Need to consult?

Security Solutions

for the stronger business foundation

We offer security solutions against malware, vulnerabilities, exploits, threats and other cyber security issues with our Vulnerability Assessment and Penetration Testing services to ensure a strong foundation.

We operate from Shillong while we are serving the nation and beyond with our security services and solutions.

Frequently Asked Questions on Cyber Security Solutions

We do Vulnerability Assessment to identify risk and threats involved in system, application (desktop, mobile or web) or network and offer knowledge and solution.
Their is a long list of security services we have for businesses:
- Identity and Access Management to limit user roles and track and manage access.
- Encryption for data protection.
- Data Loss Protection to ensure data is safe and accurate.
- Firewall to control incoming and outgoing connection from your network.
- Anti-Malware/Virus to ensure security from known threats.
- Intrusion Detection and Prevension System to identify unauthorized actions.
- Disaster Recover
- Web Filtering for protecting against web browsing.
..and more.
That depends on the scope of work, network size and complexity of the system.
Never happened. However, we authorize you to set a clause for that in our agreement.
Write us at contact@codigion.com or fill the form in contact us page, and we will reach you back to get connected.
What is your question?
Mobile Application Development with Codigion, Shillong
Knowledge Center

Computer Security

Computer Security, also known as Information Technology (IT) Security or Cyber Security is the protection of computer system, files, and data in form of hardware, software and information or data from unauthorized access and use to offer integrity, confidentiality, and security. In colloquial words, Computer security can be defined as the capability or the measure implemented to avoid misuse of a computing device - be it a desktop computer, laptop, mobile device or a table.

Terms and Terminologies

Here are some of the technical terms to be understood well, in order to secure your data either online or offline.

<

Attack

When some unauthorized personnel attempts to access data, which is not allowed to be accessed, this incident is called Attack.

Breach

When an attack is successful, then it would result in data breach i.e., sensitive data being exposed to the public, which may result in a damage to an individual, group of individuals or a business entity.

Vulnerability

The vulnerability is the loophole or loose logic in the software. This vulnerability acts as a gateway for an attacker to take control over the target system. To err is human and so it is impossible to develop a vulnerability-free software.

Exploit

If a vulnerability is detected in software, the attackers usually develop a code called Exploit, in order to take advantage of the vulnerability. This exploit is somehow run on the target system to make a successful attack.

Firewall

Firewall is the security program that resides in any machine, that comes bundled with the operating system. A firewall rejects malicious incoming data and allows only the intended data to be delivered. Firewall is intelligent enough to identify malicious data.

Malware

Malware is the malicious software. A malicious software does harm to a given computer - be it exhausting system resources, running unwanted applications, exploiting sensitive data etc. In simple words, malware does everything possible to create a negative impact on a computer system.

Virus

Virus stands for Vital Information Resources Under Seize. The acronym is pretty self-explanatory. A virus is a software application that restricts the user not to be able to use the vital resources of a computer system, by running several unwanted background applications, which exhaust the system resources.

Worm

A worm is also an unwanted software application, that is capable of replicating itself, making the collective effect exponential. This replication does not require any human intervention or system permissions. The ultimate target of a worm is to spread across the network and affect as many systems as possible.

Trojan

Trojan horse is a type of malware application that results in the actual data breach. It steals the data from the target and starts transmitting it to the attacker or modify the data into an unreadable format. The name Trojan horse perfectly reflects its action - it comes disguised as a true and useful software but when it’s run, it starts damaging the system.

Spyware

Spyware is another form of malicious software that is specifically designed to “spy” on the target system. A spyware collects the details like a number of processes running on a system and their details, the key presses, websites accessed, hardware devices connected to the system etc. In simple words to say, it gathers all the vital information of the target system by spying on it.

Antivirus

In order to protect a system from a virus, a software called Antivirus is used. An antivirus software has the database that contains signatures of different viruses produced till date. If the antivirus software finds that any of the data on the system matches these signatures, it either deletes the data or quarantines it.

Spam

Usually, we see so many unwanted emails from unknown senders. We don’t even understand how these senders are acquiring our emails. Such emails are called Spam.

Phishing

‘You have won $100,000. Please reply with your bank account number and other details to claim this amount’. This is one of the most existing emails in our inboxes. Such mail is targeted to acquire your sensitive data, throwing fancy and attractive offers, which is called Phishing.

Social Engineering

In order to earn the trust of the target, an attacker initiates online communication - be it through emails, messaging apps, through websites etc. - and disguises as a reliable and reasonable human. Once, they gain access to what they need, the attacker falls into the stake. Phishing is a form of social engineering.

How do Hackers do it?

When a hacker wants to attack a system, there are seven steps they follow to take control over the target system. Here are the steps and a simple description of each of these steps.

1. Reconnaissance

In this step, the attacker analyzes the target system for vulnerabilities and chooses the best way to exploit the target. They analyze the details like the network topology being used, network devices used and their vulnerabilities, software used by the target user and their vulnerabilities etc. In simple words to say, the attacker estimates all the available ways to exploit the target and finds the best way so that the best can be extracted out of it. The attackers may use social engineering, phishing, virus, worms, trojans or may entirely create a new type of exploit.

2. Scanning

Once the attacker identifies the vulnerabilities of the target, the next step is to “penetrate” into the network. Penetration testing or Pen testing is the process used for this. There are different types of approaches to pen testing. Once the pen testing is completed, the attacker becomes ready with an entry point into the target network. Patience is the major characteristic of an attacker, as scanning takes a long time - sometimes even months, based upon the network security of the target network.

3. Access and Escalation

Once the entry point is figured out, the attacker should penetrate through the network, without being detected. This penetration needs administrative rights throughout the network. Tools like rainbow tables are used to acquire admin rights throughout the network. Once admin privileges are acquired throughout the network, the network can be controlled by the attacker.

4. Exfiltration

Once the control over the network is achieved, the attackers are ready to “steal” the data passing through the network. Not just modify the data, the attackers become capable of erasing the data over the connected network.

5. Sustainment

Though an attacker gains control over the network, required data does not pass through the network all the times. Hence, the attacker should be able to sustain within the network to grab the required data as soon as it is put into the network.

6. Assault

This is an optional step of an attack. In all the above steps, nothing catastrophic occurs. This is the steps where things become worse. With all the previous steps performed, the attacker can modify the functionality of the hardware, disable it or entirely damage it. This results not just a data loss but results in economic loss also.

7. Obfuscation

Leave no fingerprints; this is what the step Obfuscation means. When the attackers want to hide their tracks, they opt for this step. Usually, logs are maintained across the network about the activities being done over the network for security purposes. Though the attackers perform several tricks through the steps mentioned above, they can be traced back in some way or the other. But, the hold is that it takes numerously long time. In the Obfuscation step, the attackers destroy all these logs that could lead back to them in any way.

Out of these seven steps, Reconnaissance, Scanning, and Access and Escalation are the steps that have a major impact on the outcome of the attack. Here are certain details related to these three steps that helps one to understand the concept of Ethical Hacking completely.

Penetration Testing

Penetration Testing, simply called Pen Testing, is the attempt to exploit the available vulnerabilities of any system that would help in analyzing if unauthorized access into the system is possible. In simple words to say, the objective of pentesting is to figure out the loopholes of a system, in order to gather control over it.

More than analyzing the vulnerabilities, pentesting is used to estimate the damage caused by a flaw in the software. The outcomes of pentesting are information about the target, possible entry points into the network, a break-in into the network. These are done either with an automated script or manual attempts, based on the network and the intention to penetrate into the network. There are five pentesting methods.

1. External testing

The targets of this method of testing are visible to the internet i.e, the target is “external” to the network. Typically, external testing may be performed on a web application, a website or an email service. When the attacker is planning to gain access over the network in order to extract data from the network, external testing is the best approach for pentesting.

2. Internal testing

If the attacker already has access to an application on the target system, the attack can be initiated from the “internal” of the system i.e., within an organization’s environment. The phishing attack is the most common example of internal testing, where the credentials of a user can be obtained during the attack.

3. Blind testing

In most of the cases for Blind testing, the testers are given a limited information; which is available to the general public. Blind testing has usually performed the organization themselves in order to estimate the exposure of sensitive information to the public. But the major fall of Blind testing is that it consumes high amounts of time - sometimes may be months. But from the perspective of an organization, it is highly useful.

4. Double-blind testing

This is the advanced version of the blind testing with further complexity added. In the blind testing, the security teams of the organization are made aware of the testing. But in the double-blind testing, the security wing of the organization is completely unaware of the test. Along with the loopholes of an organization’s public information, double-blind testing allows the testers to estimate the quality of security and scope of a given threat through the publicly available information.

5. Target testing

The target testing is usually performed when the organization needs to analyze the technical or networking environment of the organization. In this kind of testing, both the security team and the testing team work together to analyze for optimizations or developments to be undertaken for stronger network security. Target testing can be performed within a limited time to obtain maximum utilization of the testing.

There are several open source tools available to perform pentesting for different purposes. Here are some of the tools used for pentesting.

Vulnerability Assessment

As mentioned earlier, it is impossible to develop a flawless software. As the internet has become a part of our daily lives these days, we are as vulnerable as we are connected to the internet. But where is the point in information security? It’s simple. Assessing the vulnerabilities of a system and optimizing/improving the security is the most happening approach to providing information security.

Vulnerability assessment is performed to identify threats and risks, wherever software is executing tasks. In recent days, as mentioned above, there have been many security threats and breaches. All of these mishaps were possible and achieved only through the vulnerabilities of a network or a system. Such is the prominence of vulnerability assessment in providing information security. There are different types of vulnerability assessments.

Network-based assessment

These assessments are used to identify the vulnerabilities of the network against the network security attacks, either on the wired networks or wireless networks.

Host-based assessment

This involves analyzing the vulnerabilities in terms of software used in a given host. For example, Adobe Reader has got a critical update, which contained the patches for 112 vulnerabilities. If an attacker was able to find one out these 112 vulnerabilities, the complete system could have been compromised. Understand that Adobe Reader stands in the list of top 3 most used Windows applications.

Wireless network assessment

Assessment of wireless network is a little complex when compared to that of a wired network. This assessment mainly concentrates on figuring out the rogue access points.

Database assessment

Though databases seem kind of different to software, they also fall under the software category. Hence, databases are also to be assessed. These assessments result in exploring the unused sets of data, invalid data, volatile database relations etc.

These are the most common types of vulnerability assessment. However, the types may differ based upon different factors of the network like network topology, devices used in the network and protocols used in the network.

Cyber Security Tools

  • Metasploit - A collection of pentesting tools. Can be used servers and web applications. Can be used to evaluate the security of a given infrastructure.
  • Nmap - Stands for Network Mapper. Scan the network for vulnerabilities and fetches the information like a number of hosts (active hosts) available on the network, operating systems used by the hosts, hardware details of the hosts, software applications used by the hosts etc.
  • Wireshark - A network analyzing tool that is capable of capturing all the packets passing through a given network, irrespective of the networking protocol they use. With the packets captured using Wireshark, the attacker can estimate the type of data being accessed by the target.
  • Aircrack-ng - ng stands for Next Generation and it is the latest version of the software. This is specially designed for Wi-Fi based devices. This is also a network monitoring tool that is capable of exporting the packets captured into a text file, which makes processing the data easy. It is capable of assessing the WEP and WPA -PSK security keys also.
  • John the Ripper - This the best software available for cracking passwords. Generally, cracking passwords of a system is a complex task both in terms of effort to crack and processing capacity. It creates a database with the most possible password combinations and tries to identify the password of a given system.
  • Nessus - This is a paid network scanner. It scans the given network for vulnerabilities and analyzes the exploits that can cause damage to the network. The added advantage of Nessus is that it is capable of analyzing weak passwords, open ports and configuration errors within a network.
  • Burpsuite - This is specifically designed for the analysis of web applications. This is capable of analyzing requests going out and responses coming in, for a given system. The added advantage of Burpsuite is that it is capable of crawling web applications automatically. It is available as a free version as well as a paid one.

Some Security Breaches

Just two days before the Black Friday, Yr. 2018, the e-commerce giant Amazon has suffered an unexpected technical breach, due to a technical glitch. The outcome of this technical breach is that the names and email addresses of several users have been compromised. The potential threat of this breach is that the attacker has a chance to extract the details like credit/debit card details, individual addresses and the entire activity on the Amazon website.

Another incident - The US postal department has experienced a data breach, that potentially could expose sensitive data of more than 60 million users. The attackers can even modify the account data without the knowledge of the users. As a security measure, USPS has released a security patch to avoid such mishaps.

Numerous are such events occurring every day, exposing sensitive data that could lead to catastrophic damage. In order to avoid such events, one should be aware of Computer Security