Cyber Threat Analysis and Exploitation on US Financial Systems (AAR)

Cyber Threat Analysis and Exploitation on US Financial Systems (AAR)
Name
Course
Date
Assessing Suspicious Activity
There are vulnerabilities of network services, which can affect the network and increase the risk of further at different levels. At the physical level, the vulnerabilities at this level are related to the unauthorized physical access to the network devices such as disconnection. At the data link level, there is focus on data including access to the medium, error detection, distribution of branch frames and flow control. In the case of the network level providing connectivity between computers even if they are in different network using routers and IP protocols vulnerable because of risk of IP spoofing: and denial of service. For the transport level: TCP-IP protocols transmit information about the IP packets, vulnerabilities are linked to authentication, integrity and confidentiality.
Protection of the mission critical systems helps to respond to the difficulty of managing complex, large-scale critical applications. The physical infrastructure for critical networks needs to be protected whereby physical security plays an important role in maximizing system availability. Reducing the risk on intrusion or accidents and protecting against sabotage enhances security so that only authorized persons access the data (Myles, et al., 2015). Protecting the mission critical systems offers more security for users relying on the data and information. Communications systems that protect the data and various functionalities and the users can send and use information that is not compromised (Matania, Yoffe & Mashkautsan, 2016). Furthermore, the mission-critical servers are optimized to meet the needs of analytics and there is flexibility in using a lot of data and different applications.
External and internal users may penetrate the system and there are huge costs in the financial industry where customers trust influences where they bank. The penetration tests focuses on trying to break the security and gain access to critical systems, where the network is vulnerable and where attackers and hackers can continue to access information as the financial organizations are not always fast to respond and mitigate. Because costly security breaches and reputational damage the security measures need to target the people, processes and technology used by the financial organizations (Bansah, 2018). The advanced persistent threats are some of the most troublesome since they occur for a long period of time.
There are more sophisticated computer attacks than before and the ease with which rogue elements access the networks and systems is worrisome and port scan help to identify some of the vulnerabilities. Identifying the ports that the system uses, their functions and those that are pen are prioritized to close them. After listing all ports this helped to detect intrusions. The ports are the communication doors and lack of adequate security, is a concern and can be used to access computers, steal information, and spy on the organizations. Since the ports are used to exchange information between computers and the internet protecting against intrusions and unauthorized access needs to be prioritized to improve security.
Networks are vulnerable to various types of intrusion by people with bad intentions who want to access information that would harm the organizations. To achieve these scanning tools, which are used track and analyze the traffic to detect possible vulnerabilities activities in the networks, and tracking IP address are used. For instance, Cain & Abel is a password recovery tool for the Microsoft operating systems used to protect against hacking the networks. The tool allows recovery of different types of passwords that are spread through a network including breaking encrypted passwords and uncovering stored passwords and analyzing protocols. The program takes advantage of insecurity in the standards of protocols and authentication methods and utilizes the simplified recovery of passwords and credentials for Microsoft Windows users.
Wireshark is a network packet analysis tool that captures packets in real time and helps analyze the TCP / IP protocols. Wireshark are useful to detect unusual and malicious activities in the network traffic. It is possible to filter the captured packets according to the need of the one who is analyzing the presence of malwares using Wireshark and to detect the source of the DNS requests including the name resolutions in IP addresses. Wireshark remain useful to analyze network protocols, the detection of vulnerabilities and assessment of security protocols in other applications.
The Financial Sector
There are more sophisticated attacks that lead to loss in control systems and the problem has grown bigger since hackers and attackers use diverse tools and techniques to infiltrate systems and networks. The risk of loss of data and information cannot be ignored as some of the intruders can access data and information for long without being detected (Bansah, 2018). The loss of confidential information and control system is a big concern in the financial sector since the information on customer’s’ personal details can be used to commit fraud. Despite efforts aimed at preventing or mitigating the occurrence of such incidents some of the financial sector players still suffer from loss in control of the systems, while there are still risks and vulnerabilities linked to previous interruptions of operations and unauthorized changes.
The loss of data integrity and confidentiality not only affects privacy, but also reputational damage. Confidentiality ensures access to information is properly authorized while integrity is associated with safeguarding the accuracy and completeness of the information and the processing methods. There is no guarantee that the information, stored in the computer system will be transmitted across the network safely, and only those authorized to access the information to do so. There has been increased risk of loss of confidential information, customers’ and business partners. Furthermore, compromise of the system or network increases the risk that the data can be modified without authorization. However, security measures ensure that users carrying out financial transactions without any intruder capturing and modifying the data in transit.
The financial sector affects economic growth and the main activities the financial sector include when collecting savings, providing credits, facilitating payments, transfer risks, and ensuing there is liquidity, which are important for economic performance. Since financial sector is crucial for development and economic performance there is growing interest on how to improve cyber security and reduce the risk of cyber attacks because of cyber threats The future of financial stability is important and taking into consideration cyber risks when assessing financial stability is necessary. Cyber defense for risk management is necessary to deal with the cyber security threats and vulnerabilities and ensue that the financial system is well protected from attacks and intrusions by rogue elements (Matania, Yoffe & Mashkautsan, 2016).
Cyber incidents and attacks affected the systems and the data of both the public and private sectors. These incidents include attacks where data is stolen or altered, or access was interrupted or denied. The frequency of these attacks and their effects on the US financial systems affect the national security and lives of US citizens, and cyber security is a top a priority in the policy talks of US Congress, financial industry stakeholders and cyber security experts. The stakeholders need to know about the cyber threats and incidents to take action and support changes that will improve cyber response and threat mitigation.
Security Standards
In the past decade there was adoption of new regulations to ensure that the banking and financial services are more secure business must ensure that ATM networks, that they provide their clients for their operations (either their own networks or networks contracted with third parties in the national territory), can authenticate the issued cards, through the use of chip or integrated circuit, incorporated in the card to perform the operations requested by the clients. For instance, businesses that allow operations to be carried out without using the integrated circuit or chip incorporated in the cards, must assume the risks and, therefore, the costs of said operations, if they are not known by the users.
To ensure compliance with the information sec...