Sifers-Grayson: Growing Through Upgrading Computer Resources - Essay Sample

Introduction

The Sifers-Grayson is a family-based business company that offers services to its clients on giving them computer resources like hardware and software. It trains all its engineers to ensure that they can support the machines and network availability used for the department. The company's hardware that facilitates the company's services includes desktops and laptops for the software include Windows 10, 8.1, IoS, variants of apple, and OSX. It had continuous growth because of upgrading, depending on how technology is advanced.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Order now

The engineering department has a laboratory, the R & D Data centers, which develops, tests, supports, and maintains software and firmware for its robots to ensure that the systems are faster and secure tackle the company's activities. Besides, an IT department ensures that the company's data is stored well in R & D center servers and well protected from fraudsters who can hack the system and make it vulnerable to attacks (Mohurle & Patil, 2017). Recent upgrades for both hardware and software have been done for three years to complete after a ransomware attack hit the laboratory that exploited Windows XP. The system is not safe because they paid a ransom for the expertise to implement security mechanisms simply because they did not back up their data.

Analysis of the Red Teams Report Determining what was Attacked or the Used Vectors

The Reds Team report attacked the following areas where it conducted the test of penetration. It could gain access to R & D servers of the engineering by hacking into enterprise networks via the unprotected network. It also filtered data from the servers and extracted all the data belonging to the design and code Drone System of AX10.

The team reported that it had stolen passwords of individual employees where it could gain access to employees using software called key-log, which USB keys left on the table in the employees' building lounge, which got installed. It continued to capture the enterprise using stolen login details to establish a workstation with malware in the network (Conteh & Schmick, 2016). Furthermore, the malware took control of the testing car because it has a cellular and direct link to its system.

There was phishing of emails by the team where it used the login details obtained and tried to forward emails to the employees. The email they pushed to the company's employees contained a link with three videos, after which they opened, they found that it opened cats and kitten. They later displayed Page Not Found (404 Error), a message from the target server, meaning that the link was corrupt.

Analysis of an Environment Determining Forensic Evidence Types to Collect it After an Attack and where it Gathered from

The environment determining the kind of evidence collected should be vulnerable to attacks. It will enable easy identification and resolution to the loopholes that attackers can use to hack the companies system and access confidential data. It allowed them to collect data and show that the system is weak.

There was no significant response during penetration because of the lack of co-operation. It made it easier for the team to collect data entirely from the system of the company vulnerably. It is because there was a lack of automated detection capabilities. The evidence has been collected from the company's website because they used the employees' login details to access the system. Also, they were able to make the tests they carried out and turned how they expected.

Besides, the other evidence was generated from the computers' hard disks because all the engineers' designing documents were taken from them. It is achieved through direct access to the website. The reason behind it is that it was not protected.

Finally, the company's ability to perform forensics investigations was minimal, bringing the penetration team's attention. The group noticed no expert in forensic analysis. It acted as a loophole of obtaining evidence from the company’s website.

The Three Attack Vulnerabilities or Vectors that the Red Team Exploited as it did Penetration Testing

One of the vulnerabilities exploited by the Red Team is session hijacking. Here is where the company's link carrying out advertisements was corrupted and replaced with cats and kittens' video links. Upon loading the links, they did not open up and instead displayed Page Not Found (404 Error) a message from the target server (Mittal et al., 2016). It is due to a weak firewall that enabled hackers to enter the network and make attacks.

Furthermore, the other vulnerability is called the attack by a password. A team hired used the stolen login details to send emails to the company's employees, and they found it functional. An Email attack can leak the organization's sensitive data (EC-Council Certified Incident Handler, 2020). The team used the SPAM to check whether it can distribute malicious messages and links, and they found that it is true. It made a way through into the system and performed the task, indicating that the system is weak and vulnerable to fraudsters' attack. In this, the system can mislead the employees.

Finally, the last vulnerability or attack used by the team to exploit was a drive-by attack. It is where the attacker used the company's insecure website and planted malicious scripts on the websites. It made them control the site, thus accessing some staff's credentials.

Documentation of the Type of Evidence Collected Based on Vulnerability Stated Above

The invulnerability of attack by password, the evidence was gotten from the internet. Here, the workers' login credentials were obtained from the engineering R & D serverswhere they have access. This type of evidence is called digital proof.

Besides, for the vulnerability of sessional hijacking, the evidence was obtained from the links' misbehavior. They showed cats and kittens instead of an advert it was purposed to do. The type of evidence obtained here was circumstantial because circumstances have influenced it.

Finally, the evidence obtained from the drive-by attack vulnerability is derived from the sites. The attacker used its weak and vulnerable website to plant malicious scripts and cookies on the website, attacking and capturing some of the staff credentials. This type of evidence portrayed here is digital.

Conclusion

In conclusion, the Reds Team Penetration test was successfully conducted to the Sifers-Grayson to meet the set required standards. They enabled it to acquire the contract of the federal agency. As a result, they should be awarded the tender because the test helped them to implement robust security mechanisms, making it not vulnerable to threats.

References

Conteh, N. Y., & Schmick, P. J. (2016). Cybersecurity: risks, vulnerabilities, and countermeasures to prevent social engineering attacks. International Journal of Advanced Computer Research, 6(23), 31. https://books.google.co.ke/books?id=xHG0DwAAQBAJ&pg=PA95&dq=Cybersecurity:+rRisks,+vulnerabilities,+and+countermeasures+to+prevent+social+engineering+attacks&hl=en&sa=X&ved=2ahUKEwjdmuWilMbrAhWO3OAKHc-WBMYQuwUwAHoECAIQBg#v=onepage&q=Cybersecurity%3A%20rRisks%2C%20vulnerabilities%2C%20and%20countermeasures%20to%20prevent%20social%20engineering%20attacks&f=falseEC-Council Certified Incident Handler. (2020). VitalSource Bookshelf Online.

https://evantage.gilmoreglobal.com/#/books/978-1-63567-276-3/cfi/175!/4/[email protected]:0.00Mittal, S., Das, P. K., Mulwad, V., Joshi, A., & Finin, T. (2016, August). Cybertwitter: Using twitter to generate alerts for cybersecurity threats and vulnerabilities. International Conference on Advances in Social Networks Analysis and Mining (ASONAM) (pp. 860-867). IEEE. https://books.google.co.ke/books?id=hy3fDwAAQBAJ&pg=PA144&dq=Cybertwitter:+Using+twitter+to+generate+alerts+for+cybersecurity+threats+and+vulnerabilities&hl=en&sa=X&ved=2ahUKEwjkq8H9m8brAhWJMBQKHRjmApEQuwUwAHoECAIQBg#v=onepage&q=Cybertwitter%3A%20Using%20twitter%20to%20generate%20alerts%20for%20cybersecurity%20threats%20and%20vulnerabilities&f=false

Module, S., & Patil, M. (2017). A brief study of wanna cry threat: Ransomware attack 2017—International Journal of Advanced Research in Computer Science, 8(5). https://books.google.co.ke/books?id=x63UDwAAQBAJ&pg=PA65&dq=A+brief+study+of+wanna+cry+threat:+Ransomware+attack&hl=en&sa=X&ved=2ahUKEwjDlpaqnMbrAhWUBWMBHQr6BRcQuwUwAHoECAQQBg#v=onepage&q=A%20brief%20study%20of%20wanna%20cry%20threat%3A%20Ransomware%20attack&f=false