Introduction
As privacy violations become extremely prevalent, the concern is no longer if they will occur but when. Once an incursion has penetrated the organization, it is their responsibility to conduct a security evaluation. This security assessment report aims to improve the corporation’s cybersecurity by detecting weaknesses and threats. Moreover, this evaluation illustrates the many risks involved with the infrastructure and its components and how to address any difficulties effectively. Finally, this evaluation will analyze the institution’s existing security architecture, hardware, software, and cybersecurity risk administration. It will also correct any Windows and Linux operating system network and system vulnerability flaws. As a follow-up, suggestions will be offered for modifying the business’s system to safeguard against potential hazards and dangers.
Operating System (OS) Fundamentals
Operating System (OS)
The operating system (OS) is the most crucial program that operates on any computer. It is comparable to the brain of a device because it oversees all other applications and hardware deployed. Computers network through binary (1s and 0s), and the OS is what interprets all the 1s and 0s into a human-readable language. The operating system enables users to communicate with the devices via a graphical user interface (GUI) (Oulasvirta et al., 2020). A system without an operating system is eventually inoperable. Apple OS, Windows, and Linux are now the three most prevalent computer OSs (Silberschatz et al., 2018). The OS is not the same as the information system (IS), as the OS is a component of the IS.
User’s Role
The user’s function within an OS is to give instructions, which the OS interprets to produce the desired outcomes. The operating system acts as a bridge between the operator, the equipment, and the applications they are attempting to access. Through the use of a graphical user interface, this procedure is completed in a short amount of time and simplifies the operation. An illustration of the user’s part is when they employ a GUI to access the operating system’s start menu to launch a Word document (Silberschatz et al., 2018). The user engages with the operating system to launch an application, after which the program communicates with the system, providing the resources necessary to execute the request.
Kernel and OS Applications
The core component of an OS is the Kernel application; it acts as a bridge between applications and the data processing performed at the hardware level. The central module of the OS is loaded during startup and remains in memory until the OS is shut down again. The executing code for the Kernel application has unrestricted access to the underlying hardware (Ordouie et al., 2021). The kernel’s responsibility is for low-level tasks such as disk management, task management, and memory management, connecting the system hardware to the application software. It would not be suitable for the computer if the kernel application crashed.
Embedded Operating System
An embedded OS is a type of computer operating system explicitly intended for use on workstations that are incorporated into more extensive techniques. An embedded OS includes hardware and software meant to accomplish specific functions (Cattaneo et al., 2018). The OS and hardware constitute a minor proportion of the overall IS infrastructure, yet they are regarded as the company’s most critical technological components. They can host these elements on their systems or leverage cloud-based service providers (Hee et al., 2021). There are three dimensions of cloud computing offerings: software as a service (SaaS), platform as a service (PaaS) (IaaS), and infrastructure as a service (IaaS) (Silberschatz et al., 2018). Businesses can distribute and share resources among internet providers by utilizing a cloud service.
Operating System Vulnerabilities
Windows Vulnerabilities
Microsoft Windows OS is presently the most prevalent operating system in enterprises. Being the most renowned is not always the greatest, which means that even the smallest susceptibility could have catastrophic results. Software upgrades are a significant Windows OS weakness if user account restrictions are absent (Solomon, 2019). A software glitch is an update provided by programmers to correct the program’s vulnerability. Other Windows OS flaws include SQL, web server, and remote monitoring problems.
Linux Vulnerabilities
Linux is an open-source and community-developed OS with user-defined content and capabilities, similar to UNIX. It is compatible with nearly every significant computing device, making it one of the most broadly recognized operating systems. Unlike Windows, Linux does not have a single collection of risks. It is still susceptible to the same dangers as Windows, but it is harder to uncover these weaknesses owing to many Linux variants (Kim & Cho, 2021). Businesses are more inclined to use Linux-based servers due to their adaptability, which could result in greater devastation if a flaw is discovered.
Mac OS Vulnerabilities
It has always been believed that the Mac OS is more secure than Windows, yet it is still susceptible to bugs. One reason there are fewer Mac OS vulnerabilities than Windows OS issues is that the Mac OS is not as prevalent in organizations (Bhatt et al., 2018). The Mac OS remains vulnerable to the same risks as Linux and Windows, although the probability of an attack is not identical. This can offer a false impression of safety regarding operating system protection.
Mobile Device Vulnerabilities
Smartphones are ripe for attack, as they are susceptible to various threats that exploit multiple weaknesses. In 2017, 20% of businesses claimed that their cell phones had been compromised within the past year (Delgado-Santos et al., 2022). Before a decade ago, mobile infection was viewed as a novel and unlikely hazard, and many consumers believed they were resistant to it. Most handheld devices marketed nowadays are smart devices, making them practically equivalent to a home computer without the same security protections.
MS and Linux Intrusion Methods
File sharing is one of the invasions discovered in Windows OS. The Windows file-sharing utility allows people to connect to a network irrespective of their OS or edition. This begins when individuals exchange files throughout networks so others can acquire them readily (Soh et al., 2020). When these resources are shared and accessible to all individuals, an intrusion may occur if an authorized user searches for a term using the textual search feature. This could approve them to sensitive data such as credit card details, identification numbers, and other private information.
To recognize the presence of an invader on Linux, the security manager employs an intrusion detection tool. This intrusion prevention program is a software collection that watches the host, system, and files for invasions. A black box monitors network intrusions by listening for abnormalities that may signal access (Augustine, 2021). Monitoring incursions predicated on a domain involves monitoring specific behaviors from that host. Checking log files is performed by programs that analyze log files even after a questionable action has occurred.
Security Awareness Technologies
Intrusion Defense/Prevention Systems (IDS/IPS) log encroachment annotations are used to prevent recurrences of previous incidents. IDSs are a connectivity protection mechanism created initially to identify manipulations of application or workstation vulnerabilities (Ahmad et al., 2021). They are passive devices that supervise network packets and signal suspicious behavior to the IT supervisor. Additionally, IDS will react to unusual traffic by halting the visitor or source’s connection to the network. The IDS system includes a network-based intrusion detection system (NIDS) that screens internet activity for all gadgets. IPS is a security protocols protection innovation that analyzes network traffic moves to identify and avoid security breaches (Ahmad et al., 2021). Typically, these escapades take the form of malevolent inputs to an intended application, allowing hackers to take control of the program. The IPS technique is located directly behind the proxy server and offers an extra layer of assessment that identifies and removes potentially harmful information.
Why Corporate and Government Systems are Targets
Hackers may target global corporations and government networks for political, financial, or egotistical reasons. The news coverage of hostile engagement in the campaigns is an illustration of what could be termed a political assault. An economic threat would be classified as a sort of Ransomware in which the perpetrators demand payment before deleting or releasing the hacked information. In pride crimes, the attacker attempts to establish a name for themselves by attacking a prominent victim to gain notoriety. Given the size of their institutions and the potential damage an attacker might inflict in any of the aforementioned attack areas, significant enterprises and state agencies are popular targets for hackers.
Injection Vulnerabilities
SQL and XML intrusions are the most prevalent, typically affecting web applications. Since its introduction, the SQL flaw has been included in the OWASP Top 10 list of the most frequent and commonly leveraged weaknesses as one of the most severe concerns for data privacy and security in software applications. SQL injection allows an intruder to input requests into a website. It assaults the application’s contents by circumventing the barrier safeguarding it. It is a mechanism that modifies the variables of a Web-based service to alter the SQL commands submitted to a server to get information (Weinberg et al., 2020). SQL injection is intended to extract a database’s data and gain entry to a business’s host machines. Adding a single quotation (‘) to the arguments makes it feasible to perform a second query concurrently with the first.
XML Infusion is a form of attack used to modify or undermine the functionality of an XML product. Injecting unauthorized XML material and entities into an XML communication can affect the software’s logic (Grinberg, 2018). Additionally, an injection can result in the inclusion of harmful content on the webpage. As an illustration, consider the update of transaction and user data. These risks are only deemed problematic when an attacker exploits them. Discovering and manipulating a flaw to obtain entry to a system is the quickest intrusion technique (Grinberg, 2018). After gaining access, the intruder will look for manager rights. If the attacker could obtain a permit, the consequence would rely exclusively on their motivation. They could steal information, distort data, or wipe it entirely, causing the firm to be more than just an economic burden.
Vulnerability Scan: Vulnerabilities Assessment and Patches
Vulnerability Assessment Tool: Open Vulnerability System (OpenVAS)
Open Vulnerability Systems are a collection of apps that test consumer computers using a repository of known attacks and vulnerabilities. This is done to evaluate the program’s servers’ protection against threats. OpenVAS has numerous preset scan configurations and permits users to define their own. It has eight scan configurations by default, and the specifications of each structure can be viewed by clicking on it (Rahalkar, 2019). The Configuration tab of OpenVAS’s graphical interface allows various activities. After users have investigated the choices and made appropriate changes, they should attempt to conduct a comprehensive scan with multiple locations, configurations, and identities. Patches are software and OS modifications that fix security flaws in an application or device. OpenVAS has the Quality of Detection (QoD) patch, a figure between 0% and 100%, that describes the accuracy of the detecting attacks or merchandise detection that has been done (Rahalkar, 2019). In addition, this approach addresses the problem of possible flaws. These capabilities make OpenVAS beneficial for use by organizations in limiting cybersecurity attacks. OpenVAS has the following limitations: fewer Common Vulnerabilities and Exposures (CVEs) than Nessus, inferior operating system maintainability, and no compliance management.
Vulnerability Assessment Methodology
It is crucial for every company to keep a stable security system. This commences with the numerous operational levels of protection systems. In this instance, safety leadership is responsible for evaluating the level of perceived attacks, intrusions, and hazards their firm faces. To accomplish this, OpenVAS will be utilized. This would involve interviews with significant representatives of the firm’s personnel and other participants to assess the threat level. After this, a tour of the organization’s premises should be conducted to identify any dangers posed by hazards and weaknesses. Concerning the network protection of the firm, a range of examinations must be performed to assess the security strength against the security danger level. OpenVAS would scan the company’s security system to determine the hazards’ existence. This scanning will also include penetration tests to evaluate the security posture. A list of weaknesses and associated threat levels will be compiled from the data acquired by these tools. The following are some of the most significant concerns noted by OpenVAS:
- The severity proportion of SSH Weak Encryption Schemes Enabled was 4.3. (Medium). The suggested way to prevent malicious activities from obtaining unencrypted text from a batch of decryption is to deactivate ineffective encryption techniques.
- Search for SSL Weak Ciphers earned a 4.3 severity rating (medium). The proposed alternative was to modify the settings of the offerings such that they no longer sustain the invalid ciphertext.
- The relative risk of Deprecated SSLv2 and SSLv3 Interface Diagnostics was 4.3. (Medium). To prevent hackers from gaining entry to sensitive information, it is advised to suspend the outdated SSLv2 and SSLv3 standards.
- Details about POODLE SSLv3 Protocol CBC encryption methods disclosure. The susceptibility severity rate was 4.3%. (Medium). This enables a man-in-the-middle assault; the recommended fix is to notify the supplier, who has issued a patch.
- SSH Weak MAC Protocols Supported possessed a 2.6% severity rating (Low). The suggested remedy is to disengage the weak MAC techniques.
Conclusion
In conclusion, I believe that this corporation must guarantee that its Network Managers take the time to verify that all security patches have been effectively implemented and that firewalls are functioning. The vulnerability scan revealed that Log-In monitoring was deactivated; thus, they must also guarantee it is restored. If the Log-In is deactivated, the attacker can attempt to access the computer as often as necessary without leaving a trace of the intrusion. Most accounts that I checked either had no security restrictions or had passwords that were deemed to be inadequate. This issue must be resolved immediately to establish a new baseline for proper authorization. I recommend a minimum of 8-16 elements, with at least two unique features, and the passcode must be updated every 60 days. I propose deactivating the guest account permanently if it is not required.
References
Ahmad, Z., Shahid Khan, A., Wai Shiang, C., Abdullah, J., & Ahmad, F. (2021). Network intrusion detection system: A systematic study of machine learning and deep learning approaches. Transactions on Emerging Telecommunications Technologies, 32(1), 1-29. Web.
Augustine, W. A. (2021). Applying machine learning on Linux interprocess communication graphs for intrusion detection. State University of New York at Albany.
Bhatt, N., Anand, A., Aggrawal, D., & Alhazmi, O. H. (2018). Categorization of vulnerabilities in a software. In System Reliability Management (pp. 121-135). CRC Press.
Cattaneo, D., Di Bello, A., Cherubin, S., Terraneo, F., & Agosta, G. (2018, August). Embedded operating system optimization through floating to fixed point compiler transformation. In 2018 21st Euromicro Conference on Digital System Design (pp. 172-176). IEEE.
Delgado-Santos, P., Stragapede, G., Tolosana, R., Guest, R., Deravi, F., & Vera-Rodriguez, R. (2022). A survey of privacy vulnerabilities of mobile device sensors. ACM Computing Surveys (CSUR), 54(11s), 1-30. Web.
Grinberg, A. (2018). Introducing XML. In XML and JSON Recipes for SQL Server (pp. 3-22). Apress, Berkeley, CA.
Hee, Y. H., Ishak, M. K., Asaari, M. S. M., & Seman, M. T. A. (2021). Embedded operating system and industrial applications: a review. Bulletin of Electrical Engineering and Informatics, 10(3), 1687-1700. Web.
Kim, S., & Cho, T. (2021). A study on vulnerabilities of Linux password and countermeasures. In Advances in Computer Science and Ubiquitous Computing (pp. 61-67). Springer.
Ordouie, N., Soundararajan, N., Karne, R., & Wijesinha, A. L. (2021). Developing computer applications without any OS or Kernel in a multi-core architecture. In 2021 International Symposium on Networks, Computers and Communications (pp. 1-8). IEEE.
Oulasvirta, A., Dayama, N. R., Shiripour, M., John, M., & Karrenbauer, A. (2020). Combinatorial optimization of graphical user interface designs. Proceedings of the IEEE, 108(3), 434-464. Web.
Rahalkar, S. (2019). OpenVAS. In Quick Start Guide to Penetration Testing (pp. 47-71). Apress, Berkeley, CA.
Silberschatz, A., Galvin, P. B., & Gagne, G. (2018). Operating system concepts, 10e abridged print companion. John Wiley & Sons.
Soh, J., Copeland, M., Puca, A., & Harris, M. (2020). Microsoft Azure and Cloud Computing. In Microsoft Azure (pp. 3-20). Apress, Berkeley, CA.
Solomon, M. G. (2019). Security strategies in Windows platforms and applications. Jones & Bartlett Learning.
Weinberg, P. N., Groff, J. R., & Oppel, A. J. (2020). SQL, the complete reference. McGraw-Hill.