Monday, June 3, 2019
OPM System Potential Threats and Vulnerabilities
OPM System Potential Threats and VulnerabilitiesRisk Assessment ReportPurpose The purpose of conducting this gamble estimate was to identify potential threats and vulnerabilities related to OPM System. The risk discernment will be used to identify possible risk mitigation plans related to Agency. The network was identified to occupy a potential high-risk during protective cover assessment. Therefore, risk assessment is needed to be conducted to measure the impact of any breach that tramp result from the vulnerabilities discovered.ScopeThe companys system comprises several infrastructural components. The external port is a series interactive web page that allows users to input entropy and receive the required information from the application. The system is built using Internet info Server that uses Active Server Pages. The network infrastructure helps in the management of information transaction in the entire system. The web application, database and operating systems that sup port these components atomic number 18 all included in the scope. Making sure that the servers require several firewalls which ar set up in almost all the network interconnectedness boundaries.ThreatsCybercrime have been a major source of leak of personal, corporation and governmental leak. The OPM operates without a proper risk governance structure. The OPM does not have a incorporate and standardized monitoring system for hostage bears. The OPM failed to maintain accurate IT inventorying that undermines all attempts at securing their information systems.Insider threats to information systems may be the biggest threats that any system might face. The reason why they are said to be the biggest is that it becomes very difficult to determine who would betray your organization among the trusted employees. It is always very booming to ignore the threat within on the assumption that there is always that loyalty within only to realize that the root cause of the threats is from wi thin. The common insider threats areTheft of unsecured personal device is a very big threat as the mobile devices use in organizations are out of obligate. These devices can be used to price of admission vital information about the organization not limited to Intellectual Property and Defense plan theft.External threats nearly of the examples of external security threats to the information system of the organization arePhishing attacks is an external attack where a hacker uses the scam to trick an employee into giving them their login details. They send emails that are embedded with a link that captures the details when entered by the employee.Denial of Service attack where the attacker gains access to the network of the organization and keeps users from having access to certain services. The hackers obtain this by disrupting how the host system functions. When the attacker floods all the computer ports instead of only certain port is called Direct denial of service attack.Spoofi ng occurs when an attacker masquerades as a legit host and steals the IP address, spoofs a website or hijacks a network system and by that means inject malicious codes that are developed to defecate damage to the system operations. They include Trojan horses, viruses, key-loggers, spyware and some(prenominal) others. Once they are planted in the system, they interrupt the functionality of the system by disabling the firewalls and giving access to the hackers (Catteddu Hogben, 2013).ImpactVery LowLowMediumHighVery HighLikehoodVery LikelyKnown Unpatched ExploitDigital RansomHackers / DDoS/ venomous CodesSomewhat LikelyInsiders / Phishing AttacksPartners / Competitors /Terrorists / SpoofingLikelyTheft of IT equipmentMan in the middleNot LikelyAbove is the risk matrix of threats that exist in many organizations. This includes their likeliness of particular and their level of impact of the attack.VulnerabilitiesThe OPM allows information systems to operate indefinitely without been subjected to a strict security controls assessment. The FISMA requirements, OMB policies and applicable NIST guidelines have not been followed through appropriately such as dated system inventory which includes the organization and contractor-operated systems.The Risk Assessment Matrix below shows the threat source, threat action likelihood of occurrence and the impact of the vulnerabilities involved.VulnerabilityThreat SourceThreat actionLikelihood of occurrenceImpact/sOPM applications do not require PIV authenticationunauthorised users and terminated employeesDialing into the companys database and access of critical information.Very highLoss of crucial data, loss of revenues through litigation expenses in case this information is misused.Unsupported parcelTerminated employees, Hackers and computer criminalsGetting into the system using the unsupported software or any other softwareVery highThis may learn to loss of sensitive files from the system of the company.Lack of annual assessment of its systemsUnauthorized users, hackers and computer criminalsAccessing the database of the company through hacking or any other way such as getting used to the patternVery highRemote access of the data which may lead to the access of the data.Impact assessments for exploitation of security weaknessesThe weakness of security makes the OPM exposed to data loss. The evaluation shows that OPM does not have a process to record or track security status qualification the process vulnerable. This also showed the need for OCIO to centrally track the current status of security weakness.RemediationOn performance standards, systems owners had to be modified to fit the FISMA compliancy systems. These were few remediation forwarded among others. OIG recommends that the OCIO develop and maintain a comprehensive inventory of all servers, databases, and network devices that reside on the OPM network. All active systems in OPMs inventory must have a complete and current Authorization. OPM must ensure that an annual test of security controls has been completed for all systems.Use of Access control is very important in making sure that access to information in the system is controlled. The use of passwords and usernames help the organization protect private data from landing the hands of authorized personnel. This technique is important in protection against threats like spoofing, packet hijacking, malicious codes and many others. RDBMS help in making the proceeding within the systems quite efficient and effective because they provide the ACID tests that provide security to the transactions. The use of transaction logs also helps in tracking the changes that are make to the database. Firewall log files help in protecting the transaction within the system secure from attacks.Cryptography also applies complex mathematics and logic to design high-end encryption methods that allows system administrators to maintain confidence of the clients in the organizations operat ions. People are assured that their data is kept private using cryptography and very important in making sure that the database transactions are kept secured and lock out the attackers (Filipek Hudec, 2015).Cost/benefit analyses of remediationThe OPM is working to improve their comprehensive security control system that will, later on, need periodic system authorization. Even though it may cost the organization high to have this work, it will be a win due to the security threats and vulnerabilities they face. Proper governance is needed to proactively implement cost-effective controls to protect critical information systems that support the mission and changing the risk management.High-level plan of action with interim milestones (POAM)The action was done through auditing standards accepted by the government. The standards requirement includes the systems that allows efficient auditing in order to extract adapted informations and conclusion on any activities in the network. Consid ering OPM, internal controls were examined for various systems which had varying degrees of computer generated data.SummaryThis is a report on OPM Authorization program have concluded that OPM has not substantially defined the roles and responsibilities of all positions of the IT management structure. With the existent threats and vulnerabilities, there have been significant improvements to the monitoring program.REFERENCESCatteddu, D., Hogben, G. (2013). Cloud computing risk assessment benefits, risks and recommendations for information security, ENISA report.Filipek, J., Hudec, L. (2015, June). Distributed firewall and cryptography using PKI in mobile Ad Hoc networks. In Proceedings of the 16th International Conference on Computer Systems and Technologies (pp. 292-298). ACM.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.