can affect the website of the company especially many users, consuming users in a timely manner. A small company like LLP may suffer serious financial losses from the attacks and this explains why ransomware attack should be given much emphasis. For instance, current data indicates that global damages from the ransomware attacks will cost over $5billion in 2017 fifteen times increase since 2015 when the cost was $325 in 2015 (Morgan, 2017). All these attacks are necessary for consideration for LLP because 43% of the attacks have been targeting small businesses, with 64% experiencing web attacks, 59% from malicious code attacks and as such, reports indicate that 51% experienced DoS attacks (Cybint, 2017).
Counter Measures
Unpatched software security threat is addressed by doing perfect patching. Particularly, the best way to manage or counter the DoS attacks is by putting in place properly functioning and manages firewall for detecting and preventing the attacks, or having ISP backup (Middleton, 2017). For the LLP, Man-in-the Middle attack is countered by logging out from secure application once done executing tasks besides paying attention to the browser notifications providing alerts on vising unsecure websites, even desisting to enter any personal or very sensitive data on unsecure sites. Sound password management is the basis for managing brute force attack, for instance, using complex passwords which are updated, enabling two-step verification, and using different passwords for different accounts. SQL injection may be the most challenging to address but its management is through reviewing the source code, as well as deleting all the unnecessary and redundant procedures and database users (Middleton, 2017). For bots and malware, the best measure should be for the company to have strict policies of which files that the employees should be downloading or installing on the system. In addition, there is the necessity of ensuring regular malware or virus scans in helping with the detection of the attacks.
The network attacks can be addressed by enabling the Windows Firewall as well as minimizing specific exceptions allowing inbound connections through the workstation (Middleton, 2017). End user attacks are tricky to address but can be done through group policy by enforcing security settings as well as restrictions which will prevent the end users from overriding. In addition, measures can include locking down the ability that the users have in running OS commands, installing applications and accessing registry. Breach of confidential information can be addressed by encrypting the hard disk drive of the workstation and putting settings that ensures that the compute is locking the console automatically when unattended (Middleton, 2017).
- Chipurici, C. (2017). What is a botnet & how to prevent your PC from being enslaved.
- Cilliers, H. (2017, Dec). Report: Web application attacks continued to rise in 2017.
- Cybint, (2017, Sept). The scary truth about cyber security.
- Greene, T. (2016, August). Imperva: Application layer DDoS attacks are on the rise.
- Maunder, M. (2016, Dec). How to protect against brute force attack.
- Middleton, B. (2017). A history of cyber security attacks: 1980 to present. CRC Press.
- Morgan, S. (2017, Oct). Top 5 cybersecurity facts, figures, and statistics for 2017.
- Podjarny, G. (2017, June). XSS Attacks: The Next Wave.
- Vaughan-Nichols, S.J. (2016, June). DDoS attacks increase over 125 percent year over year.