NYP 172851E 6-1-2018 Index 1. Executive Summary

 

NYP

Report

Infocomm Security

Ashley
Lim – 172851E

6-1-2018

 

 

Index

          1.             Executive Summary

                1.1          Executive Summary –
Distributed-denial-of-service will continue to rise as a threat

1.2          Executive Summary – The Need for
Improved Security On IoT Devices Will Be More Pressing

2.            Distributed
denial-of-service(DDoS) will continue to rise as a threat

2.1          Why
Would Someone Do A DDoS Attack

2.2          Why
is DDoS  a Threat

2.3          Nature
of Threat

2.4          DDoS
Mitigation

2.5          Conclusion

2.6          Text
References

3.            Cyber
Attacks and Data Breaches Will Drive the Need for Cyber Insurance

3.1          Cause
of Threat

3.2          Why
is it a Threat

3.3          Nature
of Threat

3.4          Threat
Mitigation

3.5          Conclusion

3.6          Text
References

 

 

1.Executive Summary

1.1          The
aim of this report was to study security threats, their causes, nature and
mitigation. After evaluating the report by Symantec, two threats were selected to
be analyzed. In conclusion, DDoS attacks will always be a threat to the
Internet and IoT devices need to have more security features in place.

Main Content

2. Distributed denial-of-service(DDoS)
will continue to rise as a threat

A Distributed Denial of
Service(DDoS) attack is an attempt to make an online service unavailable by
overwhelming it with traffic from many sources. They mainly target important
resources, from banks to news websites, and pose a huge challenge to making
sure people cannot access important information.

2.1 Why would someone do a DDoS attack?

When a site is down, the
attackers demand for money in exchange for stopping their attacks. Others use
DDoS attacks as means to express their criticism to anything from government to
video games.

2.2 Why is DDoS a threat?

DDoS forces a system to crash or
shut down, denying service to legitimate users.

2.3 Nature of threat

An attacker could take control of
your computer and use it for an attack. The attacker could then force your
computer to send large amounts of data to a website or send spam to a
particular email address. The attack is distributed as the attacker is using
multiple computers to launch a denial-of-service attack. The most common type
of DDoS attack is when an attacker floods a network with information. The
server can only process a certain number of requests at a time. The large
number of incoming messages to the server essentially forces it to crash, denying
access to legitimate users.  

2.4 DDoS mitigation

Install and maintain anti-virus
software. Install a firewall and configure it to restrict traffic coming into
and leaving your computer. Avoid opening email attachments, especially from people who you
don’t know. If you believe you are a victim of a DDoS attack, contact your
Internet Service Provider(ISP).

2.5 Conclusion

Distributed-denial-of-service(DDoS)
will always be a threat. Legitimate users of websites won’t be able to access
these websites as the websites will be down and your computer could be used by
an attacker for an attack.

2.6 Text References

The link below is an article
about a DDoS attack launched by a group called the ‘Lizard Squad’ on
Playstation Network(PSN) and XBOX Live. They took the servers down during
Christmas and thousands of players and people who have just gotten their new
consoles for Christmas could not get online.

https://www.cinemablend.com/games/Why-Lizard-Squad-Hacked-Xbox-Live-PSN-69163.html

The link below is an article
about a DDoS attack on popular sites such as Twitter, Netflix and Reddit etc.
The attack occurred on the 21 of October in the US. This  was one of the largest attack of its kind,
according to experts.

https://www.theguardian.com/technology/2016/oct/26/ddos-attack-dyn-mirai-botnet

The link below is an article about
a DDoS attack on BBC. The hacker group claimed that it was only a test.

https://www.csoonline.com/article/3020292/cyber-attacks-espionage/ddos-attack-on-bbc-may-have-been-biggest-in-history.html

 

 

 

 

Main Content

3. The Need for Improved Security on IoT Devices Will Become More
Pressing

An IoT device is any device that connects wirelessly
to a network and has the ability to transmit data. Some examples of IoT devices
are Smart Door Locks, refrigerators, cameras and many more. Technology has
advanced more than the mechanisms to safeguard user privacy.

3.1 Cause of Threat

 IoT devices are vulnerable to attacks as they
are not designed with security and privacy features.

3.2
Why is it a Threat?

There is a growing security concern
regarding IoT devices as unknown devices connected to your IoT device could be
secretly monitoring the network. Hackers may also hack for information for
financial gain.

3.3
Nature of Threat

Most IoT devices are not designed with
security and privacy features, this raises a lot of security concerns and
privacy issues within the IoT networks such as confidentiality, authentication
and integrity(CIA). Hackers will be able to monitor you through your home camera,
intruding your privacy.

3.4
Threat Mitigation

Make sure your device is always
updated with the latest software. Improvements in encryption to better secure
your data.

3.5
Conclusion

IoT devices are vulnerable to attacks
as they do not have security features to deal with attacks.  Consumers are at risk of losing their privacy
and valuable information to hackers. 
Therefore, IoT devices need to have better security features to prevent
the loss of sensitive information of its users.  

3.6
Text References

The link below is an article about
security concerns with IoT devices.

https://www.twice.com/blog/iot-devices-raise-consumers-security-concerns-62245

The link below is an article about the
dangers and risks of IoT devices.

https://www.itproportal.com/2015/08/02/dangers-of-iot-how-to-mitigate-risks/