Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

research about the following: Web applications E-mail clients Scenario Paul Gray

ID: 3773436 • Letter: R

Question

research about the following:

Web applications

E-mail clients

Scenario

Paul Gray is the proprietor of a small share trading company allowing individuals to enter the stock market. He is currently running it with manual procedures and communicating with his clients using a free e-mail service provider and Skype telephone. He is planning to convert it to an online share trading company, but he is aware that there are security concerns when doing this. Gray needs his online trading portal to have the following key requirements:

It should allow its registered users to trade from any net-enabled PC.

It should allow real-time portfolio tracking.

It should enable instant credit and money transfer.

Its users should be able to communicate with the company using any e-mail service, free or paid.

You have been hired as a security consultant for Gray. You need to respond to the following queries in your initial meeting with Gray:

What are the possible security threats to the online trading portal? Who would be interested in attacking the portal? Why?

How may these security threats be mitigated? What are a few strategies that can be used to deter or prevent unauthorized use? At this point, these suggestions can be preliminary and non-technical, but they should suggest means of preventing or deterring attack on the system.

Gray does not realize that there are security threats to his current business model as well. Respond to the following questions related to the security concerns in Gray's business model:

What possible threats exist on free e-mail services? Consider the possible gain an attacker may have from attacking this system and enumerate several reasons why this would be a viable attack. Consider the risk of getting caught attacking this system. When would the payout make the attack worthwhile to the attacker? What factors would make this an undesirable target?

How is the free e-mail service different from the share trading portal? Analyze which of these systems represents a greater potential gain for the attacker and justify your conclusion. Which system carries more associated risk to complete the attack? Give examples to justify your answer.

Explanation / Answer

What are the possible security threats to the online trading portal?
-DDOS'ing of the online trading portal
- This is a Denial of Service Attack in which the server hosting the online trading portal is set hundreds of thousands of pings, forcing the server speed to crawl to a hault
- This can translate into millions of dollars lost in time with the server being down
- Also, possible transactions during the DDOS attack can be lost/corrupted, resulting in some parties not recieving the goods they paid for, or in other cases, money not being sent
- And in the worst case scenario, money can be completely "lost", and in some cases, amounts of money cannot be accounted for and simply "vanish"

-Hackers want to take items that are up for sale for free
-This can be done through fulfilling an order with false currency
- Or from executing the transaction then renig on the commitment to pay
- A possible scenario much like that of eBay in which the buyer can say the the seller had false advertisement/the buyer did not receive the correct goods, etc..

-Hackers want to take control of another individual's funds
-This can be done through hacking into the other individuals account
- Using the other individuals identity, etc..

-Hackers want to sell counterfeit products in order to receive payment for goods that either do not exist or don't cost anything

-A worm can be submitted into the system through brute force attacks on developers/admin accounts with the portal
- This can result is complete annihilation of the entire infrastructure of the online trading portal
- Also, it does not have to be a worm specifically, but rather any malicious software can be injected if access were to be gained via an admin account
Who would be interested in attacking the portal? Why?
-Anyone with the interest of money
-Anyone with the interest of seeking revenge on another person, through life complications, or whatever it may be

-Simply because everyone wants money, everyone wants object and pretty things in there life, and in some cases, some people want to see other people NOT have nice things in their lives.
-Many times has the motive been revenge for a certain crime, whether it is an electronic crime or not

How may these security threats be mitigated?
-They can be mitigated through proper use of defensive coding and many admins monitoring the amount of traffic to the server
-When encoding the infrastructure of the online trading portal, one needs to make sure that no holes are left open for simple hacks, such as an easy sql injection or code injections through a simply username and password field
- Also, extensive IP logging needs to be made to monitor exactly who is accessing the portal and where they are accessing it from
-The extensive IP logging can further be used to help in a reactive step to track down malicious users and persecute them
- In addition to IP logging, IP masks and restrictions need to be set on admin accounts, to make sure that registered admins are only logging in through verified IP ranges and addresses
-This will further prevent individuals from brute force hacking into an admins account from a place other than the original admin's computer
-However, the admin must also have a set of extensive passwords/questions that must be entered to verify that it is truly them, to further prevent someone from hacking into their account
-In regards to monitoring server traffic, there needs to be monitoring and blacklisting/blocking of certain IP's to help combat a DDOS
-When a server is being DDOS'd, there needs to be a way to blacklist/block that IP or wherever the pings are coming from, in order to preserve the health of the server and keep the online traffic running smoothly, without having the trading portal come crashing down.
-Ultimately, not just one server but actually a multitude of servers all across the country will support the online trading portal, so that if one is being attacked, or one location, the others will be able to pick up the slack until the one under attack is mitigated.
What are a few strategies that can be used to deter or prevent unauthorized use?
-Most were covered in the section above
-IP monitoring to check if a certain user has logged in from a much different location that he or she has been previously, in which the account would be frozen and an email would be sent to the individual to verify their new location
What possible threats exist on free e-mail services?
-Much like that of a DDOS attack, if there is a free email service mass email spamming can occur, resulting in the online trading portal crashing
-Also, if more common email spammers were to create an account, the trading portal would soon turn into an advertisement infected pool, in which the only emails you would get would be that of advertisements.
-In addition to that, the very malicious and common email impersonating an administrator from the online trading portal could be sent around without consequences due to the lack of tracking in the free email model, resulting in many accounts being compromised or the loss of lots of revenue
When would the payout make the attack worthwhile to the attacker?
-When the attacker gains access to an account and can acquire any of the funds stored in the account
-When the attacked tricks the individual to send them money for a service or good that does not exist
What factors would make this an undesirable target?
-The fact that the emails would only go so far and rely solely on the ignorance of the receiver
-Emails cannot deliver any malware or get the attacker anything unless the recipient does something like download a file, open the email, go to a link in the email, etc..
How is the free e-mail service different from the share trading portal?
-One is simply a communication service, where as the other deals with actual money and transactions
-One is linked to nothing but a username and a password, where as the other one has links to places with money and has access to very sensitive things like bank accounts
Analyze which of these systems represents a greater potential gain for the attacker and justify your conclusion. Which system carries more associated risk to complete the attack?
-The trading portal represents a much greater potential gain for the attack due to the amount of connections to money that it has.
-The email service relies solely on the recipient of the email to make a mistake and go to a link, download a file, or open the email, which can only get so far. Where as if the attacker were to hack into the trading portal, immediate access to funds would be there, not to mention possible identities like social security numbers, etc...if the trading portal required that in order to become a user of it
Which system carries a more associated risk to complete the attack?
-The trading portal is MUCH riskier due to the fact that actual hacking must occur
-For example, in an email service, the attacker is simply providing a malicious program, false link, etc...where all the attacker has to do to get it into the individuals network is to wait for the individual to open the email, download the file, or click the link
-Where as in regards to the trading portal, the attacker has to find a way through the trading portals defenses, either through a backdoor, through an admin account, or through other means like a sql injection or code injection.
-Also, for the email, because it is free there is no real tracing that can occur to the attacker, they can simply make a new fake alias to base the email on. However, for the trading portal the attacker must attempt to break in from a location. A location that is recorded and monitored if the trading portal is executing their defense practices correctly
-This can result in the tracking down of the attacker in regards to attempting to hack the trading portal simply because their location can be monitored, where as there is no hope to track down the attacker in the free email service because they can simply create a fake alias

Related Questions

reported on the resuits of an oprion poll in which adults were asked what one th
Question #3324906
reported the folliowing items on December 31, 2016 (last year\'s amounts also gi
Question #2399384
reported trading investments at fair value of $225,000 on December 31,2016. Ther
Question #2548697
reported? a. Current assets b. Non-current assets c. Current liabilities d. Stoc
Question #2559654
repost 2018 SP_081 ACCT 24000.010- Professional Responsibilities Home / My cours
Question #2604242
repost, i am in college physics for algebra and while i wish i was in calculus a
Question #1588249
reposted Question Details The Ideal Gas Law Question Details Room Temp: T = 296.
Question #2053751
reposted-picture did not show How would you carry out the following conversion?
Question #623448

Navigate

Previous
research about the following: Planning and implementing security for mobile comp
Next
research and discuss the basic theories of motivation not acceptable. A detailed

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.