Cloud IPP & Security Issues and Risk Managment Matrix

profilematador
DatainTransitVulnerabilities.pdf

2/9/22, 11:23 PM Data in Transit Vulnerabilities

https://leocontent.umgc.edu/content/scor/uncurated/cca/2218-cca610/learning-topic-list/data-in-transit-vulnerabilities.html?ou=622270 1/5

Learning Topic

Data in Transit Vulnerabilities Data in transit can be exposed to a wide range of vulnerabilities. The following is a

discussion of some of these types of vulnerabilities.

Endpoint Access Vulnerabilities

The world today is a vast technological landscape with an increasing number of portable

and personal devices. These endpoints include mobile devices and wireless devices such

as laptops, phones, and tablets. Such devices can have complex vulnerabilities for security

threats.

Endpoint vulnerabilities can be caused by three primary gaps in protection and

knowledge.

Gap Vulnerability

User Gaps A large number of endpoint security vulnerabilities arise from gaps in the user's knowledge. Attackers target users through social

engineering, malicious links in emails and web pages, or installing

software on endpoint devices.

Operational Gaps

Many corporations rely on intrusion detection technologies to protect their endpoints. Endpoint threats take advantage of

detection-only security deployments to compromise vulnerabilities

before corporations become aware of incidents.

Technical Gaps

Signature-based intrusion detection solutions cannot keep up with the constantly increasing attack surface of threats, for which there

might not be available signatures.

2/9/22, 11:23 PM Data in Transit Vulnerabilities

https://leocontent.umgc.edu/content/scor/uncurated/cca/2218-cca610/learning-topic-list/data-in-transit-vulnerabilities.html?ou=622270 2/5

External Storage Vulnerabilities

Users enjoy flexibility when they have convenient access to personal and business data

through the use of portable external storage devices. However, as the use of portable

devices to store and transfer data increases, the risk an organization faces also increases.

Organizations can face challenges in protecting against data loss or unauthorized

transmission. They can face obstacles that prevent the installation of drivers for devices.

Organizations can also fail to prevent the installation of malware capable of using external

storage devices to traverse a network.

External storage devices are an easy way for attackers to spread malware throughout an

organizational network. In some cases, external storage devices possess "smart"

capabilities such as wireless or Bluetooth. Attackers can use sniffing tools on public

networks to take advantage of wireless capabilities to infect storage devices. In many

cases, personal and external storage devices are able to bypass the security protections

attached to organizationally owned equipment.

The following are best practices to assist with external storage vulnerabilities:

compile a list of authorized and unauthorized external storage devices

compile a list of authorized and unauthorized drivers

install host-based antivirus systems that scan external storage devices for malware

encrypt all data transmitted through external hard drives

Media Access Control and Ethernet Vulnerabilities

Media access control is a sublayer of the OSI model that describes how devices are

connected together at the hardware level. Ethernet is a media access protocol that is

traditionally used in local area networks (LANs). An Ethernet port, also known as a LAN

port, is the port that connects the computer to the network. The physical connector used

for this access is RJ45; it looks like a wide version of the RJ12, the connector commonly

used for landline telephones. This connector plugs into a network interface card (NIC),

which is also called an Ethernet card to transmit on an ethernet network. Each Ethernet

card has a unique media access control (MAC) address.

A common issue with Ethernet is that it broadcasts frames, and any computer connected

to the Ethernet wiring can potentially read the other frames being broadcast on the

network. Akin to eavesdropping, this process of collecting and reading network

2/9/22, 11:23 PM Data in Transit Vulnerabilities

https://leocontent.umgc.edu/content/scor/uncurated/cca/2218-cca610/learning-topic-list/data-in-transit-vulnerabilities.html?ou=622270 3/5

transmission is called network sniffing. Network switches can help in reducing packet

sniffing.

Network cables must be protected from damage and tampering; this can be done with

special cable protectors. Networks are also vulnerable to attacks that attempt to pull data

from frames, cause buffer overflow, or cause denial of service. These vulnerabilities are

normally patched by vendors when discovered; however, finding these vulnerabilities can

be challenging. A denial-of-service attack is more readily identifiable than an hacker

sniffing and pulling data from frames.

Virtual Private Network Vulnerabilities

Virtual private networks (VPNs) provide an encrypted connection over a less secure

network (Burke, 2016). This allows users to securely connect to an intranet from a

computer that is not on the network or connect two internal sites using a gateway device.

VPNs typically mask the true IP address of the machines using the VPN. However, there

are vulnerabilities that can unmask the true IP address due to port forwarding services.

These vulnerabilities are conducted by attackers that have access to multiple VPN

services and lure the victims to connect to another VPN service that forces the user to

provide the real IP address (Vijayan, 2015).

In addition, because VPNs are dependent upon less secure connections like the internet,

they can suffer from service issues from the internet service provider. If the internet is

down, there is no way to connect to the VPN unless the user connects to another

network with internet access. Furthermore, there are VPNs that have been exposed to

vulnerabilities while switching access points inadvertently. Hackers could attack when this

occurs because it could disrupt the end-to-end encryption, which normally accompanies

VPNs.

References

Burke, J. (2015). Virtual private network.

http://searchenterprisewan.techtarget.com/definition/virtual-private-network

Vijayan, J. (2015, December 1). Port fail vulnerability exposes real IP addresses of VPN

users. https://securityintelligence.com/news/port-fail-vulnerability-exposes-real-

ip-addresses-of-vpn-users/

2/9/22, 11:23 PM Data in Transit Vulnerabilities

https://leocontent.umgc.edu/content/scor/uncurated/cca/2218-cca610/learning-topic-list/data-in-transit-vulnerabilities.html?ou=622270 4/5

Operating Systems Security: Protection Measures Analysis

(https://leocontent.umgc.edu/content/dam/course-

content/tgs/cca/cca-

610/document/OperatingSystemsSecurity_ProtectionMeasuresAna

lysis_checked.pdf?ou=622270)

Performance Management in Network Management System

(https://leocontent.umgc.edu/content/dam/course-

content/tgs/cca/cca-

610/document/PerformanceManagementinNetworkManagementS

ystem_checked.pdf?ou=622270)

Guide to IPsec VPNs

(https://leocontent.umgc.edu/content/dam/course-

content/tgs/cca/cca-

610/document/Guide_to_IPsecVPN_checked.pdf?ou=622270)

Measures of VPN Technology

(https://leocontent.umgc.edu/content/dam/course-

content/tgs/cca/cca-

610/document/MeasuresofVPNTechnology_checked.pdf?

ou=622270)

Keys Under Doormats: Mandating Insecurity by Requiring

Government Access to All Data and Communications

(https://leocontent.umgc.edu/content/dam/course-

content/tgs/cca/cca-

610/document/Keysunderdoormatsmandatinginsecuritybyrequiring

governmentaccesstoalldataandcommunications_checked.pdf?

ou=622270)

About the PIA Client Security and VPN Security in General

(https://leocontent.umgc.edu/content/dam/course-

content/tgs/cca/cca-

610/document/AboutthePIAClientSecurityandVPNSecurityinGener

al_checked.pdf?ou=622270)

A Review on Media Access Control Spoofing

(https://leocontent.umgc.edu/content/dam/course-

content/tgs/cca/cca-

Resources

2/9/22, 11:23 PM Data in Transit Vulnerabilities

https://leocontent.umgc.edu/content/scor/uncurated/cca/2218-cca610/learning-topic-list/data-in-transit-vulnerabilities.html?ou=622270 5/5

610/document/AReviewonMediaAccessControlSpoofing_checked.p

df?ou=622270)

Yes, You Can Still Trust VPN Technology, but Defend in Depth

(https://leocontent.umgc.edu/content/dam/course-

content/tgs/cca/cca-

610/document/YesYouCanStillTrustVPNTechnologyButDefendinDe

pth_checked.pdf?ou=622270)

© 2022 University of Maryland Global Campus

All links to external sites were verified at the time of publication. UMGC is not responsible for the validity or integrity

of information located at external sites.