Cyber attacks are a great threat to the global economy as well as to our personal data. In 2015, a computer security group Veracode reported that defending UK businesses against cyber-attacks and repairing the damage done by hackers costs businesses £34 billion per year.
Aspects to be Protected
- Information: Customer's data, source code, design documents, financial reports, employee records, intellectual property, etc.
- Information systems: Computers, Networks, cables, etc.
A good Cyber Security approach plays a vital role in minimizing and controlling damage, recovering from a Cyber-breach and its consequences.
What is Cyber Security?
Cyber Security is a set of techniques used to protect systems, networks, and applications from attacks, damage, or unauthorized access emerging from the internet. These attacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes. With comparatively more devices than people around, implementation of effective Cyber Security measures is a challenge in today's world.
According to Forbes, the IT security spending is expected to reach around $170 billion on Cyber Security solutions by the year 2020. Let us understand the various Categories of Attacks through an example.
Case Study: SSV Limited and ZSC Bank
An IT company SSV Limited is managing a banking application for one of its leading client ZSC Bank. Sensitive data like fingerprints, account numbers, passwords, login ids, and phone numbers of customers of ZSC Bank are stored in a database server managed by the database team of the company. The application team of the company handles the user interfaces. Inputs from the user are taken through an HTML form.
A malicious hacker attacked the website of ZSC bank with the help of an insider (Bank Teller) and demanded a ransom. Failing to pay the ransom might lead the company to compromise on the confidentiality aspect of the data that was stolen. Also, the bank started getting the following complaints from customers:
- Unauthorized fund transactions taking place in their accounts
- Non-delivery of messages for transactions and usual bank updates
The bank immediately reported the issue to their vendor SSV Limited.
Analysis of the Attack
| Incident | A Generalized View | Category of Attack |
|---|---|---|
| The hacker got access to the bank's database server which resulted in leak of sensitive information of its customers | Personal data leak | Information disclosure |
| The hacker updated the phone number of few customers | Unauthorized alteration of personal data | Tampering |
| The hacker then flooded the website with fake traffic thereby bringing the application and the database server down. The customers as well as the application team were unable to access the website | Website made unavailable for legitimate users | Denial of Service |
| The default password of a default user account (that gets created during server installation) was never changed, aiding the hacker to login to the database as this user | Attacker pretends to be an authentic user (impersonation) | Spoofing |
| Before updating the phone number the privilege of the default user account was not verified | A user performs an action due to excess privilege | Elevation of privilege |
| The insider (Bank Teller) executes some unauthorized fund transfers and later denies these fund transfers | Bank needs to verify if the Bank Teller is falsely denying the action (repudiation) | Repudiation |
Cyber Security Objectives and Services Violated
These attacks violate basic Objectives and Services of Cyber Security. Let us see the Cyber Security Objectives and Services that got violated in the next post.
0 Comments