Cyber Security Tutorial

Cyber Security Overview Cyber Security Introduction Cyber Crime Cyber Space Cyber Criminals Cyber Law Cyber Attackers Types of Hackers Functions of Cyber Security Method to Improve Data Security Cyber security frameworks Importance of Cyber Security Types of Cyber Security Cyber Security Fundamentals Applications of cyber security Cyber security in education sector Cyber security in health care industry Cyber security tools Cyber security policies Types of security policies Characteristics of cyber security policies Digital signature Cyber Security Standards NIST- National Institute of Standard and technology Information Technology Act ISO - International Standard for Organization ISO certification PCI DSS Standard FINRA Difference between Information Security and Cyber Security Cyber Security Vulnerability Elements of vulnerability management Social Engineering Vulnerability Assessment Vulnerability management Types of cyber security vulnerabilities Identification of security vulnerability Types of social engineering attacks Penetration Testing Penetration Testing Tools Types of penetration testing Process of Penetration Testing What is Phishing Elements of cyber security Difference between Spoofing and Phishing Difference between Network Security and Cyber Security Difference between Ethical Hacking & Cyber Security Role of artificial engineering in cyber security Cyber Forensics Definition Cyber Security job qualifications Cyber Security Prerequisites Cyber Security Identity and Access Management What is Cyber Forensics Different Types of Cybercrime Different types of cybercrime Tunneling Techniques in Cyber Security

Cyber Security Vulnerability
2022-06-21 23:11:05

Cyber Security Vulnerability

Introduction

Cyber security is the security provided to the internet to protect and secure valuable information. Security is needed against the system's threats, risks, exploits, and vulnerabilities.

Here we goanna understand what vulnerability is. In general terms, the word "vulnerable" means influenced, attacked, or able to be easily hurt, and the term "vulnerability" means the condition of being vulnerable.

Usually, mistakes can happen in building applications, systems, and coding technology, and the residue of these mistakes is known as the bug. Still, these are not harmful until the nefarious actors (cyber criminals) take advantage to exploit the system.

These bugs are then considered vulnerability – a condition where software doesn't act as intended. When a bug is determined as a vulnerability, it is registered as CVE by MITRE. 

Definition

“Vulnerability refers as flaw, error, bug, mistake or a weakness in the computer software, application, device or service that permit or cause an unintended behaviour to occur.”

“Vulnerability is the security weakness or a condition that enables a threat event to occur in a computer system.”  

Some of the examples of vulnerability in a business are as follows:

  • Lack of security cameras
  • Unlocked doors at business
  • Weakness in the system firewall that leads to major consequences in business by getting attacked by hackers

Vulnerability is the weakness in the system, which the cyber attackers exploit by gaining illegal access to the system causing severe damage to the data privacy. For the overall security posture of the system, it is mandatory to manage cyber security vulnerabilities because gaps in the system can harm the organization by resulting in a full-scale breach of the system.

Categories of vulnerabilities

With the increment in technologies, the number of vulnerabilities is increasing, such as human weakness, many developers, and tens of millions of lines of code.

These vulnerabilities are defined in different categories because of software, hardware, procedural, network vulnerability, etc.

  • Hardware vulnerability
    When hardware of the system is attacked physically or remotely due to weakness in hardware considered hardware vulnerability, examples are Unencrypted devices, an old version of devices or system, unprotected storage, etc.
  • Network vulnerability
    A network observes weakness in its functioning due to hardware or software issues that expose it to possible intrusion by an outside party. Examples are social engineering attacks, misconfigured walls, unprotected communication, insecure Wi-Fi access points, poorly configured firewalls, and malicious software or malware like key loggers, viruses, worms, etc.
  • Software vulnerability
    A software error can happen at any time, whether during designing, implementation, or at the time of execution of software can violate the security policy. Software vulnerabilities include unencrypted data, unverified upload, lack of input validation, and cross-site scripting.
  • Procedural vulnerability
    Procedural vulnerability is the weakness that occurs in an organizational operational method. For example:
    Training procedure= In the training procedure, employees are trained about how to handle the security and what action should be taken. Employees must know about social engineering and phishing attacks and never ask for user credentials online.
    Password procedure= In this procedure, every password should follow the standard password policy.
  • Human vulnerability
    Human error in the system is the weakest link in cyber security architecture.          Using a system or network by humans can expose data, disrupt the system and create exploitable access points for attackers. For example, include using the same password for different accounts, weak passwords, downloading or installing fake software, etc. 
  • Operating system vulnerability
    Hackers exploit vulnerabilities within a computer operating system to gain access to an asset the OS is installed on or cause other damage to the OS. For example, hidden backdoor programs and default super user accounts exist in some operating systems.

Causes of vulnerability  

  • Poor access control- This condition arises when users are allowed more access than they need to data and system, and old employees' accounts are closed. The network is vulnerable to outside and inside breaches. Hence poor access control is the reason for a vulnerability arising from improperly managing user roles in the company.
  • Software bugs – While designing the software, sometimes programmers accidently leave the bug in the software, which further can be considered a vulnerability.
  • Human error – Social engineering is a major threat to an organization; therefore, humans are the biggest cause of vulnerabilities.
  • System complexity- The complexity of a system can cause vulnerability because it becomes difficult for the user to understand and use the system, which increases the chances of flaws, misconfigurations, or unwanted network access. 
  • Familiarity – Cyber security attackers are highly educated and familiar with the operating system, common code, software, and hardware that lead to known vulnerabilities.
  • Connectivity- Connected many remote hardware devices are most unsecured and prone to have vulnerabilities. They open doors for access points of attack.
  • Poor password management- Reused and weak passwords are the easiest way from one data breach to several.
  • Internet- It is a wonderful source of installing malware and adware knowingly or unknowingly, or automatically on computers.
  • Unchecked user input – Every input to the website and software is not safe; it may run unintended SQL injection.
  • Operating system flaws – Unsecured and unprotected operating systems allow full access to the user by default and become a target to viruses and malware.

Difference between vulnerability, threat, and risk

Rather each term considered as same in IT in most cases but in some terms, these are different as vulnerabilities are known as weaknesses or undefined gaps.

Vulnerability is a weakness or gap in the system's protection where these gaps can undermine the security efforts of an organization's IT system. There are different types of vulnerabilities we discussed above.

Threat- It is something or a situation that can destroy or damage an asset. We try to protect our system or network against the threat.

There are three types of threats: natural, intentionally, and unintentional.

  • Natural threat = When threats arise/happen due to natural disasters (floods, tornadoes, hurricanes, earthquakes, etc.) called a natural threat. These threats have the potential to damage the asset or data, and they are unpredictable too.
  • Unintentional threat = These threats happen by chance or unknowingly like human error- forgetting to install a firewall or antivirus could make the system more vulnerable.
  • Intentional threat = Threats created for the fulfillment of bad intentions, and the attacks are phishing, malware, accessing someone's account illegally, etc.

Risks- Risk results from the intersection of threat, asset, and vulnerability. It is a threat function that exploits vulnerabilities to destroy, obtain or damage assets. Firstly, you must understand the type of risk and system vulnerabilities to handle any risk.

Risk = Threat +Vulnerability +Asset

These are of two types: external and internal.

  • External risk: This type of risk comes from the outside of an organization, like ransomware, cyber attacks, phishing, DDoS attacks, etc.
  • Internal risk: Measured from inside the organization with malicious intent or not properly trained.
             Threat       Vulnerability               Risks
We cannot control threat     It can be controlled It can be controlled
It can be or can’t be intentionallyIt happens unintentionallyIt happens or is created intentionally
Threats can be easily detected by threat detection logs and antivirus softwareIts way of detection are vulnerability scanners and penetration testing hardwareIt is detected when suspicious pop-ups occur, identification of mysterious emails, a slower than normal network, observing unusual password activities, etc.
It takes full advantage of weakness in the system due to which it can steal and harm dataIt creates a platform for cyber threats as vulnerability is considered as the weakness in software, hardware, or design of the systemCyber threats create destruction of data and reason for the potential for loss
When vulnerabilities are managed properly, they can be blocked easilyThis vulnerability management system is designed to identify, categorize, prioritize, and resolve problems.Cyber risk can be avoided or lowered by following these: Updating the software regularlyHiring a cyber security professional team to monitor dataReducing data transfersDownloading files from reliable sourcesDeveloping an incident management plan etc.

In the end, it is concluded that threats, vulnerability, and risk are different terms. Organizations spend lots of resources to save their data or information and increase their business.