Analyze Assets that might be in riskThe computer system is an asset that is at risk of failure. If the human factor does not maintain the computer system regularly, the computer can crash. An unmaintained computer system is susceptible to hackers who access the computer software without permission. Therefore, the data in the computer is vulnerable to risks. Besides the loss of data from the hacker activities, the users of the computer systems delete data. Moreover, the end users can access useful data and information without permission from the host. Consequently, the privacy of data is at risk. Privacy ensures that a company or an individual has a competitive advantage in the market in the form of data or information. Disclosure of the information leads to a critical loss in competitive advantage. Also, the end users are responsible for the malware downloads in the local computer. The malware destroys information in the computer and crashes the system.
The network infrastructure is an asset that is susceptible to loss. Just as the computer system and the data are vulnerable to threats, the network infrastructure crashes. Moreover, the external hackers can turn the infrastructure into weapons of exploitation. For example, the penetration attacks are detrimental to the host firewall and a hacker is able to allow blocks of private addresses to access into the local network.
The computer hardware is an asset that is at risk. The alien malware that attack the software lead to a loss of the hardware. For example, computer viruses fill in the memory of a computer and information duplicates. Also, computer viruses destroy the hardware through the destruction of the operational technology. The destruction of the hardware is a loss of an important asset.
Discuss Possible Threat Actors
The possible threat actors include national governments, terrorists, hackers, hacktivists, and industrial spies. National governments cause cyber warfare and cause harm to others in the attempt to gain or deter power. The threats by national governments include propaganda and nuisance at a low level. Furthermore, the governments can cause espionage, disruption of network infrastructure.
Hacktivists are possible threat actors. They are hackers who are active politically. Because of their ability to undertake an individual attack, they pose a moderate threat to nations. They cause more damage through propaganda more than the damages on the network infrastructure.
The hackers are threat actors. However, hackers do not have the capability to attack major targets such as government systems. However, they can cause damage to property and loss of life. Moreover, the hacker population continues to grow as well as the outlook of their attacks.
Industrial spies organize crimes against corporate firms and businesses. However, they pose minute threats to governments. Industrial spies steal large-scale financial currencies. Furthermore, the work under hire to notice and develop hacker talent for firms. Industrial spies steal critical business information for other firms.
Terrorists are threat actors. They destroy governments that oppose their rule or ideology. They are a threat to information and security. However, they pose low risk in cyber security other than propaganda. Because of the superiority of physical attacks to virtual, terrorists opt for the traditional methods of bombs and other destructive options. However, researchers project that terrorist are to improve their virtual attacks in the future with the emergence of competent individuals. The main motive of terrorists is to spread fear, especially in the civil society. Moreover, terrorists’ interest in the destruction of the economy. Therefore, the future may prove diverse challenges from terror groups.
Because of the tough role of an attacker, a cyber-threat is not fatal. A threat actor must be tactical to breach the security of the system. An attacker must access the system controls in the local network. Consequently, he must discover and comprehend the process of the system to carry out a successful attack. After the recognition of the system process, an attacker is able to control the process.
Discuss Possible Vulnerabilities
The injection vulnerabilities are possible to occur in a computer system. They occur when a program sends data that is untrusted to a particular interpreter. They injection vulnerabilities affect the XPath, SQL, XML parsers, LDAP, and program structures (Lehto, 2013). They injection vulnerabilities cause loss of data and the exposure of important data. Also, they lead to unaccountability or access denial to the host operator.
A buffer overflow is a susceptibility. It occurs when a computer program or application tries to put additional information or data to a buffer that exceeds the operational capability. The overflow of the additional information allows a hacker to overwrite the memory. The attack corrupts original data, crashes the computer software, and executes a destructive code. Buffer vulnerabilities are common but difficult to recognize. However, an attacker finds it difficult to use the buffer overflows in relation to the injection vulnerabilities.
The exposure of sensitive data is a vulnerability. The exposure occurs when an attacker accesses the host computer system and accesses the sensitive data. The exposure of data occurs over a network or on a computer that is not in a network. However, the exposure occurs when the human factor fails to protect the sensitive data efficiently.
Session management and flaws in authentication are vulnerabilities to threat. They occur when an attacker exploits the leaks in the authentication of users and the procedures of the session management. The leaks include the exposure of passwords, session’s identities, and accounts. The flaws enable an attacker to impersonate the user and access information without legal right.
Security misconfiguration ids a vulnerability that is most common as well as fatal. The misconfiguration are in the form of outdated software, running of applications in debug mode, unnecessary running of systems, and the non-configuration of system problems. Moreover, the system misconfiguration includes the failure to shift the factory settings that are default passwords and keys. Moreover, the security misconfiguration includes the incorrect identification of administrators and causes the exposure of critical information to attackers. The human use of accounts that are default is an aspect of the misconfiguration of computers and is a security risk.
Discuss Possible Harms
The cyber security threats cause harm to humans. The harms include the disruption of the national defense tasks, the energy resources, the transportation aspects, the finances, and the daily activities. The threats can cause a fail of defense systems for nations and creates security breaches for potential criminals. The users of the internet as an infrastructure can experience the loss of critical financial data and information. People loose financial statements, passwords, and banking information to cyber threats. The economies of nations fail as a result of successful attacks. For example, the Stuxnet worm in America was an attack in the nations that led to mass demonstrations in opposition to regimes (“Cyber-security”, 2014). The disruption of daily activities to oppose the government causes great aggregate losses to the economy. Business harms are possible to individuals and corporate firms. The financial sector experiences a high level of vulnerability. The information that relates to the users can be lost to attackers. Moreover, attackers can impersonate the users and access information that can cause financial losses. Therefore, businesses can collapse.
The transportation industry in the US and other nations use the networks to operate. The harm top transportation is probable in the event of a successful attack. Because of the importance of computer programs in traffic lights, air transport, and the electric trains, a fault in the transportation system can cause to accidents and loss of life. Furthermore, the disruption of traffic is a loss to the economy and individuals.
The energy sector is dependent on computer programs for operation. The computer processes govern the collection, the processing, and the distribution of energy. Energy is important for the daily survival, especially in instances of harsh weather such as snow. Security, transportation, and major aspects of the economy depend on energy. Therefore, a disruption of the energy is fatal and is a possible harm.
Discuss Mitigation Strategies
The mitigation strategies focus on the reduction of the threats and the harms from cyber insecurity. The patches to systems help to mitigate risks. A patch fixes the flaws in computer software and updates it. The whitelists to computer applications is another strategy that mitigates the risk. A whitelist is a strategy that allows access to applications with permissions to run on a computer system. The whitelists offer protection against malicious software that run without permission. However, the implementation of the whitelists must be correct. Otherwise, an incorrect implementation does not offer mitigation.
The restrictions to privileges to computer system administrators are a mitigation strategy that is beneficial to reduce risks (Densham, 2015). The potential attackers are unable to target user accounts in the case of low number of administrators. Because administrators have the permissions to gain access to sensitive information in a system, the limitation of administrative privileges reduces the risk of cyber security harm.
A firm must create an in-depth system of defense as a mitigation prospect. The defense system must combine with the restrictions of the administrative privileges, the whitelists, and the computer patches. The correct implementation of the in-depth security system protects a firm from low to moderate unique attack efforts. Because attackers must comprehend the processes of a system, they find it more difficult to access information systems that have an in-depth system. The combination of the format with the other strategies builds multiple defense fronts against the intrusions in a cyber-system. Conversely, a mitigation aspect must consider the needs of the users and encourage privacy of information. Moreover, it must be built on the evaluations of experts in the current computer cyber security field.
In conclusion, the assets that are at risk include the computer system, the computer hardware, the data, and the network infrastructure. Additionally, the possible threat actors include national governments, terrorist, hackers, and hacktivists. Moreover, the industrial spies are threat actors who are develop hack talent for hire. The possible vulnerabilities include the injection vulnerabilities, the system misconfigurations, and the buffer overflows. Moreover, the vulnerabilities include the exposure of information and session managements. The authentication flaws and leaks is vulnerability. The possible harms include the disruption of the national defense systems that cause national insecurities. Also, harms include the disruption of transportation that causes delays, accidents, and death. The harm to energy is possible and causes disruptions in daily activities such as transportation. The loss of information is a possible harm that leads to closure of businesses and financial losses to groups and individuals. The mitigation strategies include the computer program patches, the program whitelists, and the restrictions to administrative privileges. Furthermore, the implementation of an in-depth system of defense in the computer system is a mitigation strategy.
- Cyber-security. (2014). Network Security, 2014(1), 4.http://dx.doi.org/10.1016/s1353-4858(14)70003-0
- Densham, B. (2015). Three cyber-security strategies to mitigate the impact of a data breach. Network Security, 2015(1), 5-8. http://dx.doi.org/10.1016/s1353-4858(15)70007-3
- Lehto, M. (2013). The Cyberspace Threats and Cyber Security Objectives in the Cyber Security Strategies. International Journal Of Cyber Warfare And Terrorism, 3(3), 1-18. http://dx.doi.org/10.4018/ijcwt.2013070101