Main Menu

My Account
Online Free Samples
   Free sample   Cyber security assignment threats and vulnerabilities identification of jbs foods

Cyber Security Assignment: Threats & Vulnerabilities Identification Of JBS Foods

Question

Task: Write a detailed report on cyber security assignment to identify threats/vulnerabilities for a business case scenario.

Answer

Executive Summary
Immediately after the attack on JBS Foods, Peters Excellent Packers (PEP) has ordered a threat modelling analysis. To discover possible security threats and hazards, threat analysis is used in this cyber security assignment. The seriousness of various threats is determined by assigning them a rating and a ranking. In order to promptly repair any vulnerabilities, mitigating measures must be put into place. In order to effectively monitor and manage the risks connected with their applications and infrastructures, enterprises might use threat modelling to do so. All firms should implement a technique of analysing potential threats to their assets. The associated threat modelling analysis aims for senior management identifies and effectively manages threats.

Introduction
By mirroring JBS Foods' cyberattack, PEP is attempting to protect its own system. Security experts have been brought in to identify all of the hazards and vulnerabilities associated with the assault. Data flow diagrams and context diagrams are used to depict all of these operations. All of the attack's vulnerabilities and dangers are documented in this document. Using STRIDE approach, they are then identified and categorized. Thereafter they’re compiled using the risk register provided by Stallings & Brown, 2018 and matched against controls. Thereafter, the report provides a possible list of threat controls for each threat and a threat mitigation scheme as well.

DFD
Visual representations of a process are depicted in a Data Flow diagram. In this diagram, you can see how the data will flow from one location to another. In a quick glimpse, it provides a picture of the current information flow. This picture makes it much easier for managers to see and understand how data flows across an organisation. Implementing and managing a process or system becomes much easier (Aikat et al., 2017). In order to get the most out of the process or system, comprehensive data flow diagrams are necessary. As soon as there is an issue with the flow, the corrective measures may be done. In the proposed article, the PEP system Threat Model presents two data flow diagrams. Both the system content graph as well as the Level 0 DFD are depicted in Figures below.

Context-Diagram-in-cyber-security-assignment

Figure 1 - Context Diagram

Level-O-DFD-in-cyber-security-assignment

Figure 2 - Level-O DFD

Discovery of threats
Businesses are increasingly reliant on the internet to sustain their activities as technology advances. Businesses face a wide range of dangers, including cyberattacks and natural disasters. A corporation must be familiar with the various dangers it faces. Using the STRIDE framework of threat discovery and categorization, the following list of threats are applicable and relevant to the organization.

  • Distributed Denial of Service (DSoS) - A flood of network nodes might cause Distributed Denial of Service (DSoS). So as too many requests are poured onto the server, it slows down and is unable to perform to the level it should and thereby either malfunctions, times out or shuts down completely (Humayun et al., 2020).
  • Man in Middle Attack - To put it another way, a ‘man’ acts as an intermediary between the 2 parties throughout the transaction, which gives him access to secret information. Using the information gained, he then sabotages, interrupts, disrupts or steals the information.
  • Malware - An example of malware is wannacry, which is malicious software that may infect a computer and encrypt its files. A system must therefore be effectively protected against any cyber-attacks (Stallings & Brown, 2018). In this case, a malware attachment is given to the users, and opening it would result in unpleasant repercussions.
  • SQL Injection - If the DB is unprotected and there’s no input validation and security scehemes present, then an attacker can inject certain queries and that same unauthorised individual can edit the enquiry to discover the sensitive data contained inside (Liu et al., 2017).
  • Phishing - Users' personal information is commonly stolen via phishing attacks, which are the most prevalent sort of cybercrime. To earn the trust of the users, the hacker assumes the persona of a reliable source. Once this is done, he or she can carry out sabotage, information warfare, steal information or disrupt services.
  • Password attack - An assault on the accounts' passwords is known as a "password cracking” operation or brute force attacks. In order to decode passwords, the attackers deceive the victims into disclosing their own personal information (Mustacoglu et al., 2020).
  • Identity Theft - It is becoming more and more frequent for identity theft to be linked to another well-known cyber hazard described as identity fraud. Personally identifiable information about an individual is obtained and used in an objectionable manner in this case (Sangster, 2020).
  • Poor Data Governance - Most nations have taken stringent cybersecurity measures, however there are still governments that are unaware of the consequences of inadequate security measures. Several people are taking advantage of inconsistencies in cybersecurity legislation.
  • Incorrect Configuration – Incorrect configuration reveals various vulnerabilities within the information system making it easier for an attacker to get in and expose the loopholes.
  • Insider attack – Insider attacks are carried out by disgruntled ex or current employees by way of sabotaging the systems or stealing valuable information.

STRIDE Categorizations

STRIDE-Categorizations-in-cyber-security-assignment

Password Attacks

Spoofing

Phishing attacks

 

 

Tampering

 

Man in the middle (MitM) attack

Incorrect configuration

Session hijacking

Malware                      

Repudiation

SQL Injection

Information Disclosure

 

IP Spoofing

Ransomware

Denial of Service

Spyware

Elevation of Privilege

 

Insider attack

Discussion of APP and GDPR
The GDPR uses the term "personal data," meanwhile the Privacy Act uses the words "personal information.". The term "personal data" refers to the data that could be used to identify individuals, among each law's interpretation. As a reason, various people interpret this phrase in somewhat distinct manners (Tweneboah-Koduah et al., 2017).

APPs are
Underneath the Privacy Act, only such "APP Entities" are subject to its jurisdiction (and thus the APPs). APP Entities are:

  • Based in Australia
  • Revenue in excess of $3 million Australian dollars.
  • APPs apply to small enterprises in Australia that engage in private information, provide health services, or have chosen to be obliged by the APPs.

GDPR: GDPR is applicable to any individual or group or entity in the world, that provides products and services to EU based citizens (whether compensated for or free); or Monitors the actions of EU residents (especially via web-based personalized advertisements)

PEP as well as JBS are covered by APP whilst EU’s GDPR has no effect on them.

Risk Register

Asset

Existing Controls

Threat / Vulnerability

Consequence (1 – 5)

Likelihood (1 – 5)

Risk Priority

Level of Risk

Front-facing Servers

Front-facing Websites

No Protection

DdoS

4

5

High

20

Customer Database

IP Database

2

Man in the middle (MitM) attack

3

2

 

Low

Hardware Assets

Information Assets

5

Malware         

5

5

 

Extreme

Information Assets

Basic SQL validation

SQL Injections

4

5

Extreme

25

Email / Exchange Customers & Clientele DB

Basic Security Protocols

Phishing and spear-phishing attacks

3

5

High

15

Networking /

Information Assets

Basic Password Policy

Password Attacks

5

2

Medium

10

Customer DB

None

Identity Theft

2

4

Low

8

Internal and Front-facing Servers

None

Misconfigured Security Applications

4

3

Medium

12

Intellectual Property

Customer & Vendor DB

Hardware Systems

None

Insider Attack

5

3

High

15

 

Threats and controls

Threats

Recommended Controls

DdoS

·         IPS/IDS

·         CDN Servers

·         Hardening of Web Servers

Man in the Middle

·         PCIDSS and APP Compliance

·         Stronger encryption using 256-bit AES or equivalent

·         VPN & IPSec

Malware

·         Malwares can be countered with Anti-virus and Anti-Malware solutions

·         Firewall and blocking of known IP’s are also a must.

·         Whitelisting executables from known and trusted vendors

SQL Injections

·         Encryption of web connected database is a must

·         Web application firewall (WAF)

·         SQLi Best Practices

·         Web-forms protection

Phishing attacks

·         Security e-mail scanning must be enabled

·         Browsers must be executed in sandboxed environment

·         Employee training and education

·         Routine vulnerability scanning

Password Attacks

·         Dual Factor Authentication

·         Strict Password based policy

·         Storing of passwords in encrypted databases

Identity Theft

·         Employee education

·         Frequently changing passwords

·         Closing accounts of terminated employees

·         Blacklisting the IP address of known intruders

Misconfigured Security Applications

·         Routine software updates and patching

·         Regularly scanning and auditing the ICT environment

·         Encrypting data at-rest

·         Hardening of information and hardware systems

Insider Attack

·         Dual factor authentication

·         Closing accounts of terminated employees

·         Physical security perimeters and geo-fencing systems

·         Confidential Ips and information assets must be behind a password

·         User Privileges must be defined

 

Figure 3 - Threats & their Controls
Mitigation scheme

Threat 1– Denial-of-Service (DoS) attacks against application server slows them considerably, inflicting considerable harm to the company's facilities and services.

Level of Risk: 20

Likelihood: 5 and Consequences rating: 4

Explanation: 5 x 4 = 20 and thus it is classified as a High risk.

Explanation: The likelihood of this risk occurring is about 5 and if the risk is actually realized, then the consequence is rated at 20. The high likelihood is due to this being a common occurrence and high impact is due to the fact that it is very impactful.

Improvement & Recommendation

Standard Mitigation:

·         Server essential security practises should be adhered to

·         VPS-based platforms that are fast and efficient

Specific Mitigations:

·         IPS/IDS

·         CDN Servers

·         Hardening of Web Servers

Techniques - Mitigate & Transfer Risk

High

 

Threat 2 – Man in Middle type Attacks: To put it another way, Man acts as an intermediary between the 2 parties throughout the transaction, which gives him access to secret information.

Risk Level : 6

Likelihood: 3 and Consequence: 2

Explanation: 3 x 2 = 6 is the level of Risk. Therefore this is classified as a medium risk.

Explanation: The likelihood of this risk occurring is about 3 and if the risk is actually realized, then the consequence is rated at  2. The medium likelihood is due to this not being very common.

Improvement & Recommendation

Standard Mitigation:

·         Security measures should have been configured on the servers and systems.

·         Employee training program is a must

Specific Mitigation

·         PCIDSS and APP Compliance

·         Stronger encryption using 256-bit AES or equivalent

·         VPN & IPSec

Techniques - Avoid Risk

Low

 

Threat 3 – Malware Attack: An example of malware is WannaCry, which is malicious software that may infect a computer and encrypt its files. A system must therefore be effectively protected against any cyber-attacks (Stallings & Brown, 2018). In this case, a malware attachment is given to the users, and opening it would result in unpleasant repercussions.

Risk Level: 25

Likelihood: 5 and Consequences rating: 5

Explanation: 5 x 5 = 25 is the level of Risk. Therefore this is classified as an Extreme risk.

Explanation: The likelihood of this risk occurring is about 5 and if the risk is actually realized, then the consequence is rated at  5. The high likelihood is due to this being a very common attack and the resulting damage from malware is very high.

Improvement & Recommendation:

 

Standard mitigation procedures:

·         Each desktop and mobile based devices must have a security system present.

·         Security measures should have been configured on the servers and systems.

·         Employee training program is a must

 

Specific Recommendations:

·         Malwares can be countered with Anti-virus and Anti-Malware solutions

·         Firewall and blocking of known IP’s are also a must.

·         Whitelisting executables from known and trusted vendors

Techniques - Avoid Risk

Extreme

 

Threat 4 – If the DB is unprotected and there’s no input validation and security scehemes present, then an attacker can inject certain queries and that same unauthorised individual can edit the enquiry to discover the sensitive data contained inside (Telang, 2015).

Threat 4 – If the DB is unprotected and there’s no input validation and security scehemes present, then an attacker can inject certain queries and that same unauthorised individual can edit the enquiry to discover the sensitive data contained inside (Telang, 2015).

Level of Risk: 20

Likelihood: 4 and Consequence: 5

Explanation: 4 x 5 = 20 and thus it is classified as an Extreme risk.

Explanation: The likelihood of this risk occurring is about 4 and if the risk is actually realized, then the consequence is rated at  5. The high likelihood is due to this being common and high impact is because it attacks DBs

Improvement & Recommendation:

Standard mitigation procedures:

·         The company should follow good Database security practices

·         Good security schemes on Web-based forms

·         System hardening procedures must be put in place.

·         Employee training program.

 

Specific Recommendations:

·         Web application firewall (WAF)

·         Database connected to Web is a must

·         Web-forms protection

·         SQLi Best Practices

Techniques - Mitigate Risk

Extreme

 

Threat 5 – Users' personal information is commonly stolen via phishing attacks, which are the most prevalent sort of cybercrime. To earn the trust of the users, the hacker assumes the persona of a reliable source.

Level of Risk: 15

Likelihood: 5 and Consequences rating: 3

Explanation: 5 x 3 = 15. Thus it is classified as a High risk.

Explanation: The likelihood of this risk occurring is about 5 and if the risk is actually realized, then the consequence is rated at  3. The high likelihood is because it keeps happening at an alarmin rate.

Improvement & Recommendation:

 

Standard mitigation procedures:

·         Security measures should have been configured on the servers and systems.

·         Employee training program is a must

·         Information audit for security purposes is a must and must be done regularly.

Specific Recommendations:

·         Security e-mail scanning must be enabled

·         Browsers must be executed in sandboxed environment

·         Employee training and education

·         Routine vulnerability scanning

Techniques - Avoid Risk

High

 

Threat 6 – Password Attack: An assault on the accounts' passwords is known as a "password cracking” operation or brute force attacks. In order to decode passwords, the attackers deceive the victims into disclosing their own personal information (Rizov, 2018).

Level of Risk: 15

Likelihood: 3 and Consequences rating: 5

Explanation: 3 x 5 = 15  and thus it is classified as a High risk.

Explanation: The likelihood of this risk occurring is about 3 and if the risk is actually realized, then the consequence is rated at 5 . The likelihood is medium due to it being somewhat common but if the threat is realized then it is very impactful

Improvement & Recommendation:

 

Standard mitigation procedures:

·         Security measures should have been configured on the servers and systems.

·         Employee training program is a must

·         Security guidelines and security policy must be revaluated at predefined intervals

·         User-defined priveleges must be reviewed on a regular basis

 

Specific Recommendations:

·         Dual Factor Authentication

·         Strict Password based policy

·         Storing of passwords in encrypted databases

·         The use of captcha protection techniques on web servers whilsts also using captchas for private internal logins

Techniques - Avoid Risk

MEDIUM

 

Threat 7 – Identity Theft: It is becoming more and more frequent for identity theft to be linked to another well-known cyber hazard described as identity fraud. Personally identifiable information about an individual is obtained and used in an objectionable manner in this case.

Level of Risk: 8

Likelihood : 4 and Consequence: 2

Explanation: 4 x 2 = 8 Thus it is classified as low risk.

Explanation: A small probability of being spoofing exists, but the organization's losses would be minimal if other safeguards were in place. Because of this, it has been rated 4 in probability and 2 in consequences.

Improvement & Recommendation:

 

Standard mitigation procedures:

·         Security measures should have been configured on the servers and systems.

·         Employee training program is a must.

·         Hardening of systems and security must be done.

 

Specific Recommendations:

·         Employee education

·         Frequently changing passwords

·         Closing accounts of terminated employees

·         Blacklisting the IP address of known intruders

Techniques

Accept Risk

Low

 

Threat 8 – Misconfigured Applications: Incorrect configuration reveals various vulnerabilities within the information system making it easier for an attacker to get in and expose the loopholes (Kamenov, 2018).

Level of Risk : 12

Likelihood: 3 and Consequence: 4

Explanation: 3 x 4 = 12 and thus it is classified as a medium risk.

Explanation: The probability is medium, but the impact is higher.

Improvement & Recommendation

Standard Mitigation:

·         Security measures should have been configured on the servers and systems.

·         Employee training program is a must

·         Security hardening of servers as well as other information systems must’ve been done.

Specific Mitigation

·         Routine software updates and patching

·         Regularly scanning and auditing the ICT environment

·         Encrypting data at-rest

·         Hardening of information and hardware systems

Techniques - Avoid Risk

Medium

 

Threat 9 – Insider Attack: Insider attacks are carried out by disgruntled ex or current employees by way of sabotaging the systems or stealing valuable information.

Level of Risk: 15

Likelihood: 3 and Consequences rating: 5

Explanation: 3 x 5 = 15 and thus it is classified  as a High risk.

Explanation: This risk has a 3 score of occurring, but the repercussions, which would have a significant impact on the company, have a score of 5.

Improvement & Recommendation:

 

Standard mitigation procedures:

·         Security measures should have been configured on the servers and systems.

·         Employee training program is a must

·         Physical security is a must and can be attained through geofencing and biometrics (Erez, 2020).

·         Endpoint protection  via antivirus and firewall is a must for all laptops and desktops.

Specific Recommendations:

·         Dual factor authentication

·         Closing accounts of terminated employees

·         Physical security perimeters and geo-fencing systems

·         Confidential Ips and information assets must be behind a password

·         User Privileges must be defined

Techniques - Avoid Risk

High

 

Security systems / protocol / techniques

Pricing in $

IDS and IPS Systems (FortiNet)

500

Network Security tools (SolarWinds)

3000

VPN as well as IPSec based solutions (VPN Shark, 200+ Users)

600

Anti-Spyware tool and Anti-Malware (Norton Enterprise)

2000 (For 100-200 Computers)

Employee training program

1000

Browser based Sandboxing (AWS)

600

 

Table 3 - Cost Calculation

Conclusion
Many organizations nowadays are attacked by various types of ransomware attacks. JBS is such an organization that was forced to stop working due to an attack by some cybersecurity organization. They should appoint cybersecurity specialists for identifying the threats. Because threat modeling will enable them to protect their database from any external attack or threat. STRIDE is one of the best methods to implement and protect their database than any other method. Hence, future recommendations indicate that applying the appropriate method of identifying threats will not only protect the database also prevent us from becoming a victim and paying any type of ransom.

References
Fernández, P. (2007). Valuing companies by cash flow discounting: ten methods and nine theories. Managerial Finance, 33(11), 853–876. https://doi.org/10.1108/03074350710823827
Halpern, C. (2018). The Myriad of Leadership Theories and Practices Reviewed. Journal of Business Theory and Practice, 6(4), 269. https://doi.org/10.22158/jbtp.v6n4p269
Mamatkulovich, B. B. (2020). Knowledge Economics: Theory and Practice. International Journal of Psychosocial Rehabilitation, 24(1), 1582–1587. https://doi.org/10.37200/ijpr/v24i1/pr200256
Starik, M., Kanashiro, P., & Collins, E. (2017). Sustainability Management Textbooks: Potentially Necessary, but Probably not Sufficient. Cyber security assignment Academy of Management Learning & Education, 16(3), 500–503. https://doi.org/10.5465/amle.2017.0188
Stallings, W., & Brown, L. (2019). COMPUTER SECURITY : principles and practice. Willford Pr. https://www.pearson.com/us/higher-education/program/Stallings-Computer-Security-Principles-and-Practice-4th-Edition/PGM1805260.html
Kamenov, D. (2018). Intelligent Methods for Big Data Analytics and Cyber Security. Information & Security: An International Journal, 39(3), 255–262. https://doi.org/10.11610/isij.3921
Rizov, V. (2018). Information Sharing for Cyber Threats. Information & Security: An International Journal, 39(1), 43–50. https://doi.org/10.11610/isij.390
Telang, R. (2015). Policy Framework for Data Breaches. IEEE Security & Privacy, 13(1), 77–79. https://doi.org/10.1109/msp.2015.12 Trigeorgis, L., & Reuer, J. J. (2016). Real options theory in strategic management. Strategic Management Journal, 38(1), 42–63. https://doi.org/10.1002/smj.2593

Weiss, T. G., & Kittikhoun, A. (2011). Theory vs. Practice: A Symposium. International Studies Review, 13(1), 1–5. https://doi.org/10.1111/j.1468-2486.2010.00991.x

Tags:
NEXT SAMPLE

Related Samples

Question Bank

Looking for Your Assignment?

Search Assignment
Plagiarism free Assignment

FREE PARAPHRASING TOOL

PARAPHRASING TOOL
FREE PLAGIARISM CHECKER

FREE PLAGIARISM CHECKER

PLAGIARISM CHECKER
FREE PLAGIARISM CHECKER

FREE ESSAY TYPER TOOL

ESSAY TYPER
FREE WORD COUNT AND PAGE CALCULATOR

FREE WORD COUNT AND PAGE CALCULATOR

WORD PAGE COUNTER



AU ADDRESS
9/1 Pacific Highway, North Sydney, NSW, 2060
US ADDRESS
1 Vista Montana, San Jose, CA, 95134
ESCALATION EMAIL
support@totalassignment
help.com