A2 - System Vulnerabilities Flashcards
A - Cyber Security Threats, System Vulnerabilities and Security Protection Methods
System Vulnerabilities
👉 A system vulnerability refers to a weak point in a system that has the potential for exploitation.
8 Examples of System Vulnerabilities
- Network vulnerabilities
- Organizational vulnerabilities
- Software vulnerabilities
- Operating system vulnerabilities
- Mobile device vulnerabilities
- Physical vulnerabilities
- Process vulnerabilities
- Cloud/IoT vulnerabilities
Network Vulnerabilities
👉 Network vulnerabilities are a major source of attacks on a business’s IT systems.
Firewall ports are an example of this.
👉 A network port is the endpoint of a network communication. There are thousands of different ports that are used for different applications.
For example, HTTP uses port 80 and IMAP uses port 143.
👉 All ports are potentially at risk of attack, with no port being naturally secure.
For example, it could be used as a way of spreading malware to the system, or potentially could be exploited to gain access to data on the system.
👉A firewall can be used to block unused ports to reduce the potential for being attacked via the ports. However, if poorly configured there may still be a large attack vector available through the network ports.
👉 Another source of network vulnerabilitiesare external storage devices. These devices can be used to bring malicious software into the organization from within the network, potentially quite unknowingly.
For example, an employee may use a USB stick on their home computer that is infected with malware. When they then bring that USB stick to work and connect it to their PC, this can infect other the work computer and potentially spread throughout the network.
Organizational Vulnerabilities
👉 The processes and policies of the organization can also be a serious source of vulnerability.
For example, the file permissions and privileges assigned to employees could leave them wide open to a number of threats.
👉 File permissions and privileges are used to assign staff with the rights to access certain drives, folders & files, as well as giving them access to different functions (e.g. the ability to install software).
👉If an organization gave a member of staff total permissions and privileges to the whole system, then anyone with access to that employee’s login (including the employee themselves) could cause huge damage to the organization. This damage might be quite accidental, such as accidentally deleting important data, or malicious. This is why an organization should only assign the permission & privileges each staff member requires to perform their work.
👉 Another example of an organizational vulnerability is the password policy. This refers to a set of rules that are used to ensure that secure passwords are employed by a system’s users.
👉 If an organisation fails to enforce these rules then employees may use simple passwords which will extremely easy to hack in order to gain unauthorised access.
Software Vulnerabilities
👉 Software installed onto the system can cause vulnerabilities. Although most software is relatively harmless, there may be bugs that can be exploited, or, specific software can be designed for the purpose of exploitation.
👉 Software from untrustworthy sources, including downloaded software which often comes from websites that may not be trustworthy, is a particular example of this vulnerability. The software you download may include malware, such as a virus or ransomware, that will infect your system and spread throughout your network.
👉 Illegal copies of software can have similar threats as that copy may be infected with malware. Additionally, illegal copies of software will not be easily updatable. This means your software will miss out on important security patches that will leave your system vulnerable.
👉 Even legitimate software can be vulnerable to certain threats, such as SQL injection and zero-day exploits.
SQL injection is a software vulnerability where users enter an SQL statement into an input field which is then run against the database. This can be used to delete or extract data from the database.
Zero-day vulnerabilities are a flaw in a software program that, unknown to the developers, opens the IT system to cybersecurity threats. This will be patched by the developers once discovered, but until that point, your system will be very vulnerable.
Operating System Vulnerabilities
👉 An operating system is a piece of core, essential software installed on devices, and used to run other programs and applications. An operating system can, however, have vulnerabilities that can make them eligible for attacks, such as by malware.
👉 These vulnerabilities are usually caused by a mixture of flaws in the operating system code and poor maintenance by the organisation using the operating system.
For example, some organisations will continue to use an older operating system, well after it is no longer being supported by the developer. This means there will be no more security patches from developers to correct any vulnerabilities that arise.
👉However, even if using a modern supported operating system, it will still be vulnerable if the organisation does not regularly update it. These operating system updates often include essential security patches, and so if left un-updated, your operating system will be very easy to attack.
Mobile Device Vulnerabilities
👉Mobile devices have become increasingly common, not just for personal use, but for use in business. These mobile devices provide users with on-the-go computer access and great ease-of-use. However, they do bring some security concerns with them.
👉The largest vulnerability, however, comes not from factors in control of the company using the system, rather the original manufacturer who created the product. The system software on these devices may contain vulnerabilities. However, we will often be reliant on the original equipment manufacturer (OEM) to update that system software.
👉This process can hold back these updates being distributed to some devices quite significantly, which could mean you will go for weeks, or even months, before receiving important security patches. A manufacturer may even stop supporting a mobile device and so will no longer support system updates, leaving your device permanently vulnerable.
Physical Vulnerabilities
👉 Not all threats to an IT system come as result of some clever programmer writing a malware program or hacking a network. Some vulnerabilities are much more mundane and come from the external sources to the IT system. The most obvious example of this, is the theft of equipment.
👉 Laptops, mobile devices & portable storage devices are particularly vulnerable to this, as they are regularly taken out of an office and by there nature are easily movable. If these devices are stolen then the data they contain could easily be compromised and misused.
👉Another vulnerability is from USB storage devices, as mentioned, are vulnerable to theft. These may contain sensitive information which could lead to serious harm for the business, including potential fines, compensation & reputation damage.
👉 However, USB storage devices also introduce another threat, that of potentially introducing viruses to a system when using one to transfer files from one device to another.
👉 A final physical vulnerability is that of social engineering methods. It is a vulnerability as it is often the source of other attacks. Techniques such as phishing emails can be used to gain passwords and other information. This can then be used by the attacker to gain unauthorised access to a system where they could potentially steal data or install malware on the system.
Process Vulnerabilities
👉 How people use a system is often just as important as the system’s security itself, something that is especially prevalent with a factor such as social engineering.
👉A big vulnerability to our IT systems is through data leaks. This can be by social engineering, such as phishing emails, but can also occur through many other means, like malware & SQL injection.
👉These data leaks are a threat to an organisation, but are also a vulnerability, as this data that is leaked can be done to launch attacks, especially hacking attacks, on an organisation.
👉Sharing security details is another process vulnerability. This refers to an individual or individuals sharing security information, such as their logins, with others who may not necessarily be entrusted to handle this data. Sharing security details is not an overly exploited system vulnerability, as the culprit is easy to identify and is normally done without malicious intent, however it’s still a factor which must be accounted for when designing a system.
Cloud/IOT Vulnerabilities
👉 Many organisations and individuals are now making heavy use of cloud computing as well as “Internet of Things” devices. These offer great convenience but do also create some vulnerabilities.
👉 Cloud computing’s vulnerabilities come from its connection to the internet. As our files stored using cloud computing will always be available over the internet, this leads to the possibility of our accounts being hacked. This can then be used to modify, delete or steal data, or even infect our system with malware.
👉 This is particularly an issue for an organisation as they will have little or no control over the security practices followed by the cloud computing provider they are using.
👉“The Internet of Things” is the interconnectivity of non-standard computing devices so they can gather and share data to create an action.
A good example of an IoT device is HIVE by British Gas. This allows you to network your home and create a ‘smart home’ to specifically control your central heating.
👉 However, these devices, being networked and even connected to the internet, can be vulnerable to external threats. Many of these devices are developed without security in mind which makes them susceptible to things like viruses.
A particular example of this is with Denial of Service attacks, where IoT devices are being targeted with Botnet malware that will turn them into attack points for the Denial of Service attack on a server.
