15th July 2023
SCENARIO YOU ARE A NEWLY HIRED CYBERSECURITY ANALYST FOR AN E-COMMERCE COMPANY. THE COMPANY STORES INFORMATION ON A REMOTE DATABASE SERVER, SINCE MANY OF THE EMPLOYEES WORK REMOTELY FROM LOCATIONS ALL AROUND THE WORLD. EMPLOYEES OF THE COMPANY REGULARLY QUERY, OR REQUEST, DATA FROM THE SERVER TO FIND POTENTIAL CUSTOMERS. THE DATABASE HAS BEEN OPEN TO THE PUBLIC SINCE THE COMPANY’S LAUNCH THREE YEARS AGO. AS A CYBERSECURITY PROFESSIONAL, YOU RECOGNIZE THAT KEEPING THE DATABASE SERVER OPEN TO THE PUBLIC IS A SERIOUS VULNERABILITY.A VULNERABILITY ASSESSMENT OF THE SITUATION CAN HELP YOU COMMUNICATE THE POTENTIAL RISKS WITH DECISION MAKERS AT THE COMPANY. YOU MUST CREATE A WRITTEN REPORT THAT CLEARLY EXPLAINS HOW THE VULNERABLE SERVER IS A RISK TO BUSINESS OPERATIONS AND HOW IT CAN BE SECURED.
Overview In this report, I’ve delved into an assessment of a publicly accessible database server. The Purpose section elucidates the business function of the system and underscores the rationale behind this analysis. The Risk Assessment segment showcases a comprehensive table, pinpointing potential threat sources and events that could detrimentally affect business operations. I’ve discerned these threats by posing questions about their relevance, origin, intent, and the technical prowess of the threat actors. The risk associated with each threat is quantified by gauging its likelihood and potential business impact. This culminates in an overall risk score, offering stakeholders a clear picture of the database’s risk landscape and guiding resource allocation.
Note: The number of entries in a risk assessment table can fluctuate based on the intricacy and breadth of the assessment.The Approach section post the risk assessment elucidates the rationale and methodology behind the threat evaluations. Finally, the Remediation section sketches out a strategy to bolster the security of the vulnerable database server.
It’s paramount for cybersecurity professionals like myself to hone risk assessment and reporting acumen. This expertise empowers us to pinpoint potential vulnerabilities within an organisation’s infrastructure and channel this intelligence to the relevant departments. This exercise serves as a practical drill, enabling me to dissect the vulnerabilities of a susceptible system. While all systems inherently possess vulnerabilities, I’m motivated to perpetually refine my skills by examining various systems discussed throughout my learning journey.
To enrich the risk assessment facet of this activity, I’ve employed the NIST SP 800-30 Rev. 1 resource. Beyond a mere system description and scope, vulnerability assessments typically encompass a purpose statement, bridging the technical aims of the analysis with the overarching organisational objectives.
System Description The server in question boasts a robust CPU processor complemented by 128GB of memory. Operating on the latest Linux iteration, it houses a MySQL database management system. Its network connectivity, rooted in IPv4 addresses, facilitates interactions with peer servers. Notably, security is bolstered through SSL/TLS encrypted connections.
Scope This vulnerability assessment zeroes in on the system’s prevailing access controls, spanning three months from June to August 20XX. The NIST SP 800-30 Rev. 1 serves as the guiding beacon for this system’s risk analysis.
Purpose Central to the organisation, the database server functions as a data reservoir, archiving customer metrics, campaign insights, and analytical data. This data repository aids in performance tracking and tailoring marketing endeavours. Given its pivotal role in marketing operations, safeguarding this system is non-negotiable.
Risk Assessment Recommendations In light of the risks identified, I propose several security controls that could mitigate or rectify these vulnerabilities:
Principle of least privilegeDefence in depthMulti-factor authentication (MFA)Authentication, Authorisation, Accounting (AAA) framework
In the Remediation segment, I’ve articulated specific security controls that can either rectify or mitigate risks to the information system. It’s essential to align these suggestions with the assessed risks. For instance, proposing a public key infrastructure (PKI) could be instrumental in thwarting the exfiltration of sensitive data.
——————————————-SYSTEM DESCRIPTION
The server hardware consists of a powerful CPU processor and 128GB of memory. It runs on the latest version of Linux operating system and hosts a MySQL database management system. It is configured with a stable network connection using IPv4 addresses and interacts with other servers on the network. Security measures include SSL/TLS encrypted connections.
SCOPE
The scope of this vulnerability assessment relates to the current access controls of the system. The assessment will cover a period of three months, from June 20XX to August 20XX. NIST SP 800-30 Rev. 1 is used to guide the risk analysis of the information system.
PURPOSE
The database server is a centralized computer system that stores and manages large amounts of data. The server is used to store customer, campaign, and analytic data that can later be analyzed to track performance and personalize marketing efforts. It is critical to secure the system because of its regular use for marketing operations.
RISK ASSESSMENT
THREAT SOURCETHREAT EVENTLIKELIHOODSEVERITYRISKHACKEROBTAIN SENSITIVE INFORMATION VIA EXFILTRATION339EMPLOYEEDISRUPT MISSION-CRITICAL OPERATIONS236CUSTOMERALTER/DELETE CRITICAL INFORMATION133
APPROACH
Risks that were measured considered the data storage and management procedures of the business. Potential threat sources and events were determined using the likelihood of a security incident given the open access permissions of the information system. The severity of potential incidents were weighed against the impact on day-to-day operational needs.
REMEDIATION STRATEGY
Implementation of authentication, authorization, and auditing mechanisms to ensure that only authorized users access the database server. This includes using strong passwords, role-based access controls, and multi-factor authentication to limit user privileges. Encryption of data in motion using TLS instead of SSL. IP allow-listing to corporate offices to prevent random users from the internet from connecting to the database.
Michelle King 