Saturday, March 30, 2019
OPM System Potential Threats and Vulnerabilities
OPM System Potential Threats and VulnerabilitiesRisk estimate Report intent The purpose of conducting this assay of expo sure as shooting assessment was to identify capability threats and vulnerabilities related to OPM System. The risk assessment volition be white plagued to identify possible risk mitigation plans related to Agency. The network was identified to capture a potential high-risk during protective cover assessment. Therefore, risk assessment is needed to be conducted to bank note the impact of every breach that can result from the vulnerabilities discovered.ScopeThe comp alls placement comprises several infrastructural components. The external interface is a series interactive entanglement page that allows users to input entropy and receive the required info from the application. The administration is built exploitation Internet Information horde that uses Active Server Pages. The network infrastructure fosters in the management of data execution in the entire popline. The web application, database and operating systems that hold in these components atomic number 18 all include in the scope. Making sure that the servers require several firewalls which are make up in almost all the network interconnection boundaries.ThreatsCybercrime hand over been a major source of leak of personal, corporation and governmental leak. The OPM operates without a proper risk organization structure. The OPM does not have a structured and standardized monitoring system for protective covering controls. The OPM failed to maintain accurate IT memorial that undermines all attempts at securing their information systems.Insider threats to information systems may be the biggest threats that any brass instrument might face. The reason why they are said to be the biggest is that it becomes very difficult to determine who would betray your organization among the trusted employees. It is ever so very easy to ignore the threat within on the premise that there is always that loyalty within only to realize that the rout out cause of the threats is from within. The common insider threats areTheft of unsecured personal fraud is a very big threat as the mobile devices use in organizations are out of control. These devices can be utilise to accession vital information about the organization not limited to apt Property and Defense plan theft.External threatsSome of the examples of external bail threats to the information system of the organization arePhishing ack-acks is an external attack where a hacker uses the scam to trick an employee into giving them their login details. They send emails that are engraft with a link that captures the details when entered by the employee.Denial of Service attack where the assaulter gains access to the network of the organization and keeps users from having access to certain services. The hackers attain this by disrupting how the host system functions. When the attacker floods all the co mputer ports sooner of only certain port is called Direct denial of service attack.Spoofing occurs when an attacker masquerades as a legit host and steals the IP address, spoofs a website or hijacks a network system and by that means inject malicious codes that are developed to create damage to the system operations. They include Trojan horses, viruses, key-loggers, spyware and galore(postnominal) others. Once they are planted in the system, they interrupt the functionality of the system by disabling the firewalls and giving access to the hackers (Catteddu Hogben, 2013).Impact very grimLowMediumHighVery HighLikehoodVery believablyknow Unpatched ExploitDigital RansomHackers / DDoS/ Malicious CodesSomewhat LikelyInsiders / Phishing AttacksPartners / Competitors /Terrorists / SpoofingLikelyTheft of IT equipmentMan in the middleNot Likely above is the risk matrix of threats that exist in legion(predicate) organizations. This includes their likeliness of situation and their level of impact of the attack.VulnerabilitiesThe OPM allows information systems to operate indefinitely without been subjected to a inexorable gage controls assessment. The FISMA requirements, OMB policies and applicable NIST guidelines have not been followed through appropriately much(prenominal) as dated system memorial which includes the organization and contractor-operated systems.The Risk Assessment Matrix below shows the threat source, threat action likelihood of natural event and the impact of the vulnerabilities involved.VulnerabilityThreat SourceThreat action likeliness of occurrenceImpact/sOPM applications do not require PIV corroborationUnauthorized users and terminated employeesDialing into the companys database and access of critical information.Very high dismission of crucial data, loss of revenues through litigation expenses in case this information is misused.Unsupported softwareTerminated employees, Hackers and computer criminalsGetting into the system using the uns upported software or any other softwareVery highThis may lead to loss of sensitive files from the system of the company. pretermit of annual assessment of its systemsUnauthorized users, hackers and computer criminalsAccessing the database of the company through hacking or any other way such as getting used to the patternVery highRemote access of the data which may lead to the access of the data.Impact assessments for exploitation of security weaknessesThe weakness of security makes the OPM exposed to data loss. The evaluation shows that OPM does not have a treat to record or track security status making the wreak vulnerable. This also showed the need for OCIO to centrally track the current status of security weakness.RemediationOn performance standards, systems owners had to be modified to fit the FISMA conformity systems. These were few remediation forwarded among others. OIG recommends that the OCIO develop and maintain a comprehensive inventory of all servers, databases, and n etwork devices that reside on the OPM network. All active systems in OPMs inventory essential have a complete and current Authorization. OPM must ensure that an annual test of security controls has been completed for all systems. hire of Access control is very important in making sure that access to information in the system is controlled. The use of passwords and usernames help the organization protect private data from landing the hands of authorized personnel. This proficiency is important in protection against threats like spoofing, packet hijacking, malicious codes and many others. RDBMS help in making the transactions within the systems quite in force(p) and effective because they provide the ACID tests that provide security to the transactions. The use of transaction logs also helps in tracking the changes that are made to the database. Firewall log files help in protecting the transaction within the system secure from attacks. steganography also applies complex mathematics and logic to design high-end encryption methods that allows system administrators to maintain confidence of the clients in the organizations operations. People are assured that their data is kept private using cryptography and very important in making sure that the database transactions are kept secured and lock out the attackers (Filipek Hudec, 2015).Cost/benefit analyses of remediationThe OPM is working to improve their comprehensive security control system that will, later on, need periodic system authorization. eventide though it may cost the organization high to have this work, it will be a win due to the security threats and vulnerabilities they face. Proper governance is needed to proactively implement cost-effective controls to protect critical information systems that support the mission and changing the risk management.High-level plan of action with interim milestones (POAM)The action was done through auditing standards accepted by the government. The standards requirem ent includes the systems that allows cost-effective auditing in order to extract sufficient informations and conclusion on any activities in the network. Considering OPM, internal controls were examined for various systems which had varying degrees of computer generated data.SummaryThis is a report on OPM Authorization program have concluded that OPM has not substantially defined the roles and responsibilities of all positions of the IT management structure. With the existent threats and vulnerabilities, there have been significant improvements to the monitoring program.REFERENCESCatteddu, D., Hogben, G. (2013). Cloud computing risk assessment benefits, risks and recommendations for information security, ENISA report.Filipek, J., Hudec, L. (2015, June). Distributed firewall and cryptography using PKI in mobile Ad Hoc networks. In proceedings of the 16th International Conference on Computer Systems and Technologies (pp. 292-298). ACM.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.