The Protection of Information and Its Systems - Article Example

Business Information Systems Name: Tutor: Student Number: MIBT Email: Date: Part A Q1. Security, threat, exposure and vulnerability in relation to Information Systems security Vulnerability in Information systems security means exposure to attack or harm. It refers to the weakness or flaws in processes, software or hardware that compromises on system securities. The weakness could be deliberate or accidental leading to security breach in design, security procedures, internal controls and implementation (Dhillon 2007). Threat is the potential source of the trigger whether accidental or deliberate. It combines the motivation, potential of danger and the actor. A threat happens through unauthorized access, disclosure, data modification, service denial and destruction. It occurs when motivated actors associate with vulnerability. Exposure is an instance of systems getting exposed to threat agents. An organization is exposed by vulnerability to possible damages. Weak passwords and rules expose the company to unauthorized users (Kiountouzis & Kokolakis 2005). Security refers to the protection of information and its systems to unauthorized use, access, disruption, destruction, modification or disclosure. The hardware requires protection from malfunctions and power surges while software components require protection from attack by viruses, unauthorized access, and modification. The system components requiring protection are databases, infrastructure, applications, digital forensics and information system auditing among others. These elements are sensitive and their security is paramount. It requires confidentiality, authenticity and integrity for them to be secured safely (Layton 2007). Q2. Malware and the major categories of software attacks A Malware is actually malicious software that disrupts or damages a system such as Trojan horse or virus. The categories of software attacks are worms, Trojan horses and viruses. Others are; passive attack includes wiretapping, port scanner and idle scan. Active attack involves denial of service attack, spoofing, ARP poisoning, Ping flood, death and Smurf attack (Layton 2007). Host attack includes Format string attack, buffer and heap overflow. Denial of service attacks involves any malicious act that makes the system to be unusable to its real users. They are common and take numerous forms though it is costly. The major types are Smurf attack and SYN flood. Distributed denial of service attack users hundreds of internet hosts to flood links or deprive resources. Hackers use it to target government resources using automated tools (Peltier 2002). Temporary access is lost to sites leading to revenue loss and prestige. Back door is remote access Trojans that are secretly installed on user computers so that attackers can control computer behaviour of the victim. It includes NetBus and Back Orifice 2000(BO2K). Logic Bombs are those when triggered causes malicious tasks since they lie dormant until triggered and are difficult to detect. It comprises macro viruses that use auto-execution features for particular applications (Pipkin 2000). Q3. Discussion on the major categories of information security controls Preventive controls:- These are measures taken to prevent the harm or loss from occurring or happening. For instance, a control that imposes separation of responsibilities is desired. The systems should have one person submitting a payment request while the second individual making authorization. The second case is to minimize the opportunity of a company employee issuing fraudulent payments by undertaking checks and balances through regular change of passwords and codes (Spagnolett & Resca 2008). Detective controls:- These are measures that monitors activity so as to identify cases where procedures or practices were not followed (Pipkin 2000). For instance, a company may review payment request, reconcile the general ledger or audit logs to locate fraudulent payments. In other cases, the company may place Enterprise virus protection solutions to detect and remove viruses. Corrective controls:– These are corrective controls meant to process back to the previous state before the harmful event or restore the system. For instance, a company may execute a full system restoration from backup discs after obtaining evidence of someone improperly altering the payment data (Peltier 2002). Another case is to instill good behavior in system administrators and users by reviewing and updating the virus signature databases and security patches. Q4. Business continuity plan contrasting a warm, cold and hot site Business continuity is an entire management plan that identifies probable impacts that threaten an organization. The plan provides for a solid framework for ensuring effective response, building resilience and safeguarding stakeholder’s interests as well as value and organizational reputation. The plan determines data gathering, business impact analysis, identification of critical resources and functions, data verification, recovery time alternatives and costs (Schlienger & Stephanie 2003). Potential loss is assessed. For instance, database recovery time can take minutes to hours and the recover strategy requires databases shadowing. Warm sites have its recovery relying on backups and do not require dedicated storage. It takes advantage of the shared and cheap storage. All components alongside storage are shared with multiple customers. They are measured in days but new generation disk based backups have consolidated the electronic vaulting system. Hot sites are appropriate for recoveries requiring some few hours. Real-time data replication and storage is needed to obtain data from production site. They are less expensive as they can be out-sourced than manual implementation through shared equipment (Wright & Jim 2009). Cold sites take up a rented space for cooling, power and connectivity to any corresponding equipment. It is an option for business processes that have been down for a long time. These sites complement warm and hot sites in times of disasters lasting for a long period. Part B A case study critical thinking analysis using Toulmin’s Model of Argument (Toulmin 1969) Claim Facebook fails to protect users’ privacy Data/Evidence In the Facebook case study, about 45,000 login credentials from Facebook have been stolen by a computer worm, Ramnit. The virus infected an estimated 800,000 machines from September to the end of December in 2011. In July of the same year, Ramnit virus accounted for about 17.3% of all the new malicious software infections as provided in the Symantec report. The worm is believed to have been propagated from other systems other than Facebook. Warrant Majority of Facebook information are out-of-date and the worm has not been propagating on Facebook. However, they have viral power to cause damage to institutions and damage since they are in the wrong hands. The attackers take advantage of huge amount of personal data stored in Facebook and is regularly updated for the social networking age. The virus steals sensitive information stored in browser cookies and FTP credentials. It goes undetected hence less obvious to determine whether one has been attacked. Passwords and logins help to secure and hold users’ information confidential. Backing Ramnit virus has been around for from April 2010 and is known to have stolen banking details. The Facebook accounts in the UK and France are believed to have originated the information. Attackers use stolen credentials to login to Facebook accounts of victims and transmit the links to friends. The malware then spreads rapidly. These Cybercriminals also know that users tend to have similar passwords in many web-based services. They then gain access to corporate networks. Sophisticated hackers are replacing e-mails worms of the old school to more current social network worms. The virus attacks HTML files and Windows executables. Attackers capitalize on user behaviour since they know that similar passwords are increasingly used in other programs. The speed of propagation is quite high and the users may not easily know that they have provided information to Malware attackers. Rebuttal The virus is known to have attacked banking security information. Facebook security experts affirm that the worm has not been attacking Facebook users alone. The company has been working with external partners to increase protection to the anti-viral systems so that users can secure their devices. The users of Facebook are encouraged to protect themselves by reporting suspicious activities and never clicking on strange links encountered on Facebook. There is a security experts employed by Facebook to identify source of threats and help in developing corrective measures. Facebook has security team tasked to ensure remedial steps are taken upon discovery of malwares. The team acts on data provided are quick to respond to threats and exposures. Qualifier Unless the information and passwords of users are up-to-date, the worm will continue to attack and render their accounts vulnerable. The attackers use stolen credentials with links maliciously transmitted to their friends hence making the malware to spread further. Malware is known to spread like bushfire once they obtain links to many other sites. The experts also obtains that they have not been propagating on Facebook accounts only which makes the malicious program to transcend systems. Your Opinion Facebook to some extent has failed to protect users’ privacy since most of the information was out of date. I believe the stolen login credentials were substantial given that it had stolen more than 45,000 logins and spread in over 800,000 machines. This means that the worm is potential to attack other system devices since it is passive and usually goes undetected. I think the virus was complex since it had stayed for some few months and it was difficult to identify. The worm having attacked the banking account details shows that it is capable of attacking innocent users in Facebook. Attackers know that users use similar passwords for various logins in other programs. It becomes susceptible once a programs links the friends and other linked accounts. The credentials are stolen making meaning that the users may have left their logins unattended or not signed out. Facebook has a responsibility to its users since it failed to provide regular updates of their sites and logins. However, the users are advised not to use similar passwords in most of the sites they visit. Preventive measures are possible through regular change of passwords and safe access to logins. I think Facebook has a responsibility of protecting the data of its users. It has failed to caution users in advance that they should use passwords that need regular updates. The users unless they adapt to making changes in the login information will be vulnerable to malicious attacks. I believe that security of user information rests on the user. They have the role of protecting their passwords since hackers are regularly lurking on unattended sites and old information. The estimated number of affected users is quite huge noting the urgency of handling the effects of Facebook Malware. The users should be aware of their vulnerability to attacks which not only affects their relationship with friends on Facebook but are likely to have their information from banks, education and businesses stolen. Attackers are continuously getting updated as technology advances. I believe that security of logins and passwords will be harnessed in the future once users will be aware of potential threats of worms, Trojan horses and viruses. The account users of Facebook in France and the UK will have a greater advantage since they are the ones who made the clarion call over the harm or disruption of the social networking sites. Reference List Dhillon, G 2007, Principles of Information Systems Security: text and cases. NY: John Wiley & Sons. Kiountouzis, E A & Kokolakis, S A 2005, Information systems security: facing the information society of the 21st century. London: Chapman & Hall, Ltd. Layton, T P 2007, Information Security: Design, Implementation, Measurement, and Compliance. Boca Raton, FL: Auerbach publications. Peltier, T R 2002, Information Security Policies, Procedures, and Standards: guidelines for effective information security management. Boca Raton, FL: Auerbach publications. Pipkin, D 2000, Information security: Protecting the global enterprise. New York: Hewlett- Packard Company. Schlienger, T & Stephanie T 2003, Information security culture-from analysis to change. South African Computer Journal 31: 46-52. Spagnoletti, P & Resca A 2008, The duality of Information Security Management: fighting against predictable and unpredictable threats. Journal of Information System Security 4 (3): 46–62. Toulmin, S 1969, The Uses of Argument, Cambridge, England: Cambridge University Press. Wright, J & Jim H 2009, Computer and Information Security Handbook. Morgan Kaufmann Publications. Elsevier Inc. p. 257. Read More