The main problem which needs to be addressed through this report is the fact that the cyber
threats are a big cause of concerns especially for the modern day organizations who tends to
operate through internet. Therefore an attempt is made through this paper in order to guide the
steps that ABCT needs to take as a Tech company. As the employee there use VPN which itself
is big threat to the security. Moreover the company provides the Wi-Fi to its visitors which itself
not a safe. As the time goes on the magnitude and strength of the cyber-attack is increasing and
thus appropriate measures needs to be taken by ABCT to avoid any big loss.
2. Cyber Security And Its Important For ABCT
Cyber Security is usually defined as a complete identity of processes, technologies, and design
practices in order to provide protection to certain programs, devices, networks and other
respective data from any damage or attack or any unseen and unauthorized access. The other
term that might be given to cyber security is the security of information technology. The cyber
security is a very significant procedure and this significance is enhanced due to the provision of
highly valuable data to the computers by the different departments operating in a state including
organization, medicine department, finance department, military department, government and
Certain sensitive information may also constitute some percentage of the stored data, that
sensitive information may be including the financial data, intellectual property, personal
information and certain other types of significant and sensitive information which requires
security and a very limited access and it can also not be exposed as it could have a lot of negative
consequences that might be associated with them. Certain sensitive data may also be transmitted
across other networks by the help of organizations to the other devices in the process of setting
up a business. The process of cyber security also helps in defining the dedicated discipline in
order to provide protection to the information that is saved in the string systems. It is the fact the
sophistication and the volume of cyber-attacks have been growing on tremendous speeds in the
organizations and different companies and more specifically in the companies and organizations
whose main task is to safeguards the stored information relating to any aspect either the security
on the national grounds, certain financial records, health issues, in order to provide protection to
these departments they might need to take some steps to protect the sensitive business of the
respective department along with the protection of personal information. In 2013 th March the top
intelligence officials of nations have cautioned the cyber-attacks along with the digital spying
that are considered to be on the top list of facing the national security threat including the
eclipsing terrorism (Five reasons cyber security is more important than ever, 2018).
The most difficult challenge that may be faced by the Cyber Security Department of the ABCT
Technology Company is the forever originating security risks nature by them. The organizations
on the basis of traditions along with the respective government that have mainly focused on their
department’s resources of cyber security on the security parameters for the protection of not only
the most crucial components of systems and also to provide defence against the originated
threats. This approach in today’s world is thought to be very significant due to the advancement
of the threats on the speed that is exceeding the speed of organizational change of cyber security
procedures (Platform et al, 2019).
The cyber security is thought to be a very significant procedure in providing security to the
ABCT Technology Company of Australia, as the world nowadays has been dependent on the
technology than it was dependent upon in the previous era. These high dependency rates have
resulted in the creation of digital data. The business and government today have been storing a
great deal of the computer data and also its transmission to everywhere across the entire network.
The underlying system devices are having some vulnerabilities that are when exploited, results
on the organizational health and other issues. When going further the corporate revenues may be
impacted by the data breach which is due to the non-compliance with the regulation of data
protection (What is Cyber security, 2019).
3. Security Vulnerabilities in ABCT’s system
Following are mentioned three major security vulnerabilities that might be associated with the
cyber security of the ABCT Technology Company.
The first and foremost security vulnerability is the flaws in the injection of cyber security. This
vulnerability in the ABCT Company is due to the classic failure for the untrusted input failures.
This can also be caused when the unfiltered data is passed to the server of SQL and also to the
other browsers. The major problem that might be associated with it is that the commands can be
injected by the attackers to their entities and this will result in the data loss from the browsers of
the hijacking clients. Anything that is received by the application from any unreliable source
needs to be filtered anyway and that filtration should be done in accordance to the white list.
The second most common web security mistake or cyber security vulnerability is the lack or
broken authentication. This broken authentication in the ABCT Technology Company is thought
to be the collection of more than one problem which are not necessarily to be arising from the
same root cause. By making an assumption in the year 2014 that if an individual is aiming to
authenticate their role in the cyber security of the company which is not the likely possibility.
Getting the right in this regards is a tough job and there are possible pitfalls myriads for
mentioning the few of them. The session’s id might be present in the URL and this mention can
be the cause of leaking the headers or any particular information to someone else. The
unencrypted passwords that might either be present in the transit or the storage. The
predictability of the session’s id which causes access in the trivial, the possibility of session
fixation. The prevention of these vulnerabilities may also be taken, the most significant
prevention in the straightest forward what in the avoidance of the web cyber security
vulnerability of the ABCT Technology Company which is mainly the use of a particular
framework. This implementation of this precautionary measure may not be easy but the way
mentioned earlier is thought to be an easy one.
The common web security mistake or web security vulnerability that will be described here is the
cross-site scripting. This web security vulnerability is considered to be fairly widespread
attackers. When this insanities input is returned it be easy to execute by the browsers of the
users. This can also be considered to be as simple as a link crafting and the user persuasion or it
can be designated as something else. The prevention from this type of vulnerability is a very
simple one and a very simple solution is provided by the web security, it first opposes the return
of the tags of ABCT Technology Company to their respective clients. By doing so a benefit is
also added for the provision of any defence against the injection provided by the company with a
likewise similar injection injecting a much simpler content which does not have any high impact
The security vulnerability determining method also includes the receiving of a profile
representing one or more than one products that might be used by the ABCT Technology
Company, that profile includes every product’s character. This identification method further
includes the comparison of the characteristics of each product’s characteristics for the product’s
records plurality. The record of each product always includes one or more than one security
vulnerability along with the few fixes that might also be present in the record (Dahlstrom, 2004).
There are also present many inventions that may result in the provision of a method and system
for the measurement of the risk measurement that might be associated with the computer
network of the ABCT Technology Company. The collocation facilities are also present in the
system that pairs it with the plurality of the computers that are linked to the management of
computer security (Schumaker, 2006).Finally as ABCT allows its employee to work from home
and use VPN which is insecure for the data as it can track the online activity.
4. Emerging Threats Effecting ABCT
The following are the five major threats that might be associated with cyber security. The first
threat that is faced by the ABCT Technology Company is the sophistication of the Phishing or
the Phishing attack. In this type of attack, the clear target is the transmission of the digital
message to the fool individuals by just clicking on the link that results in the installation of
exposure of the insensitive data and also the malware installation both of these procedures have
become more sophisticated as a result of this attack. Now increased awareness regarding this
attack is being prevailed and most of the employees of almost all the organizations are now
aware of this attack and hence they are at more danger of phishing through emails by getting
fake emails and messages. Hackers are enabled through such attacks to steal the login ids of
different users along with stealing the credit card credentials (Fruhlinger, 2019).
The second attack is the evolving ransom ware strategy. Through the ransom ware attacks, the
victims are cost for the loss of billions on the yearly basis, as by the help of this attack,
technology is deployed by the hackers which enable them to really kidnap the individual of any
particular organization here, and in this case, it is ABCT Technology Company and knowing all
the ransom ware information. By the rise of certain crypto currencies like the bit coin a help to
this type of attack is provided. Strong building guards are being built by the companies in order
to stay safe from this attack (Platform, 2019).
The third type of the mentioned attack is the crypto-jacking attack and this also affects the cyber
security of the ABCT Technology Company. Like for instance, this is considered as a trend in
which the cybercriminals hijack the homes of any third party or any company for earning the
crypto currency and do mining. Crypto currency can be generated by hackers by piggybacking
secretly on the system owned by someone else (Nadeau, 2018).
The fourth mentioned attack is the Cyber-Physical attack. In this type of cyber security attack,
same technology is used which is used in modernizing and computerizing the critical
infrastructure. The hack ongoing threats that are mainly targeting the electrical grids along with
the system of transportation and etc., a major ongoing vulnerability is represented (Armerding,
The fifth mentioned attack is the State Sponsored Attack. The hackers in this type of attack
beyond looking to make a profit on the individual basis or to the organization, on the whole, is
now focusing on their cyber skills in order to infiltrate the state and then the critical
infrastructure is attacked (Palma, 2019).
While addressing any business’ cyber security of ABCT Technology Company that process
should always start from the key security basis. The technical support team from the Dobson
technologies is always supporting the recommended points that are mentioned below. The
investment in the field of training and providing education by the cyber security department. The
occurrence of most breaches is due to the reason the click of any employee in the link or contrary
to this the provision of information allowing the cybercriminals to get access to the entire
network. The existence of the business class network is the major requirement of cyber security.
100 % security cannot be offered by any company or product. Hence the access on the computers
in a particular network should be controlled (Lord, 2019)
The multilayer antivirus and the malware protection on the network should be under strict
control and management. The scanning of the opening files should is done by the antivirus
software and this scanning procedure can provide the best real-time protection. In order to
maximize the effectiveness of security, it is designated as a very significant procedure. A strong
and sound web filtering technology is introduced providing a real-time URL monitoring along
with the blocking of the undesired content. The two-factor authentication is also very important,
this authentication procedure helps in the provision of the access control to the other network
computers. The other recommended way is the robust complexity of password along with the
rotation policy. The password of anything is considered to be an important aspect of providing
security. The maintenance of effective backups is yet another way for improving the cyber
security of any organization or any company (Business, 2019).
According to a study which was conducted in accordance with the presented case. The study has
mentioned a few of the most used recommendations. By following the mentioned techniques the
company’s cyber security department will definitely improve. The first thing mentioned in the
study is that the clean network is considered as a safe network. The immediate monetary value is
carried by the data in the payment card and this can be stolen by a number of ways hence the
maintenance of a clean network is a must. The second things mentioned is learning from the
history of the company and then educating the employees on the basis of the mentioned history.
The data protection specific place might not be present in every company and in those companies
for making the employee training programs more effective the understanding of the training
material by the organization is very significant. The last mentioned thing is the use of Blacklist
and whitelist by the network IP. The IP addresses of whitelist or the domains are specifically
used for allowing the access and contrary to this the Blacklists are used for its prevention (Bales,