This paper identifies and analyzes three critical malicious attacks and threats to organizational networks: man-in-the-middle attacks, denial of service (DOS) attacks, and phishing. For each threat, the paper examines potential impacts on organizational assets and data security, then proposes targeted security controls and mitigation strategies. The paper further addresses data loss and data theft concerns within network environments and recommends preventative measures including encryption, intrusion detection systems, and user awareness practices. The analysis provides organizations with actionable security controls to protect against both external attacks and internal data compromise.
The purpose of this paper is to identify and draft a report that examines potential malicious attacks, threats, and vulnerabilities specific to an organization by explaining each item and its potential impact. This analysis focuses on three specific potential malicious attacks and threats that could be carried out against the network and organization, with detailed explanation of the potential impact of each. The paper proposes security controls that would be implemented to protect against the selected attacks. Additionally, this paper analyzes three potential concerns for data loss and data theft that may exist in the network and proposes security controls to address these concerns.
Man-in-the-middle attacks intercept messages between two parties before transferring them to their intended destination. Web spoofing is a type of man-in-the-middle attack that makes the user believe their secure connection is with the web server when it is actually with the attacker. The attacker intercepts the user's messages before sending them to their destination (the web server), allowing the attacker to monitor, capture, or alter communications without the knowledge of either party.
Denial of Service (DOS) attacks are denial or destruction threats that attack the computer and cause it to become overwhelmed. Protocols TCP and ICMP are commonly used in DOS attacks. Smurfing is another form of DOS attack that uses directed broadcast to create a flood of traffic. These attacks overwhelm network resources and render services unavailable to legitimate users.
Phishing is a form of fraud in which the attacker tricks the victim using email or instant messaging by pretending to be someone else. The attacker makes the emails or instant messages appear to come from a credible source or directs the user to click a link that leads to a legitimate-looking website that is actually a spoof. Through these deceptive means, attackers gain access to sensitive personal and financial information.
The potential impact of man-in-the-middle attacks is significant: the attacker can corrupt data, introduce new data on the network, or gain access to internal computer resources such as computers or network components. The attacker can steal passwords, credit card information, and other confidential information. This breach of confidentiality and integrity poses serious risks to both the organization and its users.
DOS attacks present two distinct threat vectors. Logic attacks exploit flawed software to crash or hinder the computer's operation. Flooding attacks flood the network resources with requests, overwhelming CPU and memory capacity. Denial of service attacks cause the CPU to run slow, disk storage to fill up, user accounts to lock up, and computers to crash entirely. The attacker essentially tries to deny service to one or more computers on the network. A SYN flood is a specific example where the attacker uses TCP synchronization bits or flood packets requesting connections, which the computer's memory table records, and the computer sends acknowledgments, but the attacker never responds, tying up resources.
Phishing attacks can present fraudulent websites that request the user's confidential information such as passwords, credit card numbers, social security numbers, bank account details, and ATM PINs. Alternatively, phishing uses emails and instant messages that appear to come from a credible source, tricking users into divulging sensitive information or downloading malicious content.
Encrypting data and using high-security browsers with SSL certificates will mitigate man-in-the-middle attacks. Implementing end-to-end encryption ensures that data cannot be intercepted or read even if communications are compromised. To defend against DOS attacks, organizations should deploy intrusion prevention systems (IPS) and intrusion detection systems (IDS). Modern network components such as web content delivery devices now come with new rules specifically designed to prevent DOS attacks by filtering malicious traffic and rate-limiting requests.
To detect phishing scams, users and administrators should carefully examine URLs for character substitution, such as a letter or two being different in the website address (for example, CapitalOne.com versus CapitolOne.com). If an email or instant message requests personal information, the recipient should call the company's customer service or technical support directly to verify whether the message is legitimate. Another detection strategy is to type the URL directly into the browser instead of clicking a provided link. Users should pay close attention to domain names and watch for subtle variations, such as a domain ending in .org instead of the expected .com. These practices significantly reduce the likelihood of falling victim to phishing fraud.
"Comprehensive protection and recovery policies"
You’re 89% through this paper. Sign up to read the remaining 1 section.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.