Provide a detailed report on the Cyber security threats and issues encountered by Peanut Processing Services.
Question
Task: Provide a detailed report on the Cyber security threats and issues encountered by Peanut Processing Services.
Answer
Introduction
The present report is focused on discussing about the Cybersecurity threats and issues encountered by the organization. Peanut Processing Services, PPS is an organization that provides data collection, analysis, and processing services to its customers. The company is based in Subiaco, Western Australia. The company usually collects the data for the customers and these datasets are confidential and private in nature. The exposure of these datasets to the unauthorized entities can result in massive security concerns for the organization (Adebiaye, 2017). The turnaround time for the organization is four days and it cannot afford to have any downtime during these four days.
There have been instances of Cybersecurity threats and issues in the past. The twelve employees that are associated with the organization are each assigned a Windows 10 laptop. There were issues around data loss, ransomware attacks, network security issues, and cases of employee negligence that have been observed. These have caused significant monetary losses and the privacy violations for the organization. The report covers the details of the prominent risks to Cybersecurity threats that PPS is exposed to and the ways in which the resolution to the attacks can be implemented (Trappe & Straub, 2018).
Five Cybersecurity Threats:-
Ransomware Attacks
There are different forms of malware codes and packages that have been developed. One of the recently used forms of the malware attacks is the ransomware attacks. These are the Cybersecurity threats in which the malware is launched on the system or an application that encrypts all of the files within the system or application. The users’ access to the system/app is blocked. The user is asked to pay for a ransom amount which is often in cryptocurrencies to regain the access. The data sets and files encrypted can also be deleted for forever or modified by the attacker (Sun et al., 2018). The ransomware attack has already happened at PPS in the past wherein one of the laptops was affected in the attack. There is a constant increase in these attacks in the recent times. It has been seen that the ransomware attacks are being launched at large scale with the WannaCry attack in 2017 being a primary example that impacted over 150 countries.
PPS is also exposed to the ransomware attack as the laptops that are used by the employees are not secure and include any anti-ransomware protection.
Distributed Denial of Service (DDoS) Attack
PPS carries out the analytics and data processing activities with the turnaround time of four days. The availability of the system, networks, and the datasets is of primary importance for the organization so that the downtime is avoided. The DDoS attacks can occur on the organization networks and systems which target the availability of the system and the information sets. It is possible that the availability of the information and the networks is targeted by flooding the networks with unwanted traffic. The garbage traffic will lead to the exhaustion of the resources and the situation of the service breakdown will occur (Armenia et al., 2018).
There are other Cybersecurity threats and measures that can be involved in these attacks, such as malware attacks and botnets. The PPS systems are exposed to this attack as there is confidential information that is shared over the emails and proper network security tools and protocols are not implemented in the organization (Rose & Kass, 2017).
Phishing Attacks
There are numerous forms of phishing attacks that can take place. The PPS systems and information sets will be exposed to the phishing attacks in which the attempts will be made to acquire the confidential information from the employees of PPS. The phishing attacks are the ones in which the attackers trick the users be behaving as the legitimate entity and gains information from the users through this method (Bakurkin et al., 2016). There can be several ways in which the phishing attacks may occur and emails are the most common attacking mode that is used. The malicious links are sent on the user mail and the user believes the mail sender as a legitimate entity. The confidential information is then shared by the user on the email or the suspicious links included in these mails.
In PPS, the employees are negligent and are not really aware of the security practices and protocols that must be followed. As a result, it will be easier for the attackers to carry out the phishing attacks.
Insider Cybersecurity threats & Data Breaches
The majority of the Cybersecurity threats/attacks that occur include the internal member or employee as the threat agent. There can be increased occurrences of the insider Cybersecurity threats and breaches in the days to come. This is because the employees of a business firm are aware of the business procedures and the security policies that are implemented in the business organization. The employees can be approached by a rival firm to gain access to the confidential information. It is also possible that the employee deliberately shares the information to the unauthorized groups for personal interests (Bordoff et al., 2017). These attacks may also be accidental as the employee may leave their laptops unattended and the fellow employee may gain access to the datasets.
PPS will be exposed to these attacks as similar practices have been observed in the past that has resulted in the loss of the data (Shackelford, 2018).
Network Eavesdropping Attacks
The use of the cloud networks and other networking channels is common in the business firms. These networks are used as the threat agents and are utilized to carry out the Cybersecurity threats. The eavesdropping on the network may be done by using the network security vulnerabilities. It is possible that the attackers gain access to the networks and the security and privacy of the information being transmitted is compromised. The man in the middle attacks are the most common forms of eavesdropping attacks (Chen et al., 2018).
The employees of PPS share confidential information and datasets over the emails. The employees also connect their laptops to the unsecure public networks that can make it easier for the attackers to gain access on the network channels. The information and the data sets shared over the networks can be easily used to carry out the eavesdropping issues and attacks.
Risk Register
The impact and probability analysis of the five top risks to Cybersecurity threats risks is done with the scores assigned to impact and probability on a scale of 1 to 5. In both these factors, 1 indicates the lowest value whereas the highest value that is kept is 5. The calculation of the risk score to Cybersecurity threats is done by multiplying the values of impact and probability (Clark-Ginsberg & Slayton, 2018).
|
Risk |
Description |
Probability |
Impact |
Score |
|
Ransomware attacks |
Malware attack in which the files in the system/app are encrypted and the ransom amount is demanded to restore the access. |
4 |
5 |
20 |
|
DDoS attacks |
Flooding attack that directly impacts the availability of the network and services by flooding garbage traffic. |
3 |
5 |
15 |
|
Phishing attacks |
Impersonation attack using social engineering techniques to gain confidential data from the users (Dagoumas, 2019). |
4 |
5 |
20 |
|
Insider Cybersecurity threats and data breaches |
Deliberate or accidental attack by the employees/users to share information in an unauthorized manner. |
5 |
5 |
25 |
|
Eavesdropping attacks |
Network security attack in which the attackers sit on the network and monitor the network activity. |
3 |
4 |
12 |
Addressing the Issues – Countermeasures
The risks that have been identified above can be prevented and avoided with the use of the defined control measures and techniques. There is some of the basic security measures that PPS will be required to adopt. The details of all these measures are given below.
|
Risk |
Description |
Score |
Treatment |
|
Ransomware attacks |
Malware attack in which the files in the system/app are encrypted and the ransom amount is demanded to restore the access. |
20 |
Avoidance – All the laptops in PPS shall be protected with antimalware packages that come with ransomware protection (Fu & Blum, 2015). |
|
DDoS attacks |
Flooding attack that directly impacts the availability of the network and services by flooding garbage traffic. |
15 |
Avoidance and Prevention – The network-based intrusion detection systems shall be installed with the installation of Virtual Private networks in the organization. The anti-denial tools shall also be installed on the network channels. |
|
Phishing attacks |
Impersonation attack using social engineering techniques to gain confidential data from the users. |
20 |
Avoidance – The use of network security controls along with the encryption of the data sets shall be done. The users must not share the confidential data over the mails. |
|
Insider Cybersecurity threats and data breaches |
Deliberate or accidental attack by the employees/users to share information in an unauthorized manner. |
25 |
Avoidance – Advanced access control and authentication shall be applied on the systems and the applications along with the ethical trainings for the employees. |
|
Eavesdropping attacks |
Network security attack in which the attackers sit on the network and monitor the network activity. |
12 |
Avoidance – The network security controls including firewalls shall be used. |
There are additional security measures that must be taken by PPS.
- Security patching shall be introduced and carried out which must include the installation of the updates regularly.
- The datasets of the clients shall be stored in the cloud database and SharePoint location. The data shall not be shared over the emails.
- The multi-authentication mode shall be used for the application access (Higgins & Regan, 2016).
- VPN shall be installed and the laptops shall be able to access the critical apps and data only on the VPN.
- The data backups shall be taken regularly and the data in the backup repository shall be encrypted.
- Administrative security policies so that the security reviews and audits are conducted on a regular basis. The identification of the security loopholes and gaps will be done through these audits.
Compare/Contrast to Alternatives
The chosen techniques and countermeasures that have been recommended are the preventive measures that will ensure that the organization is vigilant and has the readiness to avoid the security attacks in the first place.
There are other techniques that are also present and could be used. One of these is the reactive measures to manage and handle the security attacks (Islam & Aktheruzzaman, 2020). However, there is considerable damage that already gets done before the actions are adopted to recover from the attack. In the case of PPS, there is a strict turnaround time of 4 days that is followed. The organization cannot afford to have the downtime in this timeframe and therefore, the reactive measures will not be of much value. On the other hand, the preventive and proactive approaches that have been suggested will ensure that the security of the information and the data sets is always managed and monitored. It will also provide the ability to keep the datasets protected and to recover from the security incident if it occurs (Muegge & Craigen, 2015).
Costs Breakdown
There is a total cost of $25,000 that has been allotted to the project. These costs will be classified in various types and will be distributed in the project accordingly. PPS currently includes 12 resources and these have limited understanding of the cybersecurity standards and protocols. It will be essential that the security experts and consultants are involved with the organization for the maintenance of security. For this purpose, Security Advisor, and two security analysts recruited. There will also be a trainer that will be invited to provide the employees of PPS with training on the ethical and security aspects. The cost of resources will come out to be $7,500 and the cost of training will be $2,000.
There will be cybersecurity tools that will also be necessary to be procured for all the 12 systems and the networks. These will include antimalware packages, network intrusion detection & prevention systems, firewalls, cloud database for storage and back-up, and biometric tools for verification. The cost of the tools will be one-time and will be $8,500 (Peterson et al., 2018).
The information security planning and analysis will be done in which the PPS CEO and the members of the board along with the security team that will be involved. This phase will include the cost as $2,000.
The implementation, maintenance, and control of the Cybersecurity threats will be done and the rest $5,000 will be involved in this phase. This will include the configuration and installation of the tools, implementation of the policies, reviews and audits, and the overall maintenance of the tools that will be installed.
Conclusion
There are several cybersecurity threats and issues that have been identified for PPS. It is necessary that the control measures are taken so that the security issues and attacks do not occur. It is also necessary that the integrated approach towards the security is maintained with the continual improvements in the same. The security controls in place would allow PPS to provide services unabated to their customers and thereby increase their readiness.
References
Adebiaye, R. (2017). Mitigating Vulnerability Risks in Cybersecurity Using Predictive Measures. Cybersecurity Threats International Journal of Advanced Scientific Research & Development (IJASRD), 4(10), 12. https://doi.org/10.26836/ijasrd/2017/v4/i10/4106
Armenia, S., Ferreira Franco, E., Nonino, F., Spagnoli, E., & Medaglia, C. M. (2018). Towards the Definition of a Dynamic and Systemic Assessment for Cybersecurity Risks. Systems Research and Behavioral Science, 36(4), 404–423. https://doi.org/10.1002/sres.2556
Bakurkin, R., Bezrodnyi, B., & Korotin, A. (2016). Counteraction to Computer Attacks in Railway Transport. Voprosy Kiberbezopasnosti, 4(17), 29–35. https://doi.org/10.21681/2311-3456-2016-4-29-35
Bordoff, S., Chen, Q., & Yan, Z. (2017). Cyber Attacks, Contributing Factors, and Tackling Strategies. International Journal of Cyber Behavior, Psychology and Learning, 7(4), 68–82. https://doi.org/10.4018/ijcbpl.2017100106
Chen, P., Hu, Z., Xu, J., Zhu, M., & Liu, P. (2018). Feedback control can make data structure layout randomization more cost-effective under zero-day attacks. Cybersecurity, 1(1). https://doi.org/10.1186/s42400-018-0003-x
Clark-Ginsberg, A., & Slayton, R. (2018). Regulating risks within complex sociotechnical systems: Evidence from critical infrastructure cybersecurity standards. Science and Public Policy. https://doi.org/10.1093/scipol/scy061
Dagoumas, A. (2019). Assessing the Impact of Cybersecurity Attacks on Power Systems. Energies, 12(4), 725. https://doi.org/10.3390/en12040725
Fu, K., & Blum, J. (2015). Controlling for Cybersecurity Risks of Medical Device Software. Cybersecurity Threats Biomedical Instrumentation & Technology, 48(s1), 38–41. https://doi.org/10.2345/0899-8205-48.s1.38
Higgins, M., & Regan, M. (2016). Cybersecurity. Essential Library, An Imprint Of Abdo Publishing.
Islam, M. R., & Aktheruzzaman, K. M. (2020). An Analysis of Cybersecurity Attacks against Internet of Things and Security Solutions. Journal of Computer and Communications, 08(04), 11–25. https://doi.org/10.4236/jcc.2020.84002
Muegge, S., & Craigen, D. (2015). A Design Science Approach to Constructing Critical Infrastructure and Communicating Cybersecurity Risks. Technology Innovation Management Review, 5(6), 6–16. https://doi.org/10.22215/timreview/902
Peterson, D. C., Adams, A., Sanders, S., & Sanford, B. (2018). Assessing and Addressing Threats and Risks to Cybersecurity. Frontiers of Health Services Management, 35(1), 23–29. https://doi.org/10.1097/hap.0000000000000040
Rose, R. V., & Kass, J. S. (2017). Mitigating Cybersecurity Risks. CONTINUUM: Lifelong Learning in Neurology, 23(2), 553–556. https://doi.org/10.1212/con.0000000000000442
Shackelford, S. J. (2018). Smart Factories, Dumb Policy?: Managing Cybersecurity and Data Privacy Risks in the Industrial Internet of Things. SSRN Electronic Journal. https://doi.org/10.2139/ssrn.3252498
Sun, L., Tan, M., & Zhou, Z. (2018). A survey of practical adversarial example attacks. Cybersecurity, 1(1). https://doi.org/10.1186/s42400-018-0012-9
Trappe, W., & Straub, J. (2018). Cybersecurity Threats Cybersecurity: A New Open Access Journal. Cybersecurity, 1(1), 1. https://doi.org/10.3390/cybersecurity1010001
