Posted: August 11th, 2022

Ethical Hacking and Penetration Testing

Laptop Sciences and Info Expertise
Matter:
ITS 425 Ethical Hacking and Penetration Testing (CSU International Campus)
Ethical Hacking and Penetration Testing
Possibility #1: Report on Organizational Safety Threats and Vulnerabilities
Put together an in depth written report discussing the potential safety threats and vulnerabilities of a fictitious group, Journey Scuba and Diving Institute (ASDI).

Please see the Specification part for extra particulars on task submission necessities.

Situation:

Journey Scuba and Diving Institute (ASDI) is situated in the USA and gives coaching and certification packages for scuba and deep-sea diving. ASDI is a premier coaching college within the space of diving and scuba and has developed a wealth of proprietary coaching assets, movies, guides and manuals. The college suspects that rivals have tried to breach the group’s laptop programs to realize entry to those coaching supplies.

ASDI’s community is comprised of two net servers, two file servers, one electronic mail server, 50 worker workstations, and a 50-workstation scholar laptop lab. The college additionally has public and non-public Wi-Fi availability all through the campus.

Your agency has been employed because the IT safety analyst to assessment, consider, and make suggestions with respect to upkeep of safety of the group’s laptop and community programs. You may have been charged by your supervisor to organize a preliminary report documenting essentially the most essential safety threats that ASDI faces. Your supervisor has given you the next assets that may be helpful in your analysis and Assessment:

An article on the Help Web Safety web site (Hyperlinks to an exterior web site.)
Widespread Vulnerabilities and Publicity (CVE) database search (Hyperlinks to an exterior web site.)
Safety organizations, resembling Secunia (Hyperlinks to an exterior web site.)
Your supervisor has requested you to think about and account for the next questions as you shortlist the threats and put together your report:

What threats are new this 12 months and which have change into extra prevalent?
Why are these threats extra widespread and why are they vital?
What threats stay fixed from 12 months to 12 months? Why?
What threats do you imagine will change into extra essential within the subsequent 12 months? Why?
Has an exploit been launched?
What’s the probability of an exploit?
How extensively used is the software program or system?
Specs for this Project:

Submit the report as a single doc in Phrase format.
Eight-10 pages in size
Doc and quotation formatting must be in conformity with the CSU International Writing Heart (Hyperlinks to an exterior web site.).
Cite and talk about at the very least three credible sources apart from (or along with) the course textbook. The three sources really helpful on this task description could also be amongst these sources, which can additionally embrace sources discovered by way of Net search or within the CSU International Library.
Embrace in your report a community diagram of how you plan the community construction must be configured for optimum safety. You possibly can create this diagram utilizing any drawing device, together with these embedded in Phrase, or by drawing the diagram by hand, scanning into a picture file, and then pasting into your report.
The sections of your report must be as follows:
Cowl Web page
Desk of Contents
Govt Abstract (present a undertaking overview and abstract on this part)
Physique of the report in narrative kind in two sections: Part 1 of the on Vulnerabilities and Threats in narrative kind, offering responses to every of the questions posed within the task situation, and Part 2 on Countermeasures and Prevention
Community Diagram
References

Govt Abstract
This report gives an Assessment of the Journey Scuba and Driving Institute (ASDI) laptop and community system. The report is offered in two main sections; the vulnerabilities and threats part and the countermeasures and prevention part. It additionally consists of the proposed community construction that must be put in place to help the advice’s implementation in regards to the upkeep of safety of the group’s laptop and community programs. Within the vulnerabilities and threats sections, varied facets relating to threats and vulnerabilities dealing with laptop and community programs are mentioned. The brand new threats which have emerged this 12 months recognized within the report embrace cloud community safety and vulnerabilities, Synthetic Intelligence-enhanced cyberthreats, and IoT gadgets. The report gives threats which have change into extra prevalent, together with cloud vulnerability, AI-enhanced cyberthreats, and cell malware. The threats are extra widespread as a result of development and modifications at the moment present process within the enterprise operations, the place most organizations are shifting to providers related to the threats resembling cloud, AI-based operations, and IoT gadgets. The significance of those threats is mentioned within the report in regards to the affect they’ve on enterprise operations based mostly on three components that embrace disruption, distortion, and deterioration. The threats that have a tendency to stay fixed from 12 months to 12 months have been additionally recognized with the explanations for remaining fixed offered. They embrace electronic mail vulnerabilities, ransomware assaults, third-party breach threats, and social engineering assaults. The report evaluates threats which can be believed to change into extra essential within the subsequent 12 months. The essential threats mentioned are cloud vulnerabilities, IoT gadgets vulnerabilities, AI-enhanced cyberthreats, social engineering threats, and phishing assaults. The explanation behind the threats turning into extra essential within the subsequent 12 months is the aptitude of the threats to bypass refined security measures being deployed by organizations. The Assessment of the situation offered recognized that the exploit had not been launched, however acknowledged the exploit’s probability. The explanations contributing to the probability of an exploit recognized embrace lack of refined security measures within the present ASDI community able to stopping an exploit. The system is extensively used, offering community connection throughout the campus and conducting the institute operations.
Upkeep of safety of the group’s laptop and community programs is vital to enabling the system to supply providers in a safer surroundings. The report recommends varied countermeasures and prevention in opposition to laptop and community threats within the second part. The advice consists of promulgating Complete Typically Accepted System Safety Ideas (GSSP), resembling software program high quality management, controlling entry, consumer identification and authentication mechanism, and programs to guard in opposition to manipulation or modification of the executable code. Varied community safety measures are really helpful, together with anti-virus software program, Firewall, Safe Shell (SSH), safe multipurpose web mail extensions (S/MIME), community tackle translation (NAT) and port tackle translation (PAT), and Wi-Fi protected entry (WPA). Different safety finest practices to make sure system safety really helpful embrace offering the pc and community safety training program, common monitoring of the programs and community logs, growing an Incident Response Plan (IRP), and limiting entry to programs.
Ethical Hacking and Penetration Testing
This report gives an Assessment of the Journey Scuba and Driving Institute (ASDI) laptop and community system. ASDI gives coaching and certification packages for scuba and deep-sea diving, with the providers being related to the establishment coaching assets, movies, guides, and manuals situated on its programs. The present community of ASDI consists of two net servers, two file servers, one electronic mail server, 50 worker workstations, and a 50-workstation scholar laptop lab. The establishment additionally gives public and non-public Wi-Fi-connected throughout the campus. This report’s principal goal is to doc the threats that face ASDI’s laptop and community programs and present suggestions that must be adopted to keep up the safety of the establishment programs. The report is split into two principal sections; the vulnerabilities and threats part, which covers varied facets together with the pc and community programs threats which can be new this 12 months and those who have change into extra prevalent, why the threats are extra widespread, why they’re vital for the Assessment, the threats that have a tendency to stay fixed yearly, attainable threats that will change into extra essential in a 12 months time, the probability of an exploit and the how the group system is extensively used. The second part of the report gives countermeasures and prevention suggestions that must be applied to curb the threats dealing with the establishment laptop and community system. The report additionally gives the proposed community construction that must be put in place to help the advice’s implementation in regards to the upkeep of safety of the group’s laptop and community programs.
Vulnerabilities and Threats
The digital transformation and globalization at the moment present process include each unfavorable and optimistic impacts within the cyber world. Regardless of the development that the transformation has introduced, it has additionally resulted in a rise of cybercrime, with attackers continually on the lookout for extra refined instruments and superior methods to take advantage of, defraud, and injury organizations. With regard to this truth, organizations are pressured to fret concerning the present and ever-growing threats and the threats which can be but to return. For example, a number of new threats to laptop and community system have emerged this 12 months, with different turning into extra prevalent.
A few of the notable threats which have emerged this 12 months that ASDI ought to pay attention to embrace cloud community safety and vulnerabilities, which has since emerged as a result of excessive leverage by the enterprise group of cloud providers. Organizations since late 2019 have continued to attach their laptop and community programs to cloud-based functions and proceed to make the most of the cloud for storing delicate info relating to their enterprise operations and workers. The Forbes prediction of 2018 indicated that by 2020, 83% of enterprise workloads could be within the cloud (Columbus, 2018). The prediction has since been thought-about to be true with organizations’ operations now linked to cloud providers. Regardless of cloud having been proved good for enterprise, it poses a risk to enterprise knowledge. Cloud community safety has not been proved to be refined sufficient to take care of vulnerabilities that the cloud faces. New vulnerabilities for the cloud which have been recognized this 12 months embrace knowledge breach, DDoS assaults, insecure APIs and interfaces, misconfiguration, and malicious insider threats (Belani, 2020). The opposite risk related to cloud vulnerabilities is the shortcoming of cloud service suppliers resembling Amazon and Google to supply 100% cloud safety. The failure has seen rising cyber intrusions instruments resembling Operation Cloud Hopper to discover cloud safety vulnerabilities.
This 12 months has additionally seen the emergence of Synthetic Intelligence-enhanced cyberthreats. Cybercriminals are actually using AI and machine studying capabilities to hack and launch refined cyberattacks. The AI-based threats are extra advanced and adaptive, making it onerous to develop instruments able to stopping their exploitation. A few of the new AI-based threats embrace AI fuzzing, which was designed to detected vulnerabilities in laptop and community programs when it integrates with conventional fuzzing methods. The AI fuzzing functionality provides the attackers the chance to entry a company system for vulnerabilities to launch assaults. One other new AI-based risk is machine studying poisoning, which entails attackers injecting directions into the goal machine studying mannequin, making it weak to assaults (Belani, 2020). The expansion of the Web of Issues (IoT) has seen most organizations adopting it to help enterprise operations prior to now two years. Nonetheless, the elevated use of IoT related gadgets has elevated threats in opposition to the pc and community programs. With most IoT gadgets related to computer systems and community programs nonetheless of their infancy, they nonetheless maintain a excessive variety of vulnerabilities that may be exploited to assault enterprise programs. Fashionable botnets have been proved as a supply of making assaults resembling DDoS to discover vulnerabilities in IoT gadgets (Emmitt, 2020). A excessive variety of organizations in 2020 remodeled from the same old desktop working programs to cell gadgets as a result of Corona Virus pandemic that pressured most organizations to implement working from methods. The transfer meant that almost all enterprise knowledge saved on cell gadgets elevated, which allowed the emergence of the cell malware risk that targets cellphones’ working programs.
A few of the new threats which have been recognized for this are extra prevalent than others. The brand new threats which can be thought-about prevalent embrace cloud vulnerability, AI-enhanced cyberthreats, and cell malware. The three threats are extra prevalent as a result of elevated utilization of their associated capabilities in enterprise operations. The variety of organizations shifting to the cloud continues to extend, and so is the prevalent of the cloud vulnerability risk. Cell gadgets, particularly smartphones in 2020, have offered a possibility for cell malware risk to change into extra prevalent and a outstanding cybersecurity concern. The affect of AI and machine studying in creating enterprise alternatives resembling offering advertising and marketing providers and buyer care providers has seen most organizations combine them into their enterprise operations. The excessive integration of AI and machine studying has elevated the prevalence of the AI-enhanced cyberthreats resembling AI fuzzing. The prevalent threats and different new threats are vital as a result of quantity of affect they’ll have on a company. The significance of the threats relies on three components, together with the disruption, which entails attackers using threats resembling IoT and cloud vulnerability that trigger fragile connectivity enabling assaults resembling ransomware to be launched (Moore, 2020). Distortion is one other issue that entails the unfold or use of misinformation to comprise the enterprise popularity and belief within the info integrity. With using new threats resembling cell malware, IoT system vulnerability, and AI-enhanced cyberthreats, attackers can entry the group’s info programs to comprise the integrity of knowledge and launch different assaults. One other issue that makes the threats vital is deterioration, whereby threats resembling AI-enhanced cyberthreats and IoT system vulnerability could be exploited to comprise an enterprise’s skill to regulate their very own info.
It is very important establish a number of the threats that have a tendency to stay fixed from 12 months to 12 months since such threats, when not prevented, play a big function in boosting new threats. Varied countermeasures and prevention mechanisms have since been applied by organizations in opposition to the threats which can be fixed. Nonetheless, the threats nonetheless handle to beat a number of the protection put in place to trigger a unfavorable affect on the establishment. The shortcoming of strict adherence to measures to counter the threats is taken into account to have contributed to the recurrence and the fixed existence of these threats. A few of the notable threats that stay fixed yearly embrace electronic mail vulnerabilities, that are thought-about one of many oldest community safety threats (Dobran, 2018). Emails have lengthy been the principle technique of communication within the enterprise sector, which has enabled the continual existence of the e-mail community safety dangers. Phishing is the widespread assault method that attackers make the most of to discover electronic mail vulnerability, particularly in opposition to errant or untrained workers. E-mail vulnerabilities have managed to stay fixed from 12 months to 12 months resulting from most organizations failing to supply their workers with normal coaching relating to electronic mail safety finest practices.
One other risk that has managed to stay fixed yearly is the ransomware assaults. Ransomware assaults contain attackers deploying applied sciences that take management of the goal database and hold captive the data for a ransom. Though stronger defenses to protect in opposition to ransomware assaults proceed to be developed, the attackers have shifted to advanced ransomware methods and using cryptocurrencies that allow the nameless fee of ransomware, making it onerous for tracing the attackers (Dobran, 2018). One of many ransomware advanced technique being employed is the long-term extortion method. The method entails exploiting the community system’s vulnerability to create a digital again door that’s used to slowly nonetheless the group info. With the digital door open, the attackers can demand the group to repeatedly pay them to keep away from exploiting the vulnerability making the assault last more. The ransomware assault is without doubt one of the best malicious assaults to deploy, has been the principle contribution for it to stay a relentless risk yearly. Third-party breach risk continues to stay fixed from 12 months to 12 months. The vast majority of third events, together with distributors, companions, and contractors, lack refined safety programs, and they might not be conscious the attackers are exploiting their system to penetrate their shopper system (Moore, 2020). The opposite motive for the risk to stay fixed is that almost all organizations don’t have safety requirements and a devoted safety group to handle and monitor third events’ programs.
One other risk that continues to be fixed from 12 months to 12 months is the social engineering assaults, which contain attackers tricking victims into offering delicate knowledge and info, resembling login particulars. The commonest social engineering assault methods used embrace electronic mail phishing and SMS phishing. Though enterprises have applied refined electronic mail safety to forestall phishing assaults, attackers have on their facet developed refined phishing kits, resembling utilizing encryption within the browser, geolocation methods, and narrowing targets by means of the gathering of assorted PII (Desai, 2018). Social engineering assaults have additionally continued to stay fixed resulting from messaging apps’ huge recognition, resembling Skype, WhatsApp, and WeChat. The attackers can simply trick customers on the messaging platform to obtain recordsdata or click on hyperlinks that switch malware on their telephones or computer systems (Belani, 2020). Social engineers have additionally developed the power to make use of human psychology by exploiting the goal’s weak spot to trick them into offering entry to delicate knowledge. The final risk that has remained fixed is the insider risk related to ignorance amongst workers when it comes to programs and knowledge utilization.
With digital transformation and globalization set to proceed, it’s anticipated that the threats dealing with organizations laptop and community programs to proceed evolving and being extra refined. Whereas different threats could be simply managed and prevented, others would change into extra essential. A few of the threats which can be thought-about to change into extra essential within the subsequent 12 months embrace cloud vulnerabilities ensuing from organizations’ resilience in cloud computing (Lohrmann, 2019). The speed of an enterprise participating cloud providers of their enterprise operations is rising, with virtually 90% of organizations knowledge and worker info predicted to be saved on cloud within the subsequent 12 months. The attackers think about enterprise migration to the cloud as a possibility for his or her malicious actions. Some cloud vulnerability assaults, resembling cloud jacking, are prone to emerge as outstanding threats within the subsequent 12 months. Cloud jacking is ready to make the most of misconfiguration errors and weak third-party linked to the goal group system.
The opposite risk that will be essential within the subsequent 12 months is IoT gadgets vulnerabilities. The IoT market is prone to improve with the widespread use of the IoT related gadgets, which is able to include elevated advanced cybersecurity threats. As companies proceed to undertake IoT gadgets, a few of them are conventional organizations new within the digital world, and they won’t have sufficient expertise, expertise, and consciousness when it comes to securing the gadgets successfully (Nadeau, 2017). The attackers are prone to discover weak IoT gadgets that sustain rising, giving organizations much less time to develop cybersecurity methods. AI-enhanced cyberthreats are thought-about to be essential within the subsequent 12 months. Hackers sooner or later would attempt to improve and modify their assault methods to conduct real-time assaults. With refined cybersecurity methods being developed, attackers are prone to depend on AI-based instruments that may bypass refined programs safety. For example, AI and laptop studying instruments play a big function within the social engineering risk. With AI, attackers will develop extra refined social engineering methods, resembling deepfakes, which can be utilized to govern or mimic human identities to deploy phishing assaults (Emmitt, 2020).
Primarily based on the ASDI situation, the institute isn’t conscious of an exploit was launched. Nonetheless, for the reason that college had not but recognized any lacking supplies or the proof of unauthorized entry, there’s a risk that the exploit has been launched. Regardless of the dearth of proof of the exploit having been launched, there may be the probability of an exploit. The present laptop and community programs structure of ASDI doesn’t incorporate refined instruments to detect and forestall an exploit. The probability of an exploit within the establishment laptop and community system additionally will increase as a result of public and non-public Wi-Fi obtainable all through the campus. In case the non-public Wi-Fi connection isn’t effectively secured, the attackers can use its vulnerability to inject an exploit within the community. Public Wi-Fi is often weak to assaults. With the community being obtainable to everybody throughout the campus, it will increase the potential for releasing an exploit. Attackers can even attempt to ship an exploit by means of the worker and scholar workstations when the assaults employed can bypass the safety measures in place. Lack of safety instruments to guard each the file servers and electronic mail servers from unauthorized entry and malicious assaults will increase an exploit’s probability.
The establishment system gives a variety of providers associated to high school enterprise operations. The system holds proprietary coaching assets, movies, guides, and manuals. The system additionally caters for 50 worker workstations which can be linked to the file and electronic mail servers. Offering public and non-public Wi-Fi all through the campus means the establishment community system servers the entire campus when it comes to connectivity. The extensive use of the system with out correct cybersecurity places the system at assault dangers. The second part of this report gives countermeasures and prevention suggestions that must be applied to make sure the ASDI’s community stays secured when offering a variety of providers.
Countermeasures and Prevention
Varied laptop and community programs threats countermeasures and prevention can be found on a wide selection. ASDI’s community safety could be enhanced by including safety measures, implementing safety insurance policies, and prevention mechanisms. The primary advice in regards to the upkeep of the safety of the group’s laptop and community programs is to promulgate complete Typically Accepted System Safety Ideas (GSSP). The GSSP set a common anticipated minimal stage of safety of the system by each third-parties and customers. The protection-related practices which can be confused by the GSSP embrace high quality management when it comes to software program buy, the programs within the community to have methods of controlling entry, the programs to include consumer identification and authentication mechanism, and programs to have safety in opposition to manipulation or modification of the executable code (Nationwide Academy of Sciences, 2020).
The opposite advice is the implementation of community safety countermeasures. The really helpful countermeasures that must be applied inside the institute’s community embrace putting in anti-virus software program on all computer systems, together with each servers. Anti-virus software program can apply quite a lot of methods for scanning and detecting viruses inside laptop and community programs. A firewall must also be put in inside the community to guard it from undesirable visitors and intrusions. One other community safety countermeasure that must be applied is Safe Shell (SSH) to safe the servers. SSH encrypts knowledge flowing between the consumer and shopper by guaranteeing the data inside the packets exchanged could be considered with a certified recipient (Hack the Stack, 2006). The safe multipurpose web mail extensions (S/MIME) must be applied to safe the e-mail. S/MIME makes use of the general public key cryptographic normal to encrypt and safe emails, guaranteeing integrity, authentication, and confidentiality of the data is achieved. Community tackle translation (NAT) and port tackle translation (PAT) must be applied to supply intrusion detection addresses for personal and public IP addresses. The implementation of Wi-Fi protected entry (WPA) is really helpful to safe Wi-Fi connectivity. WPA secures Wi-Fi connectivity by utilizing the Temporal Key Integrity Protocol (TKIP) that makes use of a hashing algorithm to scramble the keys and employs an integrity-checking characteristic to make sure the keys haven’t been adjusted.
The opposite advice is to implement safety finest practices, together with common monitoring of the programs and community logs. The apply will allow the group to establish malicious actions and software program early sufficient earlier than impacting the community and programs’ performance. The group must also limit entry to programs by guaranteeing finish customers don’t have administrative privileges to their workstations and requirement of authentications mechanism, resembling a password to entry the workstations. It’s also really helpful for energetic engagement in training provision. The supply of early coaching to workers relating to safety practices and ethics about laptop and community programs utilization would improve workers’ skill to regulate and forestall threats. An Incident Response Plan (IRP) must be developed. IRP ought to clearly define the procedures and processes in regards to the response to any safety breach.
Proposed Community Diagram

References
Belani, G. (2020). 5 Cybersecurity Threats to Be Conscious of in 2020. Laptop Society. Retrieved from https://www.laptop.org/publications/tech-news/traits/5-cybersecurity-threats-to-be-aware-of-in-2020
Columbus, L. (2018). 83% Of Enterprise Workloads Will Be In The Cloud By 2020. Forbes. Retrieved from https://www.forbes.com/websites/louiscolumbus/2018/01/07/83-of-enterprise-workloads-will-be-in-the-cloud-by-2020/#40e4d8416261
Desai, N. (2018). Credential phishing kits goal victims otherwise relying on location. Help Web Safety. Retrieved from https://www.helpnetsecurity.com/2018/02/08/credential-phishing-kits/
Dobran, B. (2018). Community Safety Threats, 11 Rising Traits For 2020. PhoenixNA. Retrieved from https://phoenixnap.com/weblog/network-security-threats
Emmitt, J. (2020). Cybersecurity Threats in 2020. Kaseya. Retrieved from https://www.kaseya.com/weblog/2020/04/15/top-10-cybersecurity-threats-in-2020/
Hack the Stack. (2006). Utilizing Snort and Ethereal to Grasp the Eight Layers of an Insecure Community. Elsevier Inc. https://doi.org/10.1016/B978-1-59749-109-9.X5000-X
Lohrmann, D. (2019). The High 20 Safety Predictions for 2020. Authorities Expertise. Retrieved from https://www.govtech.com/blogs/lohrmann-on-cybersecurity/the-top-20-security-predictions-for-2020.html
Moore, M. (2020). High Cybersecurity Threats in 2020. College of San Diego. Retrieved from https://onlinedegrees.sandiego.edu/top-cyber-security-threats/#:~:textual content=Cybersecurity%20Threats%20and%20Traits%20for,datapercent2C%20are%20turning into%20extra%20refined.
Nadeau, M. (2017). Future cyber safety threats and challenges. CSO. Retrieved from https://www.csoonline.com/article/3226392/future-cyber-security-threats-and-challenges-are-you-ready-for-whats-coming.html
Nationwide Academy of Sciences. (2020). Computer systems at Threat: Protected Computing within the Info Age. Retrieved from https://www.nap.edu/learn/1581/chapter/three

Order | Check Discount

Tags: Computer Sciences and Information Technology Topic: ITS 425 Ethical Hacking and Penetration Testing (CSU Global Campus), Ethical Hacking and Penetration Testing