Task 1
The directory permissions are critical. File permissions are immaterial. However, system commands such as rm allows the user to know whether he or she has write permission on the specific file. Members of the directory with protection mode 730 (rwxwx) can access the directory (execute) and modify it . However, they cannot list the directory (missing r). This means that a group member knows the name of the file. As such, the member can remove the file since removing a file requires write permission to the directory. It is worth noting that the file write permissions do not matter to the unlink system call which performs the file removal (Donald Bren School of Information and Computer Sciences, 2018).
Therefore, a member belonging to the group that owns the directory can remove the file provided the filename is known. Accordingly, they can read the file. Besides removing and reading the file, a group member can create a file with the very filename if the original file is missing in the said directory. Undoubtedly, having read privileges to a file based on file permissions is no compromised. Although a group member cannot modify the file contents, they can delete the file or create a new file with the same filename. The overall implication is that a user can modify the file with the directory protection mode 730. The only advantage is that the file owner will know the user that did the file deletion or creation.
Google Drive
Google Drive is a service that enables storage of personal files on the “cloud”. The files are stored in a central server allowing ubiquitous access from several devices across the globe. In addition, the service offers different levels of backup protection in situations of data, account, or device loss.
File transmission from a person’s device is encrypted using TLS standards, the very standards used to secure browser connections. The files are then uploaded to Google servers. Before reaching Google, the files are decrypted and re-encrypted using 128-bit AES, a process that happens on the fly. The 128-bit AES encryption protects files against leakages during the storing process. In addition to file encryption, the AES encryption keys are encrypted using rotating set of master keys. This acts as an additional security layer onto the files stored on Google’s hard drives. During data retrieval by a Google Drive user, the process is reversed and files served to the authenticated and authorized user device (Google Cloud, 2018).
Task 2
Besides the standard TLS and 128-bit AES encryption measures, Google provides other security measures to Google Drive user files. These include two-factor authentication, metadata encryption, and data encryption on transmission, especially when moving between Google servers (Google Privacy, 2018). The two-factor authentication is an ideal feature that protects user files in case s where the account login credentials are stolen. Besides the login email address and password, an additional security layer prompting for additional confirmation such as phone number or email address is requested for authenticity of the user. Metadata encryption protects additional information describing or defining your files. This information is encrypted as well before storage. Further, as Bobby (2016) (Bobby, 2016) explained, file transfer within Google’s internal networks (i.e. data centers) is encrypted to protect against hacking or spying.
Dropbox provides file storage services for files. The files are synchronized across multiple devices. Dropbox places a copy of the file on every device, which is updated synchronously in case of changes. A central server manages all files. When a user uploads a file, it is stored on the central server before a copy is send to all other devices.
The Dropbox client installed on the user’s device provides a secure connection between the server and the user device. The program encrypts the data using standard SSL/TLS with 128-bit AES encryption for transmission over the Internet. Once the data reaches the Dropbox server, it is decrypted. Therefore, the previous encryption protects the data on transit against eavesdropping. Before storage, the data is re-encrypted for storage using 128-bit AES. This protects the stored data against hacking. After storage, the data is copied onto user’s devices using SSL/TLS encryption to protect it over Internet. Upon reaching the user devices, the data is then decrypted for local storage (Bobby, 2013).
Inspite of the encryption maneuvers above, there are security issues that arise regarding Dropbox’s security measures. Dropbox is able to manually decrypt and access the data residing on their servers. This can be risky. For instance, a rogue Dropbox employee can maliciously access your data and a database breach may result in hackers accessing your encryption keys. Because Dropbox can manually decrypt and access your data, it can be disclosed to third parties for marketing reasons, against the user’s consent.
An Advanced Persistent Thread is an elaborate, prolonged, and targeted multi-step cyber-attack aimed at infiltrating a specific network (Avira, n.d). APTs are designed in a way to evade detection. Usually, they involve a malware intruding a network to exploit vulnerabilities. Once intruders gain network access, they monitor the network traffic and siphon off desired information such as financial assets, computer source codes, or intellectual property. The intention is to steal information rather than cause harm to the corporate network (Rouse, 2018). Usually, APT attackers target institutions with high-value data.
Usually, APT attackers follow a sequential approach to execute APTs and gain ongoing access to a target network that has four phases: incursion, discovery, capture, and exfiltration (Symantec, 2011).
- Incursion
- Gain access: APT intruders gain access to a target network through the Internet. The access can be gained by spear phishing emails or exploiting an application vulnerability with the sole intention of gaining access using malicious software.
- Discovery
- Establish a foothold: upon gaining access, the attackers perform a reconnaissance of the network and begin exploiting the malware that they have installed on the target system to create tunnels and backdoors for their mobility. Advanced malware techniques including code rewriting can be used to cover their footprints in the victim network.
- Greater access privileges: Once inside the victim network, APT attackers can leverage password cracking to gain administrative rights. Using administrative privileges, attackers can control a significant portion of the system to help gain greater depth access.
- Lateral movement: Upon gaining administrative rights, attackers can move around the enterprise network freely. Besides, they can use this deeper access to access more secure areas of the network such as servers.
- Capture
- Stage the attack: The APT attackers centralize, encrypt, and compress target data for exfiltration.
- Exfiltration
- Take data: the APT attackers harvest the desired data and transfer it to their own system.
- Maintain access: the attackers can repeatedly access the victim network until they are detected. In some situations, they can create backdoors for subsequent access to the enterprise network.
Majority of APTs search commodity assets including storage or confidential information for malicious use. For instance, APT attackers can launch an attack to gain access to storage capacity to store illegal materials on the victim’s servers. If such information is leaked, it can cause legal concerns between the victim firm and the rightful owner of the information from which it was initially stolen. In some situations, APT attackers can target an enterprise network to analyze its processing power so as they can send spam to disrupt the normal operation of the system. The spam congests the network rendering it extremely slow for business operations. This may adversely affect organizational processes and hence efficiency of the system. Further, an APT attack can be targeted at stealing credentials to access more secure areas of the victim’s system. With administrative rights, the attacker can cause physical damages to the enterprise including broadcasting inappropriate information on their victim network. This in turn affects the company’s reputation and brand image (Symantec, 2011).
Avira, n.d. Advanced persistent threat. [Online]
Available at: https://www.avira.com/en/security-term/t/advanced-persistent-threat/id/2
[Accessed 22 September 2018].
Bobby, 2013. Is Dropbox Safe to Use? How Dropbox Works to Secure Your Files Online. [Online]
Available at: https://tiptopsecurity.com/is-dropbox-safe-to-use-how-dropbox-works-to-secure-your-files-online/
[Accessed 22 September 2018].
Bobby, 2016. Is Google Drive Safe to Use? How Google Secures Your Files Online. [Online]
Available at: https://tiptopsecurity.com/is-google-drive-safe-to-use/
[Accessed 22 September 2018].
Donald Bren School of Information and Computer Sciences, 2018. Understanding and Setting UNIX File Permissions. [Online]
Available at: https://www.ics.uci.edu/computing/linux/file-security.php
[Accessed 23 September 2018].
Google Cloud, 2018. Security and Privacy Considerations. [Online]
Available at: https://cloud.google.com/storage/docs/gsutil/addlhelp/SecurityandPrivacyConsiderations
[Accessed 22 September 2018].
Google Privacy, 2018. Your security comes first in everything we do. [Online]
Available at: https://privacy.google.com/safer-internet.html
[Accessed 22 September 2018].
Rouse, M., 2018. advanced persistent threat (APT). [Online]
Available at: https://searchsecurity.techtarget.com/definition/advanced-persistent-threat-APT
[Accessed 22 September 2018].
Symantec, 2011. Advanced Persistent Threats: A Symantec Perspective, Mountain View, CA: Symantec Corporation.
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
