Learning Outcomes

Network security can be defined as the set of practices and policies that are eventually adopted for the purpose of preventing as well as monitoring any type of unauthorized access, modification, denial or misuse of the computer network or network accessible resources (Laudon and Laudon 2016). The following report outlines a brief discussion on the case study of Comodo Certificate Authority Fraud Hack. There are several confidential data of the clients for the small business and hence the privacy should be ensured at any cost. This report will be researching on the Comodo Certificate Authority Fraud Hack for analysis of security risks and their respective solutions.

IT security or computer security can be defined as the significant protection of several computer systems either from damage or theft to the respective software, hardware and electronic data (See Appendix A). This even help in stopping from any type of misdirection or disruption of the services they are eventually providing. IT security involves the control of physical access to the system hardware and protection against harm or damage that are done through network access, code injection as well as malicious data. Any type of attack or problem in the IT security is termed as IT security problem (Bajdor and Grabara 2014). These types of attacks can either be accidental or intentional.

In the year of 2011, the infamous Comodo Certificate Authority Fraud Hack took place and all the IT organizations were concerned for the data security of their network. A contractor maintains the several networks of various business clients, who have received payments for services (Grimes, R. 2018). For the purpose of ensuring privacy and security of the confidential data or information, proper measures should be undertaken. The various attacks of the IT security could be extremely vulnerable and hence their data will be lost forever.

In the case study of Comodo Certificate Authority Fraud Hack, an Iranian hacker duped the certification authority to issue the digital certificates into either one or more unauthenticated parties (Demir and Krajewski 2013). This hacker moved some critics to call for both Microsoft and Mozilla for the purpose of removing Comodo as the most trusted rooted certification authority. He generated certificates for various popular sites like Google, Yahoo, Skype and Live.com.

In respect to this popular hacking case study, the various information system security risks that are dangerous for the organization and data of small business clients are given below:

1. i) Ransomware: The first and the foremost risk to the information system is ransomware (Klukas, Chen and Pape 2014). It is considered as the most vicious as well as vulnerable attacks whenever the devices or information are being locked and then held for ransom. Ransomware is extremely common attack for the hackers, who can accidentally download the malicious codes. The hackers spread various types of vulnerabilities through these malicious codes and then demanding certain amount of ransom. The most popular type of ransomware attack is the Wanna Cry Ransomware Attack in May 2017 (Castronova, Goodall and Ercan 2013). Millions of systems were affected by this attack.
2. ii) DDoS Attacks: DoS attack or denial of service attack is the second significant type of network vulnerability, where the perpetrator eventually seeks into the machine and network resource for making it completely unavailable for all the intended users either by temporarily disrupting or by making it indefinite in the Internet (Rhodes-Ousley 2013). In the distributed denial of service or DDoS attack, the respective incoming traffic floods the victim system and thus making it impossible for stopping the attacks.

Approaches to Computer Security

iii) Spyware: Computer spyware can be defined as the specific software, which aims for gathering information or data regarding any organization or person without taking permission for accessing the data from the authenticated user. There are eventually four types of spyware, which are adware, Trojans, tracking cookies and system monitors (Peltier 2013). This particular malicious software is mostly utilized to track as well as store the respective movements of the Internet users, by either serving up the pop up ads or by sending suspicious links.

1. iv) Eavesdropping: The next significant security risk to the information system or network of any organization is eavesdropping (Von Solms and Van Niekerk 2013). This particular threat solely refers to listening to the private communications or conversations without taking the consent from that user. It is considered as extremely unethical as well as illegal practice in cyber world. Any type of network is extremely vulnerable to this type of attack. The VoIP communication software is also dangerous to the electronic eavesdropping through several infections like Trojans (Jouini, Rabai and Aissa 2014). The organization can suffer through this type of attack, since the hackers can easily sneak into the network and access the confidential data.
2. v) Phishing: This is the type of fraudulent attempt for obtaining sensitive information like username, password or any other network security data. These are majorly for the various malicious reasons and are done by disguising as the most trustworthy entity within the electronic communication (Crossler et al. 2013). Phishing is carried out by simply email spoofing or even instant messaging and thus it directs the users in entering personal information at the fake website. Since, the contractor maintains the clients’ network, phishing could be one of the most dangerous attacks here and thus the confidentiality of the information should be maintained eventually.
3. vi) Data Breaching: The data breaching is the type of breaching that is either unintentional or intentional for exploiting the security of confidential data or information (Cherdantseva and Hilton 2013). The data leaking is one of the data breaching that often occurs while any type of financial data is involved. Since, the clients receive payments from the government for various services; there is a high chance that the transactional data is exploited.

vii) Threat to Digital Certificate: The Comodo Certificate Authority Fraud Hack was regarding this particular IT security attack. The digital certificate can be defined as the electronic passport, which enables the computers, persons or organizations for exchanging confidential information securely over the Internet connection with the help of PKI or public key infrastructure (Singh 2013). The other name of this public key infrastructure is the public key certificate. There is a major threat to the digital certificate and hence it should be protected with proper measures for this particular organizational data.

The proper analysis of the above mentioned risks after researching Comodo Certificate Authority Fraud Hack is done eventually (See Appendix B). These risks, however, could be easily mitigated or reduced with proper mitigation strategies (Feng, Wang and Li 2014). The proposed solutions for all the identified risks to the confidentiality of data or information are given below:

1. i) Solution forRansomware: The most effective solution for the IT security risk of ransomware attack is taking backups regularly. Backups are considered as the most important and significant requirements for any confidential data. This type of security measure helps to restore the sensitive data in an efficient manner by keeping a backup copy of data (Kolkowska and Dhillon 2013). Thus, even if there is any type of attack, the hacker does not get the chance to demand for ransom to the organization. Moreover, the backups should be validated on a periodical manner so that there exists absolutely no loophole for the security of the confidential data.
2. ii) Solution for DDoS Attacks: There is a respective mitigation technique for the DDoS attacks. This a specific tool that is utilized to resist or mitigate the overall impact of the distributed denial of service attacks over the networks that are being attached to Internet by means of protecting the relay networks or the target networks (Baskerville, Spagnoletti and Kim 2014). The IT engineer of the typical organization should utilize this technique for their network security, so that the network and data security of this organization is maintained substantially.

iii) Solution for Spyware: A proper antispyware technology should be implemented within the network of the organization by the IT engineer for securing the confidential information or data of the small clients. Several vendors are present, who are absolutely reluctant to use adware as the users’ consents often raise liability issues (Von Solms and Van Niekerk 2013). With the help of this antispyware technology, the organizational IT engineer can easily detect or prevent the computer spyware efficiently without much hassle or complexities. Moreover, the Trojans, adware and other types of spyware will also be stopped with this technology and hence it is termed as one of the most important and significant solution for the computer spyware.

1. iv) Solution for Eavesdropping: The significant solution for eavesdropping is by employing encryption within the network. This would ensure that the confidential data or network is authenticated by allowing only authorized users (Peltier 2013). The emails and voice traffics should be protected by the implementation of encryption technology. Thus, the unauthenticated data access is stopped.
2. v) Solution for Phishing: This particular IT security risk can be stopped by the implementation of VPN or virtual private networks. The access to the local LAN connection or remote web server can be stooped by this (Klukas, Chen and Pape 2014). There are few popular VPNs like Fortinet and SonicWall, which are both cost effective as well as good for the network.
3. vi) Solution for Data Breaching: Disk encryption is the most effective solution for data breaching. The systems are protected by this technique and hence the confidential data or information is protected eventually.

vii) Solution for Digital Certificate Threats: The trusted certificate authorities or CAs should be utilized in this type of threats and for this purpose the organization should remove all the previously existing CAs from their systems and add only the CAs that are obtained from the PKI (Demir and Krajewski 2013).

Types of Cryptography

Conclusion

Therefore, from the above discussion, conclusion can be drawn that the kind of network security even includes the authentication of data access within the network that is being controlled by the respective network administrator. The users can either choose any specific username or password for authenticating the information within the authority. Network security comprises of the combination of computer networks like private and public. Hence, the transactions as well as communications within the departments of any particular organization are extremely easier with this security. The above report has clearly mentioned about the detailed security risks with measures for the case study.

The organization can face several significant IT security risks like distributed denial of service attack, computer viruses, eavesdropping, phishing, spoofing, data breaching, spyware and many more. These above mentioned security risks are extremely vulnerable for the organizational network; however, these risks could be easily prevented with proper precautions. The following recommendations will be extremely effective for this organization.

1. i) Using Encryption on the Wireless Access Points: They can use encryption technology on the wireless access points and thus the WPA2 encryption can save the authenticity of their data. Moreover, with the help of wireless networks, the sensitive information could be easily gathered.
2. ii) Hiding Service Set Identifier: The next recommendation for this case study is to hide the SSD or service set identifier. Each and every wireless router comprises of the obscure IDs and thus the information could be easily protected.

iii) Changing Passwords Periodically: The third significant recommendation of the case study is that the passwords should be changed periodically. This particular measure is responsible for securing the confidential information to a great extent and thus overall security is enhanced.

References

Bajdor, P. and Grabara, I., 2014. The Role of Information System Flows in Fulfilling Customers’ Individual Orders. Journal of Studies in Social Sciences, 7(2).

Baskerville, R., Spagnoletti, P. and Kim, J., 2014. Incident-centered information security: Managing a strategic balance between prevention and response. Information & management, 51(1), pp.138-151.

Castronova, A.M., Goodall, J.L. and Ercan, M.B., 2013. Integrated modeling within a hydrologic information system: an OpenMI based approach. Environmental Modelling & Software, 39, pp.263-273.

Cherdantseva, Y. and Hilton, J., 2013, September. A reference model of information assurance & security. In 2013 International Conference on Availability, Reliability and Security (pp. 546-555). IEEE.

Crossler, R.E., Johnston, A.C., Lowry, P.B., Hu, Q., Warkentin, M. and Baskerville, R., 2013. Future directions for behavioral information security research. computers & security, 32, pp.90-101.

Demir, I. and Krajewski, W.F., 2013. Towards an integrated flood information system: centralized data access, analysis, and visualization. Environmental Modelling & Software, 50, pp.77-84.

Feng, N., Wang, H.J. and Li, M., 2014. A security risk analysis model for information systems: Causal relationships of risk factors and vulnerability propagation analysis. Information sciences, 256, pp.57-73.

Grimes, R. 2018. The real security issue behind the Comodo hack. [online] CSO Online. Available at: https://www.csoonline.com/article/2623707/hacking/the-real-security-issue-behind-the-comodo-hack.html  [Accessed 18 Aug. 2018].

Jouini, M., Rabai, L.B.A. and Aissa, A.B., 2014. Classification of security threats in information systems. Procedia Computer Science, 32, pp.489-496.

Klukas, C., Chen, D. and Pape, J.M., 2014. IAP: an open-source information system for high-throughput plant phenotyping. Plant physiology, pp.pp-113.

Kolkowska, E. and Dhillon, G., 2013. Organizational power and information security rule compliance. Computers & Security, 33, pp.3-11.

Laudon, K.C. and Laudon, J.P., 2016. Management information system. Pearson Education India.

Peltier, T.R., 2013. Information security fundamentals. CRC Press.

Rhodes-Ousley, M., 2013. Information security: the complete reference. McGraw Hill Education.

Singh, G., 2013. A study of encryption algorithms (RSA, DES, 3DES and AES) for information security. International Journal of Computer Applications, 67(19).

Von Solms, R. and Van Niekerk, J., 2013. From information security to cyber security. computers & security, 38, pp.97-102.