MIS607 Cybersecurity

Threat Model Report

0
Introduction
In the present world, the availability of technologies has increased in number, also it has been
seen that the threats to the business are highly increasing rather than increasing exponentially.
For their advantage, the malicious users exploited the technologies that include various kinds of
vulnerabilities which has been observed. The ransom email that has been received by the
insurance of B&C, this report has analyzed these threat factors. It has further said that the users
were malicious they have the access to the plans of the company especially the strategic plans
and also they have personal details of over 200,000 clients who belong to the company. The
threat factors of the organization will be illustrated by a big data flow diagram which has been
provided in this report this will brief the threat factors of an organization in various components.

Threat type and Key factors

Network components and all the threats:

Router: All these types of routers are getting used in the business organization. They are
described as various types of network devices. It will be helpful to forward some data packets
amongst various computer networks. In the organization, there exist various threats on the
routers. They help to lead the system while closure time. It was also helpful for the inability of
data transmission over the data networks. Few main threats are used in the router. The
organization is deliberate for some mainly unauthorized access. They also get used to
masquerading, hijacking, and other routing protocol attacks. Among them, session hijacking will
be executed successfully with the help of malicious users. Masquerades are used to increase all
sorts of unauthorized access and also to inject garbage data into any other network. At that time
attackers have been provided with all the abilities to insert their IP packers. The session will be
established by using IP spoofing. It depicts the prediction of all the sequence numbers and
alterations also (Humayun et al., 2020). On the other hand, routing attackers can influence IP
packers for all types of distortion in IP addresses. Rotting protocol attacks such as Routing
information protocol attacks will be faced by the association where RIP routing updates will be
easily fetched by the attacker. It will be initiating the router towards the packets for any attacker.

1
 Figure: DATA FLOW DIAGRAM

(Source: created by learner)

Server: The server of the association will be considered as the main computer. It can provide all
types of data on all other computers. It helps for serving all data towards the system. It mainly
serves data to different types of servers, especially which can help communicate with several
aspects of the association. In the organization, there exist some servers which tend to get some
threats which will be leading to hampering their association. They also face some random attacks
such as various emails and many more. The ultimate threat for the servers inside the association
is malicious attacks, brute force attacks, DoS, Botnet, SQL injection, Cross-site scripting, and
lastly the malware. Attackers are mostly using various botnets automatically by distributing and
running their malicious software for the agent server (Tweneboah-Koduah et al., 2017). In the
brute force attack, different users are intended to gain accessibility in the system module. They
are simply guessing the passwords of the user of the SSH server, or the webserver and mail

2
server. The DoS attack on various servers will be defined while all the attacks and attackers will
help to increase the traffic for the organization which helps to lead the crashing on the website.

Switches: The association has been used different switches in the network which helps in
transmitting the network. The network can be chosen in the network hardware which can connect
all those devices in any computer network. It utilizes a packet switching procedure to receive and
forward all those data into any type of destination. The ultimate threats of the switches will be
utilized in the association for STP attacks, ARP spoofing, MAC flooding, and other DHCP
server spoofing. Address resolution protocol has been used by the help of all devices which will
be connected to several Ethernet network to find the layer of Ethernet addresses for destination
devices. If any request will be made for any type of computer then some random computer will
be sending them to another external computer. These types of attacks will be executed with the
help of several switches which will be placed in the association's private network (Yeboah-Ofori
et al., 2019). The Local area networks will be utilized in the Spanning Tree Protocol to remove
their potential loops within any type of network. It also helps to improve the performance of the
network.

Firewall: Firewall has been reflected as the defense within any network. In the network, the
filtering of all the traffic has been done with the help of a firewall. It is also declared as the main
part of the association cybersecurity. Several types of threats of the organization are leading to
loss of sensitive data. Few threats of the firewall instigate insider attacks, configuration mistakes,
missing patches, and other DoS attacks (Schatz et al., 2017). Insider attacks are preferred as the
type of attacks where they will be executed. It has been done with the help of an insider of the
association. They are preferable as those types of attacks which will be accomplished by all the
insider of the association (Rizvi et al., 2020). They will not be banned by using those firewalls
where the outgoing and incoming traffic by the firewall is executed through some organizational
network. If all these security patches regarding the firewall will not be executed regularly then it
can create some vulnerability which will be exploited easily with the help of the attackers to gain
accessibility through the networks and the firewall both.

Database: The association will be using several databases to store all details about the clients
and business employees of the organization. Several claims of the association will be managed
and stored in the databases. These threats are getting faced with the help of all databases like

3
database poor privileges, database injection attacks, malware, and lastly exploitation of other
misconfigured databases. Poor privileges and their threats will be including the association helps
to provide the increment of all privilege for all employees. All usage of spear-phishing emails
will be helpful for the databases to increase the use of illegal emails which are sent to the
network of the association. In SQL injection attacks, attackers will be injecting their codes into
any program ((Riesco et al., 2020). Various usages of malicious SQL statements are getting
controlled in the database server. It will be useful to retrieve all details by accessing the website
of the association.

Conclusion and Recommendation

In the present network of the organization, it has been seen from the above discussion that
various kinds of threats are residing. With the accumulation of different kinds of network
devices, this organization is mainly formed which helps to communicate within one another that
ultimately makes sure about the data flow. The Users who use these devices by providing proper
training this threat could be managed it should be checked that the access which will be provided
to the users with that they will be only allowed and the users get to teach about different kinds of
threats which an organization can face.

To teach the employees of the organization during the regular training session about the different
types of methods which are being imposed to make sure that the malicious user will not have any
kind of access to the network, this process is being recommended on all the organizational
employees of an organization. The login credentials should be provided to all the users and also
it should be maintained so that when any user will log into the system it can check the time
which will provide some information. To ensure that the network of all devices is working
properly and also is implemented by security measures the organization should do regular
auditing.

From the above discussion, it can be concluded that various kind of threats as well as various
kind of issues which gives the access of a system illegally by the malicious users also it leads to
the stolen of data by the organization. An organization has a lot of threats to the network
component which leads to attacks that happen on the network and also significantly lose the
sensitive data. the organization is recommended that all the employees of an organization should

4
go through a proper training session regularly which will teach them about the new and different
methods which are used to ensure that the access in the network will not be Visible to the
malicious users.

5
References
Gunduz, M. Z., & Das, R. (2020). Cyber-security on smart grid: Threats and potential
solutions. Computer networks, 169, 107094.

Gupta, B. B. (Ed.). (2018). Computer and cyber security: principles, algorithm, applications,
and perspectives. CRC Press.

Humayun, M., Niazi, M., Jhanjhi, N. Z., Alshayeb, M., & Mahmood, S. (2020). Cyber security
threats and vulnerabilities: a systematic mapping study. Arabian Journal for Science and
Engineering, 45(4), 3171-3189.

Humayun, M., Niazi, M., Jhanjhi, N. Z., Alshayeb, M., & Mahmood, S. (2020). Cyber security
threats and vulnerabilities: a systematic mapping study. Arabian Journal for Science and
Engineering, 45(4), 3171-3189.

Lallie, H. S., Shepherd, L. A., Nurse, J. R., Erola, A., Epiphaniou, G., Maple, C., & Bellekens,
X. (2021). Cyber security in the age of covid-19: A timeline and analysis of cyber-crime
and cyber-attacks during the pandemic. Computers & Security, 105, 102248.

Riesco, R., Larriva-Novo, X., & Villagrá, V. A. (2020). Cybersecurity threat intelligence
knowledge exchange based on blockchain. Telecommunication Systems, 73(2), 259-288.

Rizvi, S., Pipetti, R., McIntyre, N., Todd, J., & Williams, I. (2020). Threat model for securing
internet of things (IoT) network at device-level. Internet of Things, 11, 100240.

Schatz, D., Bashroush, R., & Wall, J. (2017). Towards a more representative definition of cyber
security. Journal of Digital Forensics, Security and Law, 12(2), 8.

Tweneboah-Koduah, S., Skouby, K. E., & Tadayoni, R. (2017). Cyber security threats to IoT
applications and service domains. Wireless Personal Communications, 95(1), 169-185.

Yeboah-Ofori, A., & Islam, S. (2019). Cyber security threat modeling for supply chain
organizational environments. Future Internet, 11(3), 63.

6
7