Transcript training for employees. These trainings can take

Kudler Fine Foods IT Security Report and
Presentation
Stanley Spears, Angela Roa, Dustin Frey, Isam Babli, Dominique Thornton
CIS 207/ INFORMATION SYSTEMS FUNDAMENTALS
JOHN MALONEY
March 12, 2015
1
Objectives
As Kudler Fine Foods works to implement
their Frequent Shopper Customer Loyalty
Program for their customers, they have selected
Team A to examine the program as it is
developed for potential security threats that
needs to be addressed to protect the company
and their customers.
RISK ANALYSIS
Area System at Risk
Network Attacks
Potential Vulnerability
Risk Mitigation
Kudler Fine Foods (KFF) has both and external
Throughout the entire development life cycle of KFF’s
and internal network that is susceptible to
reward system network risk will be addressed (planning
malicious network, server, database, and
analysis, design, implementation, and maintenance) of KFF’s
workstations attacks.
Network it utilize defensive systems such as Firewalls, AntiVirus, and Anti-Malware. In addition creating processes to
ensure preventive maintenance is maintenance such as
critical/security updates and service packs will also mitigate
potential risks.
Dumpster Diving (Social)
KFF has both a physical and online presence.
Designing/Operations: Dumpster diving can be mitigated by
The physical locations are vulnerable to most
either shredding sensitive data onsite or by a 3rd party
social engineered attacks.
contractor.
Area System at Risk
Potential Vulnerability
Risk Mitigation
Impersonation/Vishing
Kudler Fine Foods may be large enough that a
Planning/Design/
(Social)
savvy enough attacker might get away with
Training/Operations: Impersonation attacks can easily be
impersonations.
mitigated by creating and following processes of how to
remote authenticate personnel and by using badges clearly
worn for identity proof.
Shoulder Surfing (Social)
KFF employees could be the victims of shoulder
Implementation/Training/
surfing if any of their offices are accessible to
Operations: Tools such as monitor privacy filters will assist in
the general public.
protecting monitors from shoulder surfing. In addition to this
employees must be educated to not allow personnel and
especially customers to stand behind theme while working.
Spam/Whaling/Viruses
It is likely that KFF employees will have email.
Planning/Design/Deployment: Utilizing internal IM
(Social)
This makes them susceptible to virus and spam
clients/servers and blocking social media sites will effectively
attacks.
mitigate these risks.
Area System at Risk
Potential Vulnerability
Risk Mitigation
IM/Social Media
If KFF allows access to social media
Throughout the entire development life cycle of KFF’s reward system network risk will be
Viruses (Social)
sites, it opens itself to social media
addressed (planning analysis, design, implementation, and maintenance) of KFF’s
driven threats.
Network it utilize defensive systems such as Firewalls, Anti-Virus, and Anti-Malware. In
addition creating processes to ensure preventive maintenance is maintenance such as
critical/security updates and service packs will also mitigate potential risks.
Backdoors
Null Sessions
Attackers can access developer’s
In the planning/design phase identifying ports and usages and which ports are left unused
backdoors which are designed in place
and then closing those ports, using port monitoring software for unauthorized usage,
to gain access when the application is
access, configuring firewalls to detect suspicious traffic, and deployment: continued
not working correctly at any time.
monitoring for ports known to be used by back doors and Trojans.
Windows XP, Server 2003 and beyond
Null sessions are less of a risk on newer versions of windows and servers, mitigating steps
can be infected by attackers to obtain
will be to disable NETBIOS over TCI/IP, ensure ports 139/445 are closed, and editing the
user information such as passwords,
Registry on Windows-based computers to restrict anonymous access.
usernames, IP addresses, etc.
Area System at Risk
Database
Potential Vulnerability
Risk Mitigation
It is likely that customers will be able
Requirements Phase: Determine which database software will be used and what potential
to access their loyalty points via web
vulnerabilities it has (ie. If SQL potential for SQL injection)
server connected to a SQL database.
Design Phase: Configure and design database with access controls in mind. Do not use
The database could potentially be
default access controls.
hacked and customer personal
Implementation: Keep database server and database up to date with latest patches to
information leaked.
mitigate vulnerabilities in older versions.
Verification: Perform database and database server penetration and vulnerability testing.
Phishing
Employees and customers could be
Requirements Phase: Determine if an email spam filter is in place. If not, one needs to be
potentially targeted via email phishing
in place to mitigate spam and phishing emails. Determine if employees require education
attacks.
and training on the dangers of emails.
Design Phase: Ensure spam filter is configured properly with the latest techniques (ie.
greylisting, heuristic, etc).
Implementation: Implement spam filter for all incoming and outgoing emails into and out
of KFF.
Verification: Penetration testing via emails with malicious attachments and URL's.
Area System at Risk
DoS
Potential Vulnerability
Risk Mitigation
Similar to DDoS with the difference of
Requirements Phase: determine the various ways a DoS can be prevented (Blocking the IP
having the attack originate from one
address, software that can be configured to detect and stop DoS attacks )
system instead of multiple system. This
Design Phase: Incorporating the DoS preventive measures in the overall design to make
can keep reward program users from
sure it is accounted for and works with other design aspects.
accessing their account or using their
Implementation: Configure the system to block single origin attacks as soon as they start
reward points.
and configure the system to detect and block HTTP attacks.
Verification: Once online, perform penetration testing to ensure threats are properly
resolved
Scanning Attacks
These attacks can be used to scan for
Requirements Phase: Determine which communication ports are going to be used and
open ports on the rewards program
their potential to be penetrated.
server. It can also be used to consume
Design Phase: Add noted on ports that may be vulnerable to port scans
system resources to either slow it
Implementation: Depending on the ports open, implement defenses such as configuring
down or get a DoS
firewalls and antivirus software and closing other ports that may be used by an attacker
Verification: Use tools such as Netmap to scan the network to verify that proper defenses
are in place
Area System at Risk
Sniffing
Spoofing
Potential Vulnerability
Risk Mitigation
Administrators keep an eye
To mitigate against packet sniffing several steps will be taken such as using a
monitoring the networks
VPN for remote workers, for more sensitive information sharing the use of an
performance; this can be
https secure server and encryption software. Finally in order to be more
accessible to attackers and reveal
proactive in protecting our ARP table ARP Protection and monitoring software
sensitive information.
will be used.
Attackers can send spoofed
The use of Application threat modeling will be used to mitigate this risk
packets to one system; while on
throughout the SLDC process. Some of the steps to mitigate spoofing will be:
the receiving end it looks like a
using an IP Source Guard that Operates just like Dynamic ARP Inspection, but
trusted system source and gain
looks at every packet, not just ARP Packet. Building a binding table to
access without authentication.
compare MacAddress and IpAddress fields of incoming packets to those in the
binding table to see if they are valid if not then they will be blocked. IP config
is accomplished by port. If a port is not being used then it will be turned off
rather then left open.
Area System at Risk
DDoS
Potential Vulnerability
Risk Mitigation
KFF will likely host a web server for
Requirements Phase: Determine various ways DDoS can be prevented and
the loyalty program, and it could
stopped (ie. if x amount of requests come in from multiple IP addresses, shut
potentially be attacked via DDoS.
down ports and replies).
Design Phase: Incorporate DDoS prevention tools.
Implementation: Configure system to block attacks from multiple IP addresses.
Verification: Penetration and DDoS testing.
SQL Injection
With the high likelihood of a web
Requirements Phase: Determine the various methods SQL injection could be
server and SQL database for
used to access the SQL database.
customer loyalty points, there is the
Design Phase: Keep the SQL database and server up to date with latest patches.
potential for SQL injection attacks.
Review latest SQL vulnerabilities and if they apply to the SQL database or server.
Implementation: Apply fixes and patches to address any potential injection
attacks.
Verification: Penetration and SQL injection testing.
Area System at Risk
Mal-ware/Virus
Potential Vulnerability
Risk Mitigation
Employees and customers could be
Requirements Phase: Determine if anti-virus/malware software is running on all
targeted via email mal-ware/viruses
workstations and servers. If not, research various anti-virus software tools and
that could potentially allow a hacker
determine best tool for the organization.
access to the network.
Design Phase: Scripted, uninterrupted installs of software would ensure least
amount of downtime.
Implementation: Install anti-virus/malware software on all systems and ensure it
has latest definitions.
Verification: Run a virus or malware on systems and confirm software is
removing it.
Hardware, Software,
The service providers that Kudler Foods
In the design/implementation phases mitigating these risks by planning for
Personnel
have service interruptions for their ISP,
backups(ensuring both full as well as partial regular backup scheduling as well as
power, WAN causing downtime, data
monitoring backups for corruption and data failure), potential hot sites, UPS and
loss, file corruption.
backup power sufficient to avoid downtime, as well as load balancing servers.
Area System at Risk
Potential Vulnerability
Risk Mitigation
Man-in-the-middle-
This occurs if someone gets between
Requirements Phase: Determine who and where communications are going to be coming
Attack
the server and end user. Doing so will
from to the server (internal or external) and what the communication needs to pass
allow the penetrator to see all traffic
through.
from and to the server which can
Design Phase: Identify all the possible points where a MITM attack can occur
compromise the integrity of clients
Implementation: Implement SSL and CA protocols on all communication channels that
information.
need to be secured.
Verification: Attempt a MITM attack from inside and outside the organization to verify
security.
Password Guessing
If users are not made to set a strong
Requirements Phase: Determine who needs to have secure accounts and what the
password it would leave the KFF
password requirements are.
rewards program clients susceptible to
Design Phase: Write the code for authentication.
an attacker guessing their password
Implementation: setup user names and passwords making sure those passwords are long,
and gaining access to their account.
have capital letters and special characters and do not contain personal information.
Verification: attempt guessing passwords of users.
Security Awareness Training
•
Every organization needs to provide
information security (InfoSec) training
for employees.
•
These trainings can take various forms,
such as orientation training, web
modules, organized classes, or official
hand book study materials.
References
•
•
Bosworth, M. H. (2005, JUL 7). Loyalty Cards: Reward or Threat? Retrieved
from Consumer Affairs:
http://www.consumeraffairs.com/news04/2005/loyalty_cards.html
•
•
Wealth Informatic$. (2011, SEP 06). Retrieved from Loyalty cards : Providing
rewards or threats?: http://www.wealthinformatics.com/2011/09/06/loyalty-cardsproviding-rewards-or-threats/
•
•
Conklin, W. A., White, G., & Williams, D., Davis, R., Cothren, C. (2011). CompTIA
security+ All-in-One exam guide (3rd ed.).
•
•
Dulaney, E., & Easttom, C. (2014). CompTIA security+ study guide: SY0-401, 6th
edition (6th ed.). : Wiley.
•
•
How To Prevent DoS Attacks. (n.d). Retrieved from
http://www.esecurityplanet.com/network-security/how-to-prevent-dos-attacks.html
References
•
•
Application Threat Modeling. (2009). Retrieved from FISHNET SECURITY:
https://www.fishnetsecurity.com/sites/default/files/media/09SS0063%5B1%5D_0.pdf
•
•
Bhaiji, Y. (2009). Understanding, Preventing, and Defending Against Layer 2
Attacks. Retrieved from CISCO.COM:
http://www.cisco.com/web/ME/exposaudi2009/assets/docs/layer2_attacks_and_miti
gation_t.pdf
•
•
Diane Barrett, K. H. (2009, JUN 8). CompTIA Security+ Infrastructure Basics.
Retrieved from PEARSON IT CERTIFICATION:
http://www.pearsonitcertification.com/articles/article.aspx?p=1312653
•
•
Dobre, C. (2013, JAN 09). Security measures against packet sniffing. Retrieved
from STACK EXCHANGE: http://security.stackexchange.com/questions/26755/securitymeasures-against-packet-sniffing
References
•
•
10 Strategies for Preventing Corporate Espionage. (2012, SEP 29). Retrieved
from Incident Management Group: http://imgsecurity.net/10-strategies-forpreventing-corporate-espionage/