1. Open a new Microsoft Word document, and enter your answer to one of the prompts...

Attack Description & Scenario:

The major attack that hit on the Internet in the past week was on one of the most renowned companies whose description is in below points along with the proper description of how the attack was made and then stopped with a patch.

• The vulnerability which we are going to talk today is one of the most critical ones and for one of the largest companies "Adobe". This vulnerability left lakhs of the user under danger of getting breached.
• The name of the vulnerability is "Flash Player Vulnerability" with an identification code "CVE-2018-5002". This vulnerability has been affecting densely in the Middle East region and was brought into vision in June 2019.
• What actually was the security flaw here? The security flaw was one of the stack-based buffer overflow bugs that have been able to execute arbitrary code.
• The following vulnerability was allowing the attackers to maliciously craft the Flash object which would help them in executing codes in the victim machine and then execute the range of payloads & actions.

How would have this been prevented?

• The applications are been vulnerable to buffer overflow bugs when there are certain programming errors or memory leaks left in the programming.
• Hence, this can be prevented using right programming methods and also putting best programming techniques to use so that none of the vulnerabilities are left in open to ruin the applications.
• There must be thorough testing of the application done before releasing the application publicly and must also make the application good enough for working against the vulnerabilities.

Hence, these are the methods in which the vulnerability could have been prevented.

How did this vulnerability actually work?

• The vulnerability was allowing the attacker to provide a word file to download and once executed in the victim PC the adobe flash exploits would start running.
• This file once executed starts executing the shellcode which will then enable the attacker to command and control the servers from which the attacker would gain complete access to the victim machine.

Patch For Vulnerability:

• The company has declared the patch for the vulnerability and can be patched automatically by installing the updated Flash Player as this was a critical zero-day attack.
• The patch is available only for the users from East Asia as the vulnerability was highly active in that region.

Hence, this was all about the attack that was being hit on the Internet and was being attacked in wild by the hackers which affected a lot of organizations too.

Additional Research:

I have performed additional research on how to stop and react on the cyber-attacks and vulnerabilities so that the organizations getting affected due to it are more focused with which it becomes easy for them to gain more control over their systems.

Cyber Crimes:

When talking about cybercrimes, there are many cyber crimes which are been compromising data across the world of many users. It has been estimated that 37% of total websites are being vulnerable to most basic security vulnerabilities and are been compromised on a daily basis. So, now we are going to talk about cybercrimes. They are as follows:

• Buffer Overflow:
  • The buffer overflow vulnerability is one of the most basic and dangerous vulnerabilities which occurs in the systems due to the insufficient memory management and wrong codes.
  • The main drawback of having this vulnerability is that it will freeze the system and let the attacker do the things he wants to do which can lead to remote code execution and then, later on, can do anything the attacker wishes to.
• SQL Injection:
  • It is wrong references given in the databases and manipulating a certain level of database information which gives access to the attacker in which they can hack the system authentication process.
  • The SQL Injection is one of the most dangerous vulnerability and none of the websites must have this threat in their system because it can cause the downfall of the whole website.

How can encryption be used to ensure the integrity and maintain data privacy?

• Encryption is one of the best techniques which can be used by a user so that the data gets encrypted and decrypting is not the thing which is easy and also with certain attacks it could take a lot of time to even decrypt single encryption.
• It will help in managing the integrity of the data by keeping the data consistent with the help of the encryption that takes place in the systems. It takes a lot of time and brain to break the code which most of the attackers don't like doing unless and until it is juicy enough to get them millions of bucks.

The basic encryption algorithm and how it works.

• The most basic encryption algorithm that is been used is AES(Advanced Encryption Standard). It is one of the most standard algorithms which is been trusted a lot and follows the standards that are been set by the American Standards.
• The main advantage of the algorithm is that it uses very less RAM and works very efficiently. It can be used for many variants which include 128,192,256 bits.
• In AES, there are basically 10 rounds which are been used for 128-bit keys. The same key is used for encryption as well as decryption of the data. According to the data, until now there are no attacks which are been discovered to be effective in AES.
• Hence, it remains the safest algorithm for encryption and is been used on certain devices and transmission technologies. It is mostly used for wireless connections authentication.
• While going on with the encryption one must always be sure about what is being used and what is to be encrypted. The user base is going to handle the data.
• The more important the data, more security for the data. This means that the algorithm like Triple DES etc. must be used if data is too confidential and can harm a lot of people if leaked.
• There are also certain factors to which the system relies on. Hence, the algorithm must be full proof of attacks and the security must be to the ultimate level.

Security Implementation:

• The system must implement a firewall with honeypots for advanced security. In the firewall, there must be both the hardware and software version installed as both the version have some disadvantages over each other.
• Hence, it will nullify each of the disadvantages and can be used for different calibers in the system. As the software firewall can be used for adding rules and all the administrator stuff.
• And, the hardware firewall can be used to gain security for the packets that are entering the network and exiting the network. The honeypots will come in action before the firewall.
• What honeypots actually do in such conditions, the honeypots acts as a real system faking the attacker as, if, his attack has been a success. Honeypots can be considered as a mirage to our actual system.
• Hence, the attacks information can be later on used for upgrading the actual system and securing it from the discovered vulnerabilities or loopholes.

Hence, this is what one must do for ensuring the illegal activities in the system.