Identifying Potential Risk, Response, and Recovery - Assignment Example

 Identifying Potential Risk, Response, and Recovery Executive Summary Online security breaches have become one of the major accuses faced by the gaming organizations in context to safeguarding their assets and confidentiality. However, the techniques of mitigating these attacks have also improvised in a gradual manner. Through this discussion, an attempt has been made for understanding the ways through which the intruders undertake attack attempts on the confidential data storage areas of the gaming organizations. The discussion also projects significant amount of light on the strategies through which these intentional attacks can be prevented. As for the projected issues are concerned, multiple strategies have been identified and elaborated in this discussion. For instance, regarding the Distributed Denial of Service attacks, strategies have been provided regarding keeping the centralized servers under the constant monitoring of the online security agencies, who possess database of all the IP addresses from which an attack might get commenced. Likewise, in case of the Session Hijacking attack on the centralized servers, recommendations regarding encapsulating their unique session IDs have been made to the organization. The applicability of the encryption mode for the provided context appeared to be an appropriate strategy for protecting the interests of the gaming organizations from being intentionally harmed. Regarding the third attack i.e. SQL injection, recommendations have been made in context of implementing the ‘object-relational mapping libraries’ through which parameterized SQL codes’ based on ‘object oriented code’. This strategy has been found to be appropriate towards eliminating those opportunities through which an intruder might inject malicious codes within the executable SQL slots. Introduction In assignment 1, three kinds of unauthorized attacks have been mentioned such as ‘Distributed Denial of Service Attacks’, ‘Session Hijacking’ and the ‘SQL Injection’. These three attacks are highly effective in terms of distorting the normal functionality of an organization’s network system along with stealing of crucial concealed data, loss of which might hamper the overall reputation of an organization. Discussion Distributed Denial of Service Attacks Attack Description. Distributed Denial of Service Attack is most prevalent and effective type of network attack that an external system intruder might choose for distorting the functionality of an organizational network. Majority of information network of gaming organizations are designed in a centralized manner (Lee, 2013). This in turn, makes the central servers, an easy and vulnerable target for the external intruders. The intruders using a series of connected nodes can easily form a botnet and flood the organization’s bandwidth channel with huge amount of garbage data thus, disrupting the connectivity of the central server hub with all the associated peer stations (TechTarget, 2014; Nagamalai, Renault & Dhanuskodi, 2011). Appropriate Strategy and Control Plan. Distributed Denial of Service Attacks are completely unproductive due to the fact that the IP addresses of the attack ports might vary each time. Thus, the only way to safeguard against this attack is through dynamic observation. Multiple gaming organizations keep their central servers under the dynamic surveillance of online security organizations. These security organizations, through continuous observations, create a list of IP address that can be rated as malicious and lists it into the firewall settings of the gaming companies. As a result, any further attack attempts from the specific IP address will be prohibited by the firewall itself. Thus, for this attack, real time observation is the only control mechanism for remaining safe (Prolexic Technologies, 2014). Session Hijacking Attack Description. Session Hijacking refers to unauthorized attack used for stealing confidential data from the main organizational servers. As can be understood that every communication between client and server platform takes place in terms of session token that mainly comprise of two main components. The first component determines the set time depending on which, the system decides whether to continue with the communication or to terminate it. The second component is the specific session ID depending on which, the server identifies a client machine. In this attack, the intruder attains access to a valid session token between client and server platform using sniffers codes. Once the access to a valid session token gets attained, the intruder can easily alter the time component and establish communication with the server platform. After, the communication gets established, the intruder can easily extract all sorts of crucial data from the system and cause significant amount of confidentiality loss to the organization (SANS™ Institute, 2014). Appropriate Strategy and Control Plan. An effective safeguard against this type of attack can be attained through the integration of HTTPS within the system by the game development companies. One advantage of implementing HTTPS is that this system generates secured cookies that can be used as a proof of user authentication. In the HTTPS secured system, whenever a valid user visits the protected data areas, he/ she will be redirected to the HTTPS where, the presence of secured cookies will be evaluated. If the evaluation outcome turns out to be negative, the user will be prohibited the system access at that moment of time (EPiServer AB, 2014). Apart from the concept of secured cookies, encrypting the session ID can be considered as another strategy for mitigating the session hijacking attack that in turn can be practiced by the gaming company. If the unique session ID remains encrypted, the intruder will not be able to access it even if the valid session token gets sniffed during transmission (Stack Exchange Inc, 2014). SQL Injection Attack Description. This is a type of vector attack that if done in a combined manner with the Session hacking might result in an unauthorized extraction of confidential data from the gaming company’s central servers. In this attack, the intruder injects malicious SQL codes between the executable code segments. These malicious SQL codes get structured in such a manner that they can easily bypass the SQL data type validation criteria and commence false executions. Through this way, the intruder can easily channelize the stolen data through the system loopholes and know about the organization confidentiality (Acunetix, 2014). Appropriate Strategy and Control Plan. Since the entire attack type is based on the injection of malicious SQL codes within the executable code slots, thus, minimizing the writing of SQL codes can be considered as an effective mitigation strategy that can be implemented by this game developing company. The organization can achieve this through the integration of ‘object-relational mapping libraries’ within their database systems. This technique helps in generating ‘parameterized SQL codes’ based on ‘object oriented code’ that covers up the need of writing manual SQL executable codes, eliminating the scope for the intruder to inject his / her malicious SQL codes in the executable code slot (QuinStreet Inc., 2014). Importance of Risk Management, Control Identification, and Selection Processes The central servers of the gaming organization might hold crucial data regarding new product launch, which might cost the organization huge amount of financial investment. Thus, it is necessary for the gaming organization to carry out the required procedures that includes risk management, risk identification and risk control mechanism. It is a must for the gaming organization to carry out these procedures on a periodic basis so as to keep their security and firewall protocols updated and eliminate all possible attacks on the system by taking reference of the attack history database. Conclusion From the above mentioned description, it can be stated that the with the gradual development in the innovation levels of the game development companies, the risk factor of them getting subjected to unauthorized online attacks have also increased substantially. Thus, it is a must for every gaming organization to keep their data warehouses under constant surveillance of the online security companies. The gaming companies will also have to update their security protocols at periodic levels for keeping their system up to date. This will gradually equip them with the capability of eliminating every possible attack on their system. References Acunetix. (2014). SOL injection: what is it? Retrieved from https://www.acunetix.com/websitesecurity/sql-injection/ EPiServer AB. (2014). Protecting your users from session hijacking. Retrieved from http://world.episerver.com/Documentation/Items/Tech-Notes/EPiServer-CMS-6/EPiServer-CMS-60/Protecting-Your-Site-From-Session-Hijacking/ Lee, N. (2013). Counterterrorism and cyber security. USA: Springer Science & Business Media Nagamalai, D., Renault, E. & Dhanuskodi, M. (2011). Advances in parallel, distributed computing: first international conference on parallel, distributed computing technologies and applications, proceedings. New York: Springer Science & Business Media. Prolexic Technologies. (2014). DDOS prevention. Retrieved from http://www.prolexic.com/knowledge-center-ddos-prevention.html QuinStreet Inc. (2014). 10 ways to prevent or mitigate SQL injection attacks. Retrieved from http://www.enterprisenetworkingplanet.com/netsecur/article.php/3866756/10-Ways-to-Prevent-or-Mitigate-SQL-Injection-Attacks.htm SANS™ Institute. (2014). Session hijacking in windows networks. SANS Institute InfoSec Reading Room, 1-51. Stack Exchange Inc. (2014). What is the best way to prevent session hijacking? Retrieved from http://stackoverflow.com/questions/22880/what-is-the-best-way-to-prevent-session-hijacking TechTarget. (2014). Distributed denial-of-service attack (DDoS). Retrieved from http://searchsecurity.techtarget.com/definition/distributed-denial-of-service-attack Read More