Task 1
Protentional threats:
Malicious Damage – it is damage that was made on purpose to a company or a person. For example, a hacker can get into the system and make some changes that will cause errors. The company will spend money and time to fix the problem. Another example, when a hacker gets into someone’s data, stealing and revealing a person’s information on the internet.
E-Commerce threats – these are threats that related to the companies that sell goods on the internet. The threat can be damaged products, stealing products in a hacking way an error in a system that will lose a product.
Counterfeit goods – it can be called as copyrights. These are goods that were sold by another brand mark name without their authorisation. These goods are fake but can cost as much as original ones.
Technical failures – Human failures can be miss clicks, wrong input such as name, age or any other detail of someone or something. Also, technical failures are thefts. Those a website or person that are stealing equipment. Fake websites that sell products that are not the same as they say so or when the product delivers, people can steal it from porches, mailboxes and other safe places.
Malicious damage:
Internal damage – It is a damage that comes from companies themselves. The internal risks can be caused by companies’ organisation, database and other factors.
External damage – it is damage that comes from factors that are not fully related to the company. Those things can be changes in the market and natural disasters that affect companies’ operations such as delivery.
Viruses – they can cause damage to the companies by slowing down their system, deleting files and changing their database.
Phishing –it is stealing customers’ data damage. Those attacks used to steal customers’ credit card numbers, name, date of birth, address and there are more.
Identity theft – these people that use someone else’s information. They use other people’s information to steal money, get loans from banks and buy properties. After they do those procedures, they despair and a person’s information they used needs to do an investigation to prove that it wasn’t himself.
Piggybacking – It is access into a person who hadn’t log out. It happens in social places such as libraries. When a person didn’t log out, another person uses the same PC and accesses socials or other accounts that are logged in on a computer.
Hacking – This is a procedure that accesses the accounts or system without their promotions. People are hacking to get information and money from somewhere that they not allowed to be.
Threats to the E-commercials:
Defacement of Website – it is an attack on the website to change the original one to a hacker’s one. The website changes its visual that might suggest that the website was replaced. It happens to get money from a trustful source. The users won’t even realise that the money they give to the website goes to another owner and they won’t get stuff that they pay for.
Third party supplier – It is a website that sells products which they didn’t receive from the primary manufacturer. Third party supplier can have fake goods which are illegal, and users won’t realise that they pay full price for a fake product.
Denial service attack – it is an attack that makes users won’t be able to reach a website. The hackers disturb website’s host that is responsible for the internet connection. Because of these problems, companies are losing a lot of money.
Counterfeit goods:
Produces such as software, DVD’s, games and music can be transferred to another user by a peer-to-peer connection. It is illegal because people must pay for each copy of products, however, that connection allows them to share the products between each other with no charge. That is called copyrights.
Organisation impact:
Loss of service – It can cause a lot of damage to companies. One service can cause a lot of problems. Services such as connection to the internet, security services and software services can destroy an entire company that works on the internet. Hackers will be able to steal all the information from them if security stop work. The company won’t be able to sell anything to customers with no connection to the internet that will make them lose a lot of money.
Loss of income – this is the blood of the companies. The money must run through the company. If there will be no money, it means there will be no company. Loos of income means that the company won’t be able to pay their bills which means that the company will be bankrupt.
Loss of customer records – firstly, if it will happen in the company, it means they don’t have a security system which is illegal. The company will get shut because they aren’t following laws. Data Protection Act of 2000. Secondly, it can cause a loss of income.
Increased cost – It has a few meanings. If a website will increase their prices, the people might stop buy it which will cause the income loss. Secondly, if services will get increased cost, the company must need to change it, that can cause the company to be bankrupt.
Poor image – It can reduce income because people won’t trust the quality of the website. Also, people won’t be able to see what product the company sells that reduces income as well.
Information security:
Confidentially – it means that the data must be private. That the company won’t share the information they have. It can be customer information, employee information and other people that agreed to give the information to keep them private.
Data integrity – it is an organisation where data store. The data can be stored in a database, data warehouses and somewhere where the data will be organised.
Data completeness – It is how the data stored. The data can be stored by validity, date, size and reasonable choice to store the data by its attributes. This will reduce data loss.
Access to data – It is security levels. Not all employees can access all the information about a customer. There are levels that reduce information leaking. For example, managers might need to know more than employees, that’s why there are levels of access. To secure customer’s information.
Task 2
Hack The Box
Stage 1
This is how the menu in “hackthebox” looks like. It asks for the invite code; however, it doesn’t tell you how to get it. So, let’s start search more about the invite code. To open the Google Chrome console, we need to press “f12”.
Stage 2
We can see links for the scripts. First one and second one has the link https://hackthebox.eu before the JavaScript unlike second one. Let’s add the link before the second JavaScript. It will look like this “https://hackthebox.eu/js/inviteapi.min.js”
Stage 3
eval(function(p,a,c,k,e,d){e=function(c){returnc.toString(36)};if(!”.replace(/^/,String)){while(c–){d[c.toString(a)]=k[c]||c.toString(a)}
k=[function(e){return d[e]}];e=function(){return’\\w+’};c=1};while(c–){if(k[c]){p=p.replace(new RegExp(‘\\b’+e(c)+’\\b’,’g’),k[c])}}return p}(‘1 i(4){h 8={“4″:4};$.9({a:”7″,5:”6″,g:8,b:\’/d/e/n\’,c:1(0){3.2(0)},
f:1(0){3.2(0)}})}1j(){$.9({a:”7″,5:”6.”,b:\’/d/e/k/l/m\’,c:1(0){3.2(0)},f:1(0){3.2(0)}})}’,24,24,’response|function|log|console|code|dataType|json|POST|formData|ajax|type|url|success|api|invite|error|data|var|verifyInviteCode|makeInviteCode|how|to|generate|verify’.split(‘|’),0,{}))
This is the code given to us on the page. It looks confusing at first, but we need to focus on the last part. It tells us to make an invite code. There should be a script or message about it, let’s go back to the main page and search for the “makeInvitecode()” function.
Stage 4
We found data about the invite code. The message is encoded and below it says “BASE64”. BASE64 is a type of encoding schemes. To decode the message, we need to find a resource which will help us do it. In my case, I used “hackbar”. It has multiple decoding functions. Also, it will help us in the next steps.
Stage 5
This is how the message looks before decoding it:
This is how the message looks after decoding it:
To make a POST request we need to join the link of the hack the box website and link which they gave us after decoding the message. This is how I did the POST request.
Stage 6
It sent us to another page with the message on it. It contains encode a message, again. We did in “stage 5”, so, let’s do it again.
I put the message in the “hackbar” and pressed “unbase64” button. It gave us a key. This is the key to the menu from the first stage. Now we need to input it in the menu. After we do that, the menu changes. It gives us a registration menu where we can input details and continue to discover the website. This is how the menu looks like:
Physical Security:
These are security guards that look after building security and staff inside it.
Locks are made to reduce unwanted people from wandering around the building and finding information that they don’t need to know. This will increase the security level of data that the company keeps on servers.
Visitors passes have reduced access to the building. These are made to give people that are coming for a meeting and other people who won’t stay long in the building. Those people won’t need access to every single door in the building. It increases the level of security.
Sign in and out systems make sure that the people who entered the building are leaving it at the end of the shift. It is made in case if people will get lost in the building or if people will try to get access to information that they don’t need to have. Because it takes time to hack into the system.
Biometrics are important to have because it is much harder to copy than a regular pass. The retinal scans, fingerprints and voice recognition are much harder to hack which is increasing security a lot and decreases the number of unwanted invaders.
Guards are reducing physical violence when cable shielding protect cables where hackers can get into the system. By connecting their hardware to the cables can give them access to the data. Therefore, the cables are highly protected and have people that watching after them 24/7.
Software and Network Security:
Public and private key – A public keys are encrypting everything that they send, messages, email and other data. To read the message that public key encrypted a user must have a private key. Public key encrypts and private key decrypts.
Call back – it is a function that sends to another part of the system as an argument. If the information that passes next is valid, the system grants access.
Handshaking – It is a method that makes a connection between a client and a server. However, before the data communication will begin, the two software must validate each other acknowledgement packets.
Diskless networks – It is a network that shares the operation system and other data from a server but not from hardware’s disk because the workstation doesn’t have a disk to run the operating system.
Use of backups – It is a stage of a system when everything runs correctly. In case of any errors, a company can go back to the stage where the system runs properly.
Audit logs – It is a document that records every IT operation in a system. It is documenting what resources were accessed.
firewall configuration – It is settings of how the firewall was installed. It has a database of what websites can work in the system, what files can be saved in the software. It is a customisation of a firewall.
Virus checking software – it is an antivirus that constantly checks software for viruses. It makes sure that no malignant processes are detected in the system.
Virtual private networks (VPN) – It is a network that allows software to connect to another private network by sharing data through public networks.
Intruder detection systems – It is software that detects if no unauthorised accesses were made in the system. It can be detected if two of the same users log in at the same time. Or someone logged in the system from an unknown IP address.
Passwords – They are increasing the level of security and privacy. A password must be private information and only an owner must know the password.
Levels of access to data – It is a level of what information employee can access. For example, managers need to know more information about a client than a team member.
Software updating – It is important to have the software updated. The security improves with each update. More features are added to the software with an update. Bugs are getting fixed with new versions of the software.
Backup systems – It is a second server that runs at the same time as a primary one. In the case of a failure or shut down the second server can replace the primary one. It won’t slow down the progress of the company, and customers still will be able to reach the company.
Whole system replacement – It is the most unwanted process in companies. It is a method of recovery of a whole system plan based on the possibility of a happened disaster.
Tiers of recovery – It is a plan of cost and values of recoveries. The lower tire is the more expansive recovery will cost. Also, It is a diagram to show how long it will take an approximate cost. The most often number of tires is 7.
Task 3
PowerPoint:
Bibliography:
https://www.itpro.co.uk/data-protection/28085/what-is-the-data-protection-act-1998
ITPRO, “Data Protection Act 2000”, Date Of Access (15/02/2019)
https://searchdatabackup.techtarget.com/definition/backup
TechTarget, “BackUp”, Date Of Access (15/02/2019)
https://www.hellermanntyton.com/competences/cable-protection-conduits
HellermannTyton, “Cable Protection”, Day of Access (15/02/19)
https://computer.howstuffworks.com/firewall2.htm
HowStuffWorks, “Firewall Configuration”, Day Of Acess (15/02/2019)
https://www.gemalto.com/govt/inspired/biometrics
Gemalto, “Biometrics”, Day of Access (15/02/2019)
Marek Julinski 