Introduction In this paper, we are going to analyze the risks and threats that are associated with the operating systems, networks, and database systems of Gail Industries

Subject:Computer SciencePrice: Bought3

Share With

Introduction

In this paper, we are going to analyze the risks and threats that are associated with the operating systems, networks, and database systems of Gail Industries. We will also look at the risks and threats associated with conducting transactions over the network. We will also recommend the risk assessment techniques and monitoring tools. Let us start by defining risk and threat.

Definition of Risks and Threats

According to Alexander (2021), a risk is “the potential for loss, damage or destruction of assets or data”. On the other hand, a threat is a “negative event, such as the exploit of vulnerability” (Alexander, 2021).

Risks and Threats Associated with Transactions Over the Internet

There are various risks and threats associated with conducting transactions over the internet. The following are a few.

Credit card fraud

According to Varghese (2021), credit card fraud is where a cybercriminal steals your credit card information and uses it to get a new credit card or buys goods online.

Refund scam

A refund scam is also known as refund fraud. Varghese (2021) defines a fraud scam as a scammer “filing fake requests for returns”.

Spamming

According to Avast (2021) spamming is the sending of bulk email messages to someone. The emails may contain infected links that will inject malware into the victim’s computer when clicked.

Phishing

According to Fruhlinger (2021), phishing is where an attacker uses an email that seems to originate from a legitimate organization to steal personally identifiable information such as credit card details, etc.

Risks and Threats Associated with Operating Systems, Networks, and System Software

Some various risks and threats are associated with networks, and they include:

Man in the middle attack

Man in the middle attack is where an attacker can listen to conversations taking place between two parties that communicate over the network and steal personally identifiable information that will be used for credit fraud etc.

Port scanning

An attacker can scan for opened ports on your network and use them to inject malware into your system and launch an attack.

Denial of Services (DoS) and Distributed Denial of Services (DDoS) attacks

According to Pethick (2021), a DDoS attack is “overwhelming a machine network with fake traffic and thus preventing the intended users from using it”.

Botnets

A botnet is the controlling of several computers on a network or networks by an attacker and he/she issues commands e.g., stealing information from the victim, requesting ransomware, etc.

Malware

According to Frughlinger (2019), malware is malicious software that causes damage on a computer network, single computer, or a server. Computer viruses, worms, Trojan horses, etc. are all types of malware.

The common risks and threats of Operating Systems are:

Computer viruses

According to Frughlinger (2019), a computer virus is a “piece of computer code that inserts itself within the code of another standalone program, and then forces that program to take malicious action and spread itself”.

Rootkit

Frughlinger (2019) defines a rootkit as a program or a set of software tools that are used by an attacker to gain remote access to a system.

The risks and threats of system software are:

Weak passwords

When a user accesses the system software using a weak password, an attacker can crack the password and access the user’s account and steal sensitive information.

Lack of security patches

When system software is not updated frequently to the latest security patches can result in an attacker exploiting that vulnerability and cause damage.

Viruses

The software can also be infected with a virus leading to unintended actions, stealing of information, etc.

Risks and Threats Related to Different Database Deployment Models in a Distributed System

The following are the risks and threats related to different database deployment models in a distributed system:

Excess privileges

It might be problematic when a user who only needs the privileges to read data, granted the privileges to write data.

SQL and NoSQL injection attacks

According to Rubens (2021), SQL injection is the injecting of SQL statements into a database to perform undesired things. NoSQL injection is just like SQL injection, but it is meant for big data platforms.

Malware

Malware can be used to steal data from the database.

Lack of encryption

When unencrypted data is being transferred over the network then it can be intercepted by an attacker.

Risk Assessment Techniques and Monitoring Tools

The following are the risk assessment and monitoring tools that we recommend:

Network monitoring tool

A network monitoring tool such as WireShark needs to be used to monitor the network components such as routers, firewalls, switches, servers, etc. for fault and performance issues.

Database monitoring tool

A database monitoring tool needs to be used to monitor the database for fault and performance issues. A good example of a database monitoring tool is SolarWinds.

Penetration testing

Penetration testing needs to be performed from time to time to detect vulnerabilities.