IT THREATS AND SECURITY

IT Threats and Security Measures

[Institution Name]

IT Threats and Security Measures

Q1: Mr. Sacdin informs you that the services provided by the Duchy appear to be vulnerable to 'man in the browser' attacks. The browser used in the Duchy is almost exclusively Firefox. Advise Mr Sacdin on how likely the threat is for his type of IT and what is the counter- measures the Duchy can use and at what cost.

Our discussion for Duchy primarily depends on the concept of information security, its nature and characteristics, the basic methods of providing and category relevance and importance at the present stage of development. The essence and purpose of the DOS-attacks and other unauthorized intrusions into the information network will need the following steps to undertake as a preventive action:

Internet and information security

Hacking and Countermeasures

Computer viruses are a threat to information security

The security and restrict access to information

Concepts of Information Security

Analysis of existing systems, electronic burglary

The main threats to the security of information systems

In many realistic network environments where attackers can sniff the traffic from the browser, you can steal sensitive information from an HTTPS server, falsifying an HTTPS page and impersonate a genuine user to access an HTTPS server. These vulnerabilities reflect the oversights in the design of modern browsers - affect the major browsers and a large number of websites.

According to a bulletin of SecurityFocus, an HTML and script code supplied by an attacker, could run in the context of the affected browser, potentially allowing the attacker to steal the credentials cookie-based authentication or control how the sites are presented to the user. Other attacks are also possible (Identity Theft Resource Center, 2010). The affected browsers include Microsoft Internet Explorer 8, Mozilla Firefox, Google Chrome, Apple Safari and Opera.

Today, the financial community is facing the worst economic conditions in the past few decades. Now more than ever important to look for ways to cut costs, retain customers, increase efficiency of business and demonstrate return on investment to shareholders. Securing networks, through which financial services are delivered, can become a serious problem. The question is not so much to fulfill the basic requirements of business and ensure the security of private financial information of the client, how to do this in accordance with the set of industry standards and government regulations. For example, the U.S. Federal Council for Supervision of Financial Institutions (FFIEC) has been released guidance on authentication for Internet banking programs: "In this guide for banks and financial services via the Internet, describes the modern methods of authentication to be applied in determining clients' rights to have access to online products and services. Inspectors will pay attention to the implementation of the management of financial institutions during the next inspection” (FFIEC, 2006).

Studies have shown that the financial services sector has become a prime target for cyber attacks around the world. This is not surprising, given the critical importance of information that daily receive and process financial service providers. According to the report, ...