country
$20 Bonus + 25% OFF
Securing Higher Grades Costing Your Pocket? Book Your Assignment at The Lowest Price Now!

Computer Security And Other Issues: Attack Experiences

tag 0 Download8 Pages 1,937 Words tag Add in library Click this icon and make it bookmark in your library to refer it later. GOT IT

Question:

Discuss about the Computer Security and other Issues for Attack Experiences.

 

Answer:

Attack Experiences

A friend described to me an instance when the bank he was working for was hit by a cyber attack two years ago. The criminals posed as clients, who wanted to open a bank account. They persuaded the accounts opening officer to plug in a disk drive in to his computer so that he could download the clients documents and images. The flash disk was infected with a virus which quickly spread to the other computers in the organization, attempting to hijack core banking credentials and other information. The attack did not inflict any type of damage since the IT department was fast in arresting its spread. At the same time, the bank was hesitant to divulge any details because they feared it would affect the trust customers had in them.

The attack was mainly successful because the customer service agent was not following the company policy regarding the use of disk drives, regardless of whether they were personal or from third parties. The company could have blocked disk drive access from the computers to further ensure that people who failed to follow policy did not hurt the company’s interests. The computers which were affected by the attack were quarantined and taken off the network, as IT auditors ascertained the extent of the spread. Thereafter, an antivirus capable of neutralizing the threat was procured and applied on the infected computers, as well as the network. The security system used by the company was also reviewed. Had the employee in question and other received thorough training on the danger that such devices posed, it is likely that the attack could have been prevented. The attack could also have been prevented through the use of software that blocks disk drive access to the computer, requiring the customers to bring their documents in hard copy or have photos taken at the bank.

Ransomware Attacks

The Wannacry, Petya and NotPetya ransomware attacks have recently hit the global computer networks, affecting systems from Ukraine to the United States and Australia. The attacks were able to get into the computer systems of government bodies and companies, lock them and demand payment to reopen them or decrypt data they held. The payment demand was in terms of bitcoins, to reduce the chances of being tracked down. The ransomware was highly successful, at least in terms of how fast and wide they spread. It was aided in this by the fact that it was highly sophisticated, the tools used to make it being stolen from the NSA. They used the vulnerabilities found in Microsoft Windows to bypass security systems, and used emails as one of the tools of spreading, making its pace fast and not easily detectable.

According to information released by Kaspersky after the third attack, NotPetya, all companies were advised to update their security systems and operating systems. This was based on the belief that vulnerabilities which had since been fixed (before the attack) were used to hijack computers. Users were also warned not to open any emails they found suspicious while reviewing their security setup frequently. The perpetrators of the attacks demanded a payment in bitcoins be sent to them o that they could then give the victim a code to decrypt the files in their computers. Kaspersky and other computer systems security companies soon issued decryption tools to get rid of the ransomware. The decryption tool would roll back the effects of the ransomware, though this is an extensive process owing to the complex nature of the attack itself.

 

Zero-Day Attacks

The ransom ware described above – Wannacry, Petya and others can also qualify as being zero-day attacks. The attacks were able to find vulnerabilities in Windows operating systems, which had not been patched before. The vulnerabilities were discovered by research going into years, and initially performed by the NSA. The NSA later lost these tools and information on the vulnerabilities, which were then used to fashion highly complex hacking tools in the form of the afore-mentioned ransomware. Other software has also come under attack. For instance, adobe flash player was the victim of attacks which had discovered a weakness in its code, which was then exploited before a patch could be developed by the company. The malware was discovered by actions of hackers who must have spent a considerable amount of time examining the code looking for possible loopholes to exploit.

In early 2017, FireEye discovered an attack used to attack computer systems using vulnerabilities in Microsoft office. This attack was addressed in conjunction with Microsoft to coordinate a response. In 2015, FireEye also discovered an attack directed at Windows to steal credentials, the malware would hijack the system and encrypt data with a financial objective.  To defend against zero-day attacks, computer services companies such as Adobe and Microsoft frequently release patches so as to address any vulnerability. Upon release, it is the duty of the user or company to ensure the patches have been run. Organizations can also do frequent checks on their computer systems with the aim of discovering any vulnerabilities, or attacks being perpetrated with the use of these vulnerabilities.

Antivirus comparison

 

 

Antivirus Provider

Features

 

Mcfee

Mcfee (free)

Norton

bit defender

Firewall

Yes

Yes

Yes

Yes

antispam

Yes

Yes

Yes

Yes

parental control

NO

Yes

Yes

Yes

Backup

NO

NO

Yes

no

Currently, I use a free antivirus, AVG< it has a few features which I admire, and work for me. The antivirus I use is light on the computer. It does not affect the normal operations of the computer, though it extends the switch off time and reboots too. It has capabilities to protect against many forms of malware, including phishing and other malicious attacks, while also having an easy-to-reach support center. It does not have a parental control or backup mechanism, which I think is a disadvantage. I have to run back-up manually, as opposed to Norton which enables this remotely.

I would recommend Norton to users. It costs around 50 dollars for an annual subscription. It has several features which I think are great to have on a computer, while the price is not prohibitive. The free Mcfee also comes with several features, all for free. It is important to note that free antivirus has several limitations, especially when it comes to online protection. Again, Norton is best equipped to handle such threats.

Blowfish

Blowfish has held the reputation as one p0of the few whose code has never been cracked, since it was first launched in 1993. Blowfish has several strengths apart from this. Blowfish is designed to use a 448-bit key. The key can be cracked. However, it would take an impractical amount of resources, including time and equipment to break it. According to some estimates, millions of years would pass before the code is cracked. The only other avenue is trying lucky numbers, which is not an effective method of trying to break the code.

By comparison, most browsers use keys which are either 40-bit or 128 bit. While the 128-bit key is considerably strong and hard to break, the 40bit key can be cracked through the use of a personal computer, and within hours. While other block ciphers are patented and sold, Blowfish is free, meaning that it is easier to access and use. This has helped enhance its spread among users around the world.

Blowfish has its weaknesses. It is an old code, having been designed in the pre-2000 era. It was not made for some of the modern threats that computer advances have brought about. The creator of the tool has since been able to create a replacement, Twofish. The cipher is more difficult to crack, especially in instances where previous versions of Blowfish, such as the 40 and 64-bit version were susceptible to attack. The cipher is used currently to secure browsers among other security applications. 

Key Management Life Cycle

Key Management Life Cycle diagram

Destruction

Archival

Expiration

Rotation

Monitoring

Deployment

Backup

CREATION

The Key Management Life Cycle includes the steps outlined in the diagram and better annotated below. A key should be valid depending on its length. The longer it is, the longer the lifespan. Both the organization and the user have a shared responsibility to secure the keys.

Creation - A key is generated by the key manager or a trusted third party. The attributes of the key are then stored in a special database, which is also encrypted. A key’s activation happens automatically or manually, or it can be timed to activate at a point in time.

Backup – This involves storing a copy of the key in case of future loss or other instances. The process also includes encryption and storage.

Deployment – Deployment refers to the time when the key is being applied to secure the device in question. Prior to deployment, the key is additionally tested to ensure operations are compatible with other system properties, and avoid data loss or theft.

Monitoring – Monitoring the key is necessary to assess its success for the role it is supposed to perform.

Rotation – During rotation, the key encrypts all the data it should, this process is intensive and very important.

Expiration – Key rotation completion may signal the start of the end for use of the key. This also depends on the life cycle of encrypted information. Highly sensitive data also force keys to be in operation for a shorter time.

Archival – Archival of the key happens after it has been expired. This is done to for record keeping and for future instances when the encrypted information may be needed

Removal form service – the life of a key ends when it is destroyed, deleted or terminated. 

Network Firewall Comparison

 

Fortinet

Cisco

FireEye

Rule-based or application-aware

Application-aware

Application-aware

Application-aware

stateless or stateful filtering

stateless

stateless

stateful

Content filtering

yes

yes

no

IDS/IPS

IPS

IDS

IDS

Costs

1195

1500

9600

In view of the information outlined below, Cisco may be the best buy. It has a recognized name in the market and offers competent support. While FireEye also does the same, its price range is too high; though it could also be attributed to the value it brings the user, in terms of enhanced security, ease of use and ability to understand t more swiftly than the other two options.

Case Project 8-5: Cloud Computing Benefits

Cloud computing benefits

Cloud computing is becoming more common in organizations. It allows for efficiency, while saving costs, especially since organizations no longer need to have physical servers to store and process information
Vendors features and costs

Vendor

IaaS

PaaS

SaaS

Storage

Amazon

EC2 (Elastic Cloud Compute)

Amazon Web Services*

Amazon Web Services*

S3 (Simple Storage Service)

Google

n/a

Google App Engine (Python, Java, Go)

Google Aps

Google Cloud Storage

HP

Enterprise Services Cloud – Compute

Cloud Application Delivery

HP Software as a Service

Enterprise Services Cloud – Compute

IBM

SmartCloud Enterprise

SmartCloud Application Services

SaaS products

SmartCloud Enterprise – object storage

 

 

Cloud computing and storage of learning material

Cloud computing and storage can be applied in the storage and processing of academic material such as lectures and notes. The information would be quickly accessed by both lecturers and the students through protected accounts to the system. Cloud computing is feasible in this case because it may not be possible to store the information locally and have students access it through an intranet or specific computers. It is therefore important for the school to enhance efficiency by adopting cloud computing. 

OR

Cite This Work

To export a reference to this article please select a referencing stye below:

My Assignment Help. (2018). Computer Security And Other Issues: Attack Experiences . Retrieved from https://myassignmenthelp.com/free-samples/computer-security-and-other-issues-attack-experiences.

"Computer Security And Other Issues: Attack Experiences ." My Assignment Help, 2018, https://myassignmenthelp.com/free-samples/computer-security-and-other-issues-attack-experiences.

My Assignment Help (2018) Computer Security And Other Issues: Attack Experiences [Online]. Available from: https://myassignmenthelp.com/free-samples/computer-security-and-other-issues-attack-experiences
[Accessed 17 January 2020].

My Assignment Help. 'Computer Security And Other Issues: Attack Experiences ' (My Assignment Help, 2018) <https://myassignmenthelp.com/free-samples/computer-security-and-other-issues-attack-experiences> accessed 17 January 2020.

My Assignment Help. Computer Security And Other Issues: Attack Experiences [Internet]. My Assignment Help. 2018 [cited 17 January 2020]. Available from: https://myassignmenthelp.com/free-samples/computer-security-and-other-issues-attack-experiences.


MyAssignmenthelp.com strives towards providing exceptional essay help at an affordable price. Students, from various parts of Australia, prefer our servicers because we provide high-quality essay assistance at a pocket-friendly price. We receive numerous requests 'help me do my essay' or 'can someone write my essay' from students every day. We efficiently fulfill those requests and provide students needed essay writing help art an affordable price.

Latest Management Samples

COM15: Developing Research And Analytical Skills

Download : 0 | Pages : 7
  • Course Code: COM15
  • University: Griffith University
  • Country: Australia

Answer: Introduction: Crime prevention is an emerging concept that is applied by several security agencies to reduce crime rate in the society. It is an approach that focuses on preventing the crime rather than dealing with the consequences after it has happened. (Crime, 2008) A lot of attention is therefore given to crime prevention rather than detecting the criminals and punishing them. It evaluates the conditions and circumstances tha...

Read More arrow

HLSC122 Critical Appraisal Scenarios

Download : 0 | Pages : 7

Answer: Introduction:    In evidence based practice, the critical review and analysis of research papers supports nurses in applying research evidence in real setting (Hall & Roussel, 2016). This essay aims to conduct a critical analysis of research paper to resolve the problem presented in the case scenario related to Tasso, a 21 year old computer programmer who witnessed serious motor vehicle problem and is suffering from post...

Read More arrow

CNA576 Self Management In Renal Nursing For Chronic Illness Patients

Download : 0 | Pages : 6

Answer: Chronic illnesses have risen in number with fears of increasing risks for further increase in such ilnesses. This is due to environmental risks such as air pollution, smoking, lack of physical activities and unhealthy diets (Celler, & New South Wales University Sydney, 2017). Self-care among patients with chronic diseases is an important aspect of health managements. In the recent years, chronic management programs have shifted to ...

Read More arrow

MKT00720 Nature Of Amazon Australia Marketing Strategy

Download : 0 | Pages : 8

Answer: Introduction:  The following research focuses on the marketing strategies that Amazon Australia used since it started its business in Australia. Theoretical approaches have been used to understand the relevant marketing strategies. Besides, the marketing strategies that the company can use in the future have also been discussed in the following research. Company overview:  Amazon.com, Inc. is an electronic commerce company...

Read More arrow

HI6008 Reflection On Learning Structure

Download : 0 | Pages : 5

Answer: Evaluating Effectiveness and Usefulness of Learning Experience The research has facilitated me in attaining a better learning experience that can be useful in attaining my career goals in the future years. The topic on which I carried out the research was “to analyze the impact of IFRS accounting standards on enhancing consumer loyalty within the retail sector of Australia”. This topic increased my understanding on the nec...

Read More arrow
Next
watch

Save Time & improve Grades

Just share your requirements and get customized solutions on time.

question
We will use e-mail only for:

arrow Communication regarding your orders

arrow To send you invoices, and other billing info

arrow To provide you with information of offers and other benefits

1,179,595

Orders

4.9/5

Overall Rating

5,056

Experts

Our Amazing Features

delivery

On Time Delivery

Our writers make sure that all orders are submitted, prior to the deadline.

work

Plagiarism Free Work

Using reliable plagiarism detection software, Turnitin.com.We only provide customized 100 percent original papers.

time

24 X 7 Live Help

Feel free to contact our assignment writing services any time via phone, email or live chat.

subject

Services For All Subjects

Our writers can provide you professional writing assistance on any subject at any level.

price

Best Price Guarantee

Our best price guarantee ensures that the features we offer cannot be matched by any of the competitors.

Our Experts

Assignment writing guide
student rating student rating student rating student rating student rating 4/5

248 Order Completed

100% Response Time

Lloyd Bernabe

MSc in Accounting

London, United Kingdom

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

2115 Order Completed

97% Response Time

Kimberley Chen

MPA in Accounting

Singapore, Singapore

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

154 Order Completed

97% Response Time

Harold Alderete

PhD in Economics

London, United Kingdom

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

1592 Order Completed

96% Response Time

Jane Sima

Ph.D in Psychology with Specialization in Industrial-Organizational Psychology

Singapore, Singapore

Hire Me

FREE Tools

plagiarism

Plagiarism Checker

Get all your documents checked for plagiarism or duplicacy with us.

essay

Essay Typer

Get different kinds of essays typed in minutes with clicks.

edit

GPA Calculator

Calculate your semester grades and cumulative GPa with our GPA Calculator.

referencing

Chemical Equation Balancer

Balance any chemical equation in minutes just by entering the formula.

calculator

Word Counter & Page Calculator

Calculate the number of words and number of pages of all your academic documents.

Refer Just 5 Friends to Earn More than $2000

Check your estimated earning as per your ability

1

1

1

Your Approx Earning

Live Review

Our Mission Client Satisfaction

The instructor like the assignment and no need to redo it. She was impressed by the quality of the assignment.

flag

User Id: 364013 - 17 Jan 2020

Australia

student rating student rating student rating student rating student rating

The deadline for my assignment passed by a few hours but the finished result was correct and looked great! The customer service chat line is very quick to get you answers and responses. I will definitely use them again in the future!

flag

User Id: 363787 - 17 Jan 2020

Australia

student rating student rating student rating student rating student rating

I am always excited to see the grades because I have full confidence in the writers.

flag

User Id: 106921 - 17 Jan 2020

Australia

student rating student rating student rating student rating student rating

I love this company it’s some dislike about it but I love the experts that helps with the assignment

flag

User Id: 334177 - 17 Jan 2020

Australia

student rating student rating student rating student rating student rating
callback request mobile
Have any Query?