The threats to the server of network traffic.

1. The threats to the server of network traffic.


Unpatched OS: The servers are not patched with the latest operating system patches. This can raise a big threat for the infrastructure as well advantage for the hackers. Unpatched operating system can consider as a security loophole that exist with the servers. The critical servers have the huge impact from this issues and hackers can easily exploit any vulnerability using this. Coursey, 2013 describes unpatched OS as the number one risk for infrastructure for any organization. The hackers can gain access to the server using the unpatched vulnerability and attack for the server and delete the data. Compromise the server can consider as a likelihood of exploiting OS vulnerability.
Prevention: prevention of attack vector from unpatched OS can done using properly updating and patching the systems. Internet patches can be enabled for the server to get update automatically. But if automatic updates effect for the environment, manual updating should be done periodically.

Denial of Service (DOS): This type of attacks generate large amount of traffic towards the server. Generating unwanted traffic could disrupt the legitimate services of the server. The slowness of web server can occur from a DoS attack in the investigated environment. DoS attacks need to prevent at any environment to protect the business continuity. DoS attack can be a critical threat to the server, which can be the main factor for its slowness.
Prevention: It is hard to prevent the DoS attacks for the IT infrastructure, but prevention can be done using the honeypots. 

Botnets: Botnets are known as remotely accessible computer without the authorization of business purpose.  The hackers can install bot using a vulnerability of OS in the server and use that bot for control the server functions (Hoffman, 2016). Mainly the controller of the botnet, the botmaster can infect malwares or malicious codes to get access to the server and delete or modify the content. Further performing DOS attacks. The botnet attack can be a reason for the suspected behavior of the systems in the organization.
Prevention: Properly patched OS, using the intrusion prevention systems or updated anti-virus systems can prevent the Botnet functions on the servers.

Backdoors: Backdoor is known as a malicious program that remote attacker to access the computer without authorization (Kiguolis, 2017). Attackers can infect backdoors to the server using vulnerability of the server and then remotely access it and delete and compromise the contents. The company server may face backdoor attack in such scenario. The attacker can compromise the server through a backdoor, which exposed to the internet. The backdoor present medium level of threat to the server.
Prevention: Backdoor attacks can prevent using IPS, antivirus software and properly patching the operating systems.  Since backdoors are most time untraceable, it is important to prevent them.

Computer worm: Computer worm is a malicious program that infect to the server without human interaction. The worms can spread over the network for clients and worms can delete or destruct the services of the network. The organization may infect with the worm attack as some of the computer malfunctions are reported.
Prevention: Prevention of the worms can implement using the anti-virus software’s as well using the updated patches of the operating systems.

2. The threats to the workstations. 


Bruteforce: The bruteforce attacks are known as trying malicious attempts to the workstations to gain access. Attackers can use various methods such as predefined password tables or malicious software’s to perform bruteforce attacks. The user network can be compromised using bruteforce attacks of the organization and add malicious contents to them.

Prevention: prevention of bruteforce attack can be done implementing password lockout function of the end user computers or using IPS (Magestro, 2017).

Environmental threats: The disasters can be happen for any environment. The organization can face disasters like fire, earthquake, tsunami, flood etc. The disaster recovery site need to conduct the business uninterruptedly.
Prevention: A properly implemented disaster recovery site can help to prevent the impact of environmental threats (Shaw, 2018).

Data backup: Data backup is not properly done for the organization as it impact for user data if that is compromised. The data backup is the main point to recover to previous state from any kind of attacks. The attackers can compromise the systems and delete, if data backups are there, no need to worry (Johnston, 2018). If the data backups properly maintained the recovery can perform with minimum of time
Prevention: Properly implementation of data backup plan can reduce the impact of backups. The backup plan should be periodically reviewed and properly monitored

Social engineering:  Social engineering attacks are known as the most sophisticated attack type of modern computing. Mostly they come from the social engineering mechanism such as emails, LinkedIn, or Facebook. The banners of the computer screens may be a reason for social engineering attacks that happen for the organization. As the users download the content from the internet, users can be targeted by the attackers via social media platforms to compromise the company infrastructure.

Prevention: These attacks can prevented using properly conducting user awareness and end user computer protection mechanisms (Bisson, 2015).

Malwares: Malwares are computer malicious software’s that infect for the end users via internet or third party software’s. Some of the malwares can cause harm to the computer and some of them carry advertisements. The malwares carry advertisements are known as adware. The organization may be infected with the adware type malware, as the end user computers are showing the advertisements on the screens (Rouse, 2016).
Prevention: prevention of the malwares can be done using the properly implemented host based security mechanism such as anti-virus or anti-malware solutions.


3. The threats to the website.


DDoS: Denial service of Dos is known as a kind of threat that effected for websites which interrupt their legitimate services. If the website is attacked with DDoS attack legitimate users does not able to access the web sites.  As the organization website has face accessibility issue it may be effect as a DDoS attacks (Gaffan, 2018).
Prevention: prevention of DDoS is bit hard than others, But DDoS can be prevented using specially crafted technologies like cloud flare or support with ISP. 

SQL injection: SQL injections are attacks which focused on data based that connected with web sites. SQL injection can mine the data or change the data inside of a web service.  As the organization website face for slowness it can be a reason for SQL injections (Rubens, 2018).
Prevention: prevention of the SQL injections can be done using the parameter protections, firewalls, patches of the database.

Cross site scripting: Cross site Scripting or XXS can perform using embedding malicious URL to the legitimate web services. The legitimate web sites can redirect or change the content using XXS attacks. The legitimate service can interrupted by this. As the organization web site shows the hacked banner, it may done using XXS type attacks.
Prevention: XXS prevention can be done using the context dependent outputs of the web application. Further web application firewalls can use as perimeter level protection for XXS attacks (Netsparker, 2018).

Security misconfiguration: Security misconfiguration is known as the highest level of security loop hole which even listed in OWSAP top 10. Forgetting to change the default passwords, deleting default installation file of the web site can be known as the security misconfigurations. The attacks can take huge advantages from these. As these kind of issues can be hacked by novice level script kiddies also. As the web site has hacked it may be a reason of such misconfiguration (Vicente, 2018). A hacker can edit the content of the website via misconfiguration. They can publish the “hacked” message through misconfiguration vulnerability.
Prevention: prevention of the security misconfigurations can be done using properly conducted of security audits for the systems. These issues cannot prevent using the perimeter level protections. It is necessary conduct audits on periodically basis.
Unpatched plugins: Web site may use different plugging or services when it is implemented. The vulnerabilities of the plugging can cause the remote attacker to compromise the website. If the organization web site has contain such plugging it can be a reason for this compromise. Hackers can change the index pages of the web site using a vulnerable plugging.
Prevention: Prevention of the plugging vulnerabilities can be implemented using web application firewall or on time patching of the plugins.


References


Bisson, D. (2015). 5 Social Engineering Attacks to Watch Out For. Retrieved from https://www.tripwire.com/state-of-security/security-awareness/5-social-engineering-attacks-to-watch-out-for/
Coursey, D. (2013). Unpatched Applications Are #1 Cyber Security Risk. Retrieved from https://www.pcworld.com/article/172082/Unpatched_Applications_Are_1_Cyber_Security_Risk.html
Gaffan, M. (2018). The 5 Essentials of DDoS Mitigation. Retrieved from https://www.wired.com/insights/2012/12/the-5-essentials-of-ddos-mitigation/
Hoffman, C. (2016). What Is a Botnet?. Retrieved from https://www.howtogeek.com/183812/htg-explains-what-is-a-botnet/
Johnston, L. (2018). 5 Ways to Back Up Your Data and Keep It Safe. Retrieved from https://www.lifewire.com/ways-to-back-up-your-data-2640426
Kiguolis, L. (2017). What are backdoors and how to remove them. Retrieved from https://www.2-spyware.com/backdoors-removal
Magestro, D. (2017). What is a Brute Force Attack? | StackPath Blog. Retrieved from https://blog.stackpath.com/glossary/brute-force-attack/
Netsparker. (2018). The Cross-site Scripting (XSS) Vulnerability: Definition and Prevention. Retrieved from https://www.netsparker.com/blog/web-security/cross-site-scripting-xss/
Rouse, M. (2016). What is malware (malicious software)? - Definition from WhatIs.com. Retrieved from https://searchsecurity.techtarget.com/definition/malware
Rouse, M. (2017). What is advanced persistent threat (APT)? - Definition from WhatIs.com. Retrieved from https://searchsecurity.techtarget.com/definition/advanced-persistent-threat-APT
Rubens, P. (2018). How to Prevent SQL Injection Attacks. Retrieved from https://www.esecurityplanet.com/hackers/how-to-prevent-sql-injection-attacks.html
Shaw, K. (2018). What is disaster recovery? How to ensure business continuity. Retrieved from https://www.networkworld.com/article/3248969/data-center/what-is-disaster-recovery-how-to-ensure-business-continuity.html
Vicente, G. (2018). What is and how to prevent Security Misconfiguration | OWASP Top 10 (A5). Retrieved from https://hdivsecurity.com/owasp-security-misconfiguration

Comments

Post a Comment

Popular posts from this blog

Contact US

Image
If you want to contact us or Report any porblem in  in our blog or  Send us your Comments  Your Name Your Email Address Subject Message Image Verification Please enter the text from the image [ Refresh Image ] [ What's This? ] Free Signature Generator
Read more

Kavya Madhavan

Image
About Kavya Madhavan Kavya Madhavan was born in the village of Nileshwaram in Kannur district, Kerala. Her father P. Madhavan is an accountant and mother Shyamala a house wife. She has one brother Mithun, who is doing his post graduation in fashion designing in Australia. She started to learn dance while in High School. She was a Kalathilakam in a Sub District Schools Youth Festival . The title is bestowed on artists who prove their skills in most artistic fields. "Kavya entered the industry as a child artist in the film Pookkalam Varavayi (1991) in the role of a school girl. She came to public attention when she played the childhood part of the heroine character in Kamal's Azhakiya Ravanan (1996). She has since acted in over 50 films in Malayalam and a
Read more

Ryan enjoyed doing nude scene with Sandra Bullock

Image
Ryan enjoyed doing nude scene with Sandra Bullock Canadian actor Ryan Reynolds, who is married to actress Scarlett Johansson, says he enjoyed filming a nude scene with Sandra Bullock for "The Proposal" because she has a great body. "It's a good situation to be in, seeing her naked - believe me, Sandra's no slob, that's for sure," contactmusic.com quoted the actor as saying. The 32-year-old initially worried that Sandra, 44, would back out of the scene because of nerves. "I didn't think we'd shoot it to be honest because she's never done a head-to-toe nude scene before. "I just thought, 'Oh she's just going along with it and once we actually get closer to it, she'll say we need to rewrite this.' No way. She was 100 percent in," he said.
Read more