Question

Software vulnerabilities in cyberspace can range from the simple outdated security patches on national critical infrastructure systems to poorly designed defense missile control systems. When these industrial control systems, military weapon control systems, or air control transportation systems are designed without security built into the software, their security vulnerabilities are paramount to the national security, economy, and human health.

Do research on the latest prominent software vulnerabilities and share your literature review findings with the class.

Answer 1

Now this requires an serious insight into why do, software vulnerabilites are present in todays era.With so much advancements made each day in software industry why developers or  architects make mistakes that can have devastating effect.

People do stupid things.

I don’t run anti-virus nor anti-malware on my computer or my sister's computer. I am smart about what I do and where I go. She is too. Now.

My strategy is to have daily image backups. If there is an “infection” we roll back to the last known good image. I have had zero rollbacks in 30 years. She has had one. Exactly one. And the pain of losing some data made her a lot smarter about security.

If you look at virus and malware infections you’ll find that 90% of the time, someone clicked on something that they shouldn’t have or was surfing in a place that they shouldn’t have.

This is the same, whether it is at home or work.

Ask any security analyst and they will tell you that the weak link, overwhelmingly, is people. Poor processes (like a misconfigured firewall) result in the 10%, but that 90% exposes the 10%.

Now coming to some famous security threats , that are prominent in todays era:

• Missing data encryption
• OS command injection
• SQL injection
• Buffer overflow
• Missing authentication for critical function
• Missing authorization
• Unrestricted upload of dangerous file types
• Reliance on untrusted inputs in a security decision
• Cross-site scripting and forgery
• Download of codes without integrity checks
• Use of broken algorithms
• URL redirection to untrusted sites
• Path traversal
• Bugs
• Weak passwords
• Software that is already infected with virus

Many of these are result of lack of awareness in both developers and users, sometimes yes they(Hackers) are smart enough.

Now have a look at some 2019 attacks,

1) CVE-2018-15982 – Adobe Flash Player

Associated malware: Fallout Exploit Kit, Spelevo Exploit Kit, Thredkit, GreenFlash Sundown, Lord Exploit Kit, GrandCrab, Capesand Exploit Kit, Maze Ransomware.

Common vulnerability scoring system (CVSS): 10/10

2) CVE-2018-8174 – Microsoft Internet Explorer

Associated malware: SLUB, Fallout Exploit Kit, KaiXin Exploit Kit, LCG Kit Exploit Kit, Magnitude Exploit Kit, RIG Exploit Kit, Trickbot, Underminer Exploit Kit, Capesand Exploit Kit, Dridex, IcedID, Buran Ransomware, Grandcrab

CVSS: 7.6

3) CVE-2017-11882 – Microsoft Office

Associated malware: Agent Tesla Keylogger, Artemis, Formbook, Nanocore, PowerShower, Loki, Heur, Chanitor, Trillium Security Multisploit Tool, Emotet, Silent Doc Exploit, ThreadKit, VenomKit.

4) CVE-2018-4878 – Adobe Flash Player

Associated malware: Grandcrab, Fallout Exploit Kit, RIG Exploit Kit, Spelevo, Capesand Exploit Kit, GreenFlash Exploit Kit, Hermes Ransomware, Sundown Exploit Kit, Threadkit Exploit Kit.

CVSS: 7.5

5) CVE-2019-0752 – Microsoft Internet Explorer

Associated malware: SLUB, Capesand Exploit Kit.

CVSS: 7.6

6) CVE-2017-0199 – Microsoft Office

Associated malware: njRAT, RevengeRat, Pony, QuasarRAT, REMCOS RAT, SHUTTERSPEED, Silent Doc Exploit Kit, Threadkit Exploit Kit.

CVSS: 9.3

what are the insights from above attacks ?

The human factor is the biggest threat to Cybersecurity. In a reaseach conducted by IT SEC in 2019,(IT SEC: NXtGen Cyber, Network & Blockchain Penetration Testing Solutions Now!) it was discovered 90% of all cyberattacks could have been prevented if the employees would have been more careful and vigilent.

What is Vulnerability in Computer Security and How is It Different from a Cyber Threat?

To put it in the most basic terms, a computer system vulnerability is a flaw or weakness in a system or network that could be exploited to cause damage, or allow an attacker to manipulate the system in some way.

This is different from a “cyber threat” in that while a cyber threat may involve an outside element, computer system vulnerabilities exist on the network asset (computer) to begin with. Additionally, they are not usually the result of an intentional effort by an attacker—though cybercriminals will leverage these flaws in their attacks, leading some to use the terms interchangeably.

The way that a computer vulnerability is exploited depends on the nature of the vulnerability and the motives of the attacker. These vulnerabilities can exist because of unanticipated interactions of different software programs, system components, or basic flaws in an individual program.

1) Malware

As pointed out earlier, new malware is being created all the time. However, while the statistic of 360,000 new malware files a day sounds daunting, it’s important to know one thing: Many of these “new” malware files are simply rehashes of older malware programs that have been altered just enough to make them unrecognizable to antivirus programs.

Over the years, however, many different kinds of malware have been created, each one affecting the target’s systems in a different way:

• Ransomware. This malicious software is designed to encrypt the victim’s data storage drives, rendering them inaccessible to the owner. An ultimatum is then delivered, demanding payment in return for the encryption key. If the ransom demand isn’t met, the key will be deleted and the data lost forever with it.
  
• Trojans. This references a kind of delivery system for malware. A Trojan is any piece of malware that masquerades as a legitimate program to trick victims into installing it on their systems. Trojans can do a lot of damage because they slip behind your outermost network security defenses by posing as something harmless while carrying a major threat inside—like a certain infamous horse did to the city of Troy in Homer’s “Iliad.”

• Worms. Worms are programs that can self-replicate and spread through a variety of means, such as emails. Once on a system, the worm will search for some form of contacts database or file sharing system and send itself out as an attachment. When in email form, the attachment is part of an email that looks like it’s from the person whose computer was compromised.

The goal of many malware programs is to access sensitive data and copy it. Some highly-advanced malwares can autonomously copy data and send it to a specific port or server that an attacker can then use to discreetly steal information.

2) Unpatched Security Vulnerabilities

While there are countless new threats being developed daily, many of them rely on old security vulnerabilities to work. With so many malwares looking to exploit the same few vulnerabilities time and time again, one of the biggest risks that a business can take is failing to patch those vulnerabilities once they’re discovered.

It’s all too common for a business—or even just the individual users on a network—to dismiss the “update available” reminders that pop up in certain programs because they don’t want to lose the 5-10 minutes of productive time that running the update would take.

3) Hidden Backdoor Programs

This is an example of an intentionally-created computer security vulnerability. When a manufacturer of computer components, software, or whole computers installs a program or bit of code designed to allow a computer to be remotely accessed (typically for diagnostic, configuration), that access program is called a backdoor.

When the backdoor is installed into computers without the user’s knowledge, it can be called a hidden backdoor program. Hidden backdoors are an enormous software vulnerability because they make it all too easy for someone with knowledge of the backdoor to illicitly access the affected computer system and any network it is connected to.

NOTE :

“Europe’s biggest phone company identified hidden backdoors in the software that could have given Huawei unauthorized access to the carrier’s fixed-line network in Italy, a system that provides internet service to millions of homes and businesses… Vodafone asked Huawei to remove backdoors in home internet routers in 2011 and received assurances from the supplier that the issues were fixed, but further testing revealed that the security vulnerabilities remained."

5) Automated Running of Scripts without Malware/Virus Checks

One common network security vulnerability that some attackers learned to exploit is the use of certain web browsers’ (such as Safari) tendencies to automatically run “trusted” or “safe” scripts. By mimicking a trusted piece of code and tricking the browser, cybercriminals could get the browser software to run malware without the knowledge or input of the user—who often wouldn’t know to disable this “feature.”

While keeping employees from visiting untrustworthy websites that would run malware is a start, disabling the automatic running of “safe” files is much more reliable—and necessary for compliance with the Center for

Internet Security’s (CI’) AppleOS benchmark.

6) Unknown Security Bugs in Software or Programming Interfaces

Computer software is incredibly complicated. When two or more programs are made to interface with one another, the complexity can only increase. The issue with this is that within a single piece of software, there may be programming issues and conflicts that can create security vulnerabilities.

Programming bugs and unanticipated code interactions rank among the most common computer security vulnerabilities—and cybercriminals work daily to discover and abuse them. Unfortunately, predicting the creation of these computer system vulnerabilities is nearly impossible because there are virtually no limits to the combinations of software that might be found on a single computer, let alone an entire network.

7) Phishing (Social Engineering) Attacks

In a phishing attack, the attacker attempts to trick an employee in the victim organization into giving away sensitive data and account credentials—or into downloading malware. The most common form of this attack comes as an email mimicking the identity of one of your company’s vendors or someone who has a lot of authority in the company.

For example, the attacker may say something like: “This is Mark from IT, your user account shows suspicious activity, please click this link to reset and secure your password.” The link in such an email often leads to a website that will download malware to a user’s computer, compromising their system. Other phishing attacks may ask users to give the attacker

their user account credentials so they can solve an issue.

The basic goal of this strategy is to exploit an organization’s employees to bypass one or more security layers so they can access data more easily.

There are several ways to defend against this attack strategy, including:

• Email Virus Detection Tools. To check email attachments for malware that could harm your network.
  
• Multifactor Authentication (MFA). Using multiple authentication methods (such as biometrics, one-use texted codes, and physical
• tokens) for giving users access to your network makes it harder for attackers to hijack user accounts with just the username and password.
  
• Employee Cybersecurity Awareness Training. An educated employee is less likely to fall for phishing schemes than one who doesn’t know basic cybersecurity protocols. Cybersecurity awareness training helps to provide employees with the basic knowledge they need to identify and avoid phishing attacks.
• Defense in Depth. Using a defense-in-depth approach to network security adds extra layers of protection between each of the individual assets on the network. This way, if attackers bypass the outermost defenses of the network, there will still be other layers of protection between the compromised asset and the rest of the network.
  
• Policy of Least Privilege. Enacting a policy of least privilege means restricting a user’s access to the minimum amount needed to perform their job duties. This way, if that user’s account privileges are misused, the damage will be limited.

8) Your IoT Devices

The Internet of Things (IoT) encompasses many “smart” devices, such as Wi-Fi capable refrigerators, printers, manufacturing robots, coffee makers, and countless other machines. The issue with these devices is that they can be hijacked by attackers to form slaved networks of compromised devices to carry out further attacks. Worse yet, many businesses don’t even realize just how many IoT devices they have on their networks—meaning that they have unprotected vulnerabilities that they aren’t aware of.

These unknown devices represent a massive opportunity to attackers—and, a massive risk for businesses.

To minimize the risk from IoT devices, a security audit should be performed that identifies all of the disparate assets on the network and the operating systems they’re running. This way, these IoT devices can be properly accounted for in the company’s cybersecurity strategy. Such audits should be performed periodically to account for any new devices that may be added to the network over time.

From above facts and figures about security issues that threaten our very technological world are the result of human errors 90% of the time and the remaining i would say is a result of exceptional human willingness and wittiness to eavesdrop the binary streams flowing around us.