Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
¶ … gathered on the DOD
The tools and a description of the how they are used
What sort of attacks would work in this case? Give some examples and how you would carry them out
What social engineering and physical security aspects were discovered / devised? Give a detailed explanation
What methods could you employ to help secure these vulnerabilities? What suggestions would you make to the organization if you were a penetration tester?
Attack Project Paper
Over the last several years, the Department of Defense (DOD) has become the subject of cyber attacks. This is because of the information, which is possessed on their networks and the large turnover of people is exposing them to more threats. A good example of this can be seen with information compiled by the U.S. Department of Homeland Security. They found that the DOD is receiving a total of 10 million attacks per day. ("How Many Cyber Attacks Hit the U.S. last year," 2014) This is problematic, as it has the potential to create severe disruptions and a loss of sensitive information.
To address these issues a new strategy must be implemented. This involve analyzing the information which is gathered, the tools, the kinds of attacks that work, social engineering / physical security and the methods to deal with vulnerabilities. Together, these elements will illustrate the best avenues for preventing these kinds of attacks against the DOD.
The information that was gathered on the DOD
The various sources are showing how the DOD is vulnerable to a variety of cyber attacks. The most notable include: social engineering, password based, and Trojans...
Each one of them has been utilized in the past to disable their networks and make it difficult for personnel to access them. This exposes the DOD to major breaches, with hackers able to steal a number of classified documents in the process. (Insinna, 2013) To make matters, worse they are planning on rolling out their own version of 4G. This is supposed, to allow personnel to have access to greater amounts of information. However, the problem is that it exposes them to more threats with hackers being able to breach these devices and the information that is on them. (Roulo, 2013)
The tools and a description of the how they are used
There are a number of tools which are used by hackers to attack the DOD's network. The most notable include: social engineering, password based and Trojan types of attacks. Social engineering is when there is an attempt to use deception to gain access to information. This is achieved utilizing a number of tactics such as: cloning IDs or emails to tricking an individual into thinking it is from an important source. Once this happens, is when they can gain access to employee names, numbers or passwords. Password-based techniques are trying to break into the site through trying a series of user names and passwords. This is used in conjunction with social engineering or brute force to find methods that are successful. A Trojan is when a malicious email is sent to individuals inside the organization. The basic idea is to encourage them to open it and visit the link inside. This will enable the hackers to gain access to organization's information. (Amoroso, 2012) (Pelt, 2014)
What sort of attacks would work in this case? Give some…
References
How Many Cyber Attacks Hit the U.S. last year? (2014). Next Gov. Retrieved from: http://www.nextgov.com/cybersecurity/2013/03/how-many-cyberattacks-hit-united-states-last-year/61775/
Amoroso, E. (2012). Cyber Attacks. Oxford: Butterworth.
Insinna, V. (2013). Department of Defense Infrastructure still Vulnerable. National Defense Magazine. Retrieved from: http://www.nationaldefensemagazine.org/archive/2013/June/Pages/DefenseDepartmentInfrastructureStillVulnerabletoCyber-Attacks, CriticsSay.aspx
Pelroth, N. (2014). Cyber Espionage Attacks. New York Times. Retrieved from: http://bits.blogs.nytimes.com/2014/05/29/cyberespionage-attacks-tied-to-hackers-in-iran/?_php=true&_type=blogs&_r=0
Roulo, C. (2013). DOD must stay ahead of Cyber Threat. Department of Defense. Retrieved from: http://www.defense.gov/news/newsarticle.aspx?id=120379
Santos, A. (2013). China is Winning the Cyber War. The Wire. Retrieved from: http://www.thewire.com/global/2013/05/china-hackers-pentagon/65628/
Cyber Espionage Over the last several years, cyber espionage has become a major problem that is impacting a variety of organizations. This is because hackers and other groups are actively seeking to exploit vulnerabilities in security networks. Evidence of this can be seen by looking no further than the below tables (which are illustrating the motivations and targets of attacks). Motivations behind Attacks on Computer Networks Percentage Cyber Crime Hactivism Cyber Warfare / Espionage ("Cyber Attack Statistics,"
Cyber Security Currently, the internet has become a significant infrastructure, which has brought new degrees of productivity, convenience, and effectiveness for the private and public firms. The many incidents of internet attacks reflect the vulnerability of the information systems, the severity of malicious programs and the offensive nature of technology. Similarly, either attackers can hide their identity, through disabling logging facilities or altering event logs, which makes them go undetected. On
Human Aspects in IT and Cybersecurity An innovation in IT (information Technology) has revolutionized the method organizations store, record and retrieve information. Moreover, a large percentage of business organizations has taken the advantages internet technology to offer their businesses online where customer's data such as credit cards, SSN (social security number), tax information, and other personal information are recorded in the organizational databases. A major benefit that internet technology offers to
These certificates are issued by the certification authorities (CAs) and they contain the name, expiration dates as well as serial numbers of the certificates. OS Hardening Operating system hardening is the process of addressing the various security issues and vulnerabilities in a given operating system via the implementation of the latest Operating system patches, updates, hotfixes as well procedures and policies that are necessary for reducing the number of attacks as well
Emergency and Disaster Management: Hurricanes Katrina and Ike In the recent decades, the United States of America has increasingly experienced various disasters not only from natural sources but also from industry and technology. The country has even faced deliberate disasters from terrorist sources. Unfortunately, there is no attenuation or lessening that is in sight at the moment. The predictions regarding the weather disturbances are increasing. There has been a continuation in
S. Department of Defense (DOD) uses over two million computers and more than ten thousand local area networks, most of which are linked to, and vulnerable to attack from, users of the larger Internet. (2008, p. 276) These increasing threats correspond to the growing reliance on information systems to manage the entire spectrum of modern commerce and energy resources, making the disruption of a single element in the integrated system a