Management of Information Security through Social Media

  1. Home
  2. AllAssignmentHelp Samples
  3. Computer Network Security
  4. Management of Information Security through Social Media
579 58 13 3324

Requirement

This assignment assesses your understanding in relation to the following three course objectives:
1. analyse information security vulnerabilities and threats and determine appropriate controlsthat can be applied to mitigate the potential risks
2. explain why continual improvement is necessary to maintain reasonably secure information systems and IT infrastructure and to describe the role of disaster recovery and business continuity plans in recovering information and operational systems when systems and hardware fail
4. demonstrate an ability to communicate effectively both written and orally about the management of information security in organisations.

Solution

Executive Summary

The social media site of PeopleSharz has been attacked by some unknown internal or external entities and numerous user passwords have been shared externally. The purpose of this document is to analyze the problem or the incident that took place and identify the key issues that might have led to the company’s web server and customer information being compromised.
The scope of the activity was to assess the internal and external threat exposure and recommend solutions. The interview of the company employee, along with the key employees of the host provider was required. Moreover, testing the issues of current system was also under consideration. 
There are numerous possible problems that have been identified in this case. Some of them are weak security problems, insider threat, injection flaws, broken authentication, improper encryption and others.
There are some recommendations that have been given regarding these issues. Some of them are using protection against injection flaws, using framework for authentication issues, proper security configuration, hiding sensitive data under HTTPS or encrypted storage, restricting use of vulnerable components, employee education and awareness program, restriction to use removable media, use privilege management, and incident management.

Allassignmenthelp.com is widely regarded as the most effective academic resource for students. On our website, you can find the best computer programming assignment help. Our expert team can provide you with high-quality networking assignment help while meeting your deadline. If you also want computer network assignment help at a cheaper rate then reach us today and place your order.

Background and Problem Analysis

The site of PeopleSharz (PS) has been hacked by some unknown external unethical entity or individual. PS is a social media site for the masses and is expecting an appreciable growth in the user base in the years to come. The hacking incident that just took place might dent image of the company and few people might prefer to tread towards this site. 
The news on April 21st came as shocking to the company that the passwords of the site users have been dumped to the Pastebin. The company, after confirming the news, has consulted the HackStop Consulting for solution to this issue. 

There are various possibilities that can be identified as the issues that might have led to the company’s web server and customer information being compromised. Some of the likely issues related to this case are mentioned below:

  • Malicious Code: The hackers could have used the malicious code that were not identified by the HotHost1’s server and impacted the stored information (Corona et al, 2014).

  • Backdoors in Computer Network: There can be the possibility that the hackers found a loophole in the network that they can misuse to get into the system.

  • Trojan horses on employees’ computer: The hackers might have planted Trojans into the computers of employees who are working with the company. This might have led them to get access to the administrators account. The Trojan horses are represented as something that is harmless. This is mostly done through the phishing mails (Bhasin et al, 2013). In such scenarios, when the user clicks on the file to download, the virus installs itself automatically before the user can do anything. 

  • Insider Threat: It might be possible that one or two of the employees within the company shared the key information to the external individuals. This could be possible sighting the enough competition in the social media space. The employee might have been lured by some handsome amount of money to dilute the reputation of the company. 

  • Weak Security Software: The use of any security software is not always suitable and the same could be the case with this company. It might have been possible that the company or the hosting provider is using the security software that is not strong enough to detect all kinds of external intrusion. This might have allowed the hackers to bypass the security and get access to the user passwords. The easiest route that could have been taken is through sneaking a malicious code on the website and scanning it for possible security holes (Sagstetter et al, 2013). The presence of any kind of holes will lead the virus to automatically download on to the server without requiring anything from the administrator or users’ end. 

These are the possible issues for the occurrence of such incident. The sections ahead analyses the threat looming around the company’s website.

Threat Analysis

This section is concerned with clearly identifying and describing the appropriate web server vulnerabilities and poor security practices that could have led to this situation. Moreover, the area to be investigated and tested will be identified in this section. Along with that, the process of investigation and testing will be explained here in brief. There are some potential issues that need to be found which has been mentioned in this section also.
The investigation process for the situation will be considering various aspects of the organization. The external and internal aspects will be equally assessed. The external aspect constitutes the hackers, and the internal aspect constitutes the employees. Mentioned below is the process that has been undertaken for the threat analysis of the situation:

Scope

The scope of the threat analysis is to investigate the individuals who are involved in handling the security aspects of the company’s website. Moreover, the individuals from the HotHost1 will also be interviewed concerning the situation. The purpose would be to understand the internal loopholes that might have given way to the external threat. Moreover, a test would be run on the software that is installed within the company’s network and those that are installed on the server. A thorough study of the system and the people is likely to give some path to act. 

Data Collection

The data collection based on the interview and system assessment will be collected and analyzed. The purpose would be to understand that whether all the components meet the defined security standards. There could have been the possibility that the employees rarely followed the right security protocols. Therefore, it is important that for the compliance purpose, these are clearly identified. The detailed information on all the aspects will help the consulting firm to understand that whether there was only security check-boxing attitude or some actions were also taken regularly towards the security. 
The initial step in the data collection will be to collect the thorough information related to the incident. The possible IP addresses will be assessed and the route that was followed to result this incident. An analyst would be deputed to the duty with unrestricted access to the entire activities, system, and individual. The effective access to the data can be only possible way out from the situation. Some of the areas that will be assessed for the threats are system logs, firewall logs, honeypots, and others. A digital forensic analysis will be undertaken for the same. 
The collection of corporate policies and methods are also necessary to understand where the company is heading to and its orientation towards the security measures. This will help in understanding the compliance level too.

Vulnerability Analysis

The level of current exposure will be determined through the data collected above. It will help in understanding that whether the current implemented defenses are strong at a good level to fight the threats. The areas of testing are availability, confidentiality, and integrity of the implemented defenses (Kim and Kim, 2013). Moreover, the consultant would require testing the system which might give it access to the classified documents and passwords. At these points, the support of the company is expected. 

Mitigation and Anticipation

The mitigation plan is suggested at this stage.

Mentioned below are some of the web server vulnerabilities and poor security practices that might have led to this situation:

  • Injection flaws: Passing the unfiltered data to SQL can lead to such incident. In this condition, there is the possibility that the hacker inject some malicious code that is not filtered in the later stage. 

  • Broken Authentication: The presence of session id in the URL, poorly encrypted passwords, predictable session ids, possibility of session fixation, and hijacking are some of the possibilities (Nagpal and Nagpal, 2014). 

  • Cross Site Scripting: It is almost equal to developing a link and luring the users to click it. The difference is that in this, the hackers provide JavaScript tags to the web application whose execution in the later stage gives the access to the hacker.

  • Insecure Direct Object References: The presence of no authentication code might lead to such situation. In this the direct links are provided to download something with no authentication code. This allows the hacker to get unrestricted access to the file system.

  • Security Misconfiguration: The security configurations such as using the application when the debug is enabled directory listing on the server, running services that are not required, and never changing the passwords for longer period.

  • Sensitive data exposure: The lack of encryption of sensitive data can be one of the reasons. The secure information such as user passwords should not be travelling in the unencrypted internet space (Bhanu and Divya, 2016). 

  • Using Components with known Vulnerabilities: Despite knowing that a particular system is vulnerable, if the company is still using the same, then it can be used by external or internal unethical parties.

  • Un-Validated Redirects and Forwards: The automated redirects might contain the link to the malicious sites. 

  • Outdated Technology Use: the use of technology that is outdated can lead to unsolicited attack.

  • Poor controls over system: If the company along with the hosting provider has not complete control over the system, then it can allow way to external influence. 

  • Network Policy to trust every device: If the company has enabled the system to accept any external device request then it can be one of the various reasons for the hacking. 

These are some of the web server vulnerabilities and poor security practices that could be the reason for the current incident in the company. 

Dependencies and Critical Success Factors
There are certain critical success factors if the current issue needs to be resolved. However, there are various dependencies in the same which needs due consideration also. Mentioned below are the factors that are of importance in this case:
Employee Identification
Identification and solicitation of the employees who are working with the company and the hosting services company is important for the effective investigation. The employees who are directly related to the security of the server or company system are required to be called for assessment and interview.
Unrestricted Access
The analyst needs to have unrestricted access to all the information that can help in making an informed decision. The access can be provided to the analyst through open support from the management of both the company. It will support the analyst in completing the analysis process seamlessly and within the shortest time possible. 
Cyber Security Program
The development of the enterprise range security program is imperative in such scenario which will require some change management. The change management is important as the resistance from the individuals working within the company can be expected (Grossman and Roy, 2016).
Cyber Security Policy
There is a need of document procedures and processes that should be followed within the company for the security purpose. Therefore, the development of the security policy is another success factor.
Project Plan Development
It is required that the problem identification, problem analysis, and solution should be done in a planned manner. This requires the development of a project plan for the company. The project plan for the security measures will be based on the agile methodology. Agile methodology considers sprint activities that are each of the security measure implementation will take place in phased manner. 
Documentation 
The documentation of the whole incident is necessary to ensure that the similar incident does not take place in the future. The documentation will provide the company with a written record of the incidents that took place and the measures that were taken for the same. 
Cyber Security Framework
A cyber security framework is required to be built that will ensure that all the intrusions or incidents are identified as early as possible. This will ensure minimum damage to the company’s data and reputation (Choo, 2014). The framework will be developed by the consultancy in coordination with the company management and the hosting provider.
These are some of the dependencies and critical success factors. The major part is the stakeholders who are involved in the incident. There are various individuals such as the developers, the IT head, the security head, and the individuals from IT department of the hosting company whom need to be contacted by the analyst for probe. These are the possible resources from where the analyst can get suitable information. Moreover, observing the system usage habits of the employees can also be the important aspect in understanding the security loopholes.

Recommendations for Improvements

There are some steps company can take to make improvements and ensure that such incident never take place in the coming days. Mentioned below are some of the recommendations that have been made for the company:
Protection against Injection Flaws
The proper filtering of the input and identifying and using only the trusting input is the way out. The important aspect in it is that all the input must be filtered effectively and properly to use. The input whose trust factor is high should only be allowed unrestricted access. If the company is getting 500 inputs then filtering 499 is not the solution. The last one remaining can cause the issue the company never anticipated. Therefore, effective filtering of the entire inputs is mandatory for efficient security.
Framework for Authentication issue
The web security challenge can be handled by the use of framework. The implementation of the framework is more effective. However, if the company is not prepared to develop its own framework then it has to learn all the possible pitfalls that are associated with the current code.
Proper Security Configuration
The system installation procedures should be well defined and must go through rigorous testing processes. Moreover, the build and deploy procedure should be good and it should be able to run tests at each deployment. The security modules should be there which can prevent system to release passwords in open.
Hiding Sensitive Data
The sensitive information can be hidden using the web-encryption. If the data is in transit, then the use of HTTPS is suggested to ensure the security. The company must stop accepting anything that is on the non-HTTPS connections. If the data is in storage, then the first aspect is reducing the exposure of the data. The data that are not required must be completely removed from the server (Zhang et al, 2013).  The encrypted form of stored data is less vulnerable to external threat. 
Restricting use of Vulnerable Components
The components that are vulnerable to the security threats must never be entertained at any cost. The use of vulnerable components for even a while may pose threat that can be unprecedented, specifically in the case of this company. 
Employee Education and Awareness
The policies should be there that can help the system users learn the security aspects in a through manner. The users of the employees of the company should be aware about the methods that can help reduce the vulnerability to the system security.
Removable Media Controls
There should be policy that can prevent the employees from using the removable media in open. The types of media that can be used with the system should be limited. The entire access to the use of external media must be restricted. Moreover, the media that are necessary to be used should be tested for the possible malware prior to transferring the data. 
Managing User Privileges
The user access should be managed and not everyone should be given access to everything. The access of information to all the employees within the organization might give some insider threat access to the information that can make the entire system vulnerable. The access to audit logs should be restricted.
Incident Management
The company should manage proper documentation. The documentation should have incident response and disaster recovery plan. The presence of such plans will help the company in getting out quickly of the incidents that happens in the future and they don’t have to continuously look for consultants every time the system fails.
Monitoring
There should be a monitoring strategy within the organization which can monitor all the activities of the employees. The policies should also be there that supports such activities. The logs should be regularly analyzed which can give indication on the future possibility of the attack.
Malware Protection
Proper anti-malware system should be in place that can prevent malware from entering into the system. There should be policies and documentation in place that can help the users in understanding the nature and types of mails and sites that can contract malware (Rajab et al, 2013).
Network Security
The network should be protected against the external threats and internal threats also. The perimeter of the network should be analyzed and security measure should be kept in place. Moreover, the test controls should be there in place.
These are some of the recommended actions, PeopleSharz can utilize to ensure that the system stay secured for longer period.

 

Place Order For A Top Grade Assignment Now

We have some amazing discount offers running for the students

Place Your Order
 

References

  • Bhanu, K. S., & Divya, K. V. (2016). Leakage Detection in Sensitive Data Exposure with Privacy Preservation: A Survey. International Journal for Innovative Research in Science and Technology, 2(11), 161-163.

  • Bhasin, S., Danger, J. L., Guilley, S., Ngo, X. T., & Sauvage, L. (2013, August). Hardware Trojan horses in cryptographic IP cores. In Fault Diagnosis and Tolerance in Cryptography (FDTC), 2013 Workshop on (pp. 15-29). IEEE.

  • Choo, K. K. R. (2014). A conceptual interdisciplinary plug-and-play cyber security framework. In ICTs and the Millennium Development Goals (pp. 81-99). Springer US.

  • Corona, I., Maiorca, D., Ariu, D., & Giacinto, G. (2014, November). Lux0r: Detection of malicious pdf-embedded javascript code through discriminant analysis of api references. In Proceedings of the 2014 Workshop on Artificial Intelligent and Security Workshop (pp. 47-57). ACM.

  • Grossman, S. A., & Roy, P. (2016). Learn the 5 keys to boosting effectiveness of your cybersecurity program. Campus Legal Advisor, 16(8), 1-6.

  • Kim, S. J., & Kim, B. H. (2013). Vulnerability Analysis for Privacy Protection in Secure-NFC service. International Journal of Advancements in Computing Technology, 5(13), 257.

  • Nagpal, N. B., & Nagpal, B. (2014). Preventive measures for securing web applications using broken authentication and session management attacks: A study. In International Conference on Advances in Computer Engineering and Applications (ICACEA) (Vol. 2014).

  • Rajab, M. A., Ballard, L., Lutz, N., Mavrommatis, P., & Provos, N. (2013, February). CAMP: Content-Agnostic Malware Protection. In NDSS.

  • Sagstetter, F., Lukasiewycz, M., Steinhorst, S., Wolf, M., Bouard, A., Harris, W. R., ... & Chakraborty, S. (2013, March). Security challenges in automotive hardware/software architecture design. In Proceedings of the Conference on Design, Automation and Test in Europe (pp. 458-463). EDA Consortium.

  • Zhang, X., Liu, C., Nepal, S., Pandey, S., & Chen, J. (2013). A privacy leakage upper bound constraint-based approach for cost-effective privacy preserving of intermediate data sets in cloud. IEEE Transactions on Parallel and Distributed Systems, 24(6), 1192-1202.

AllAssignmentHelp Logo

Give your grades a boost

Just share your requirements and get customized solutions on time.

  • 1,168,768 Orders
  • 4.9/5 Overall Rating
  • 5,052 Experts
Citation Generator

Best Online Citation Generator Tool

Eliminate writing errors with AllAssignmentHelp

Try Now

Grammar Checker

Instant Grammar Checker

Check Spell & Sentence Correction with AllAssignmentHelp

Try Now

Plagiarism Checker

Plagiarism Detection

Check Your writing for plagiarism and correct grammar.

Try Now

Word Counter

Word Counter

Stay within the word limits of your homework

Try Now

Get Quality Assignment Without Paying Upfront

Hire World's #1 Assignment Help Company

Place Your Order