INFA 610 UMDC Attacks on Networks Physical Security Threats Discussion

Reply:

Peer 1:

Layer 4 of the OSI model is the Transport Layer. According to an article in Infoblox, the Transport Layer is responsible for transferring data between end users and providing reliable data transfer services to the upper layers. The Transport Layer controls the reliability of given links through the use of flow control, segmentation and desegmentation and error control. Further, the Transport Layer can keep track of segments for protocols that are state and connection-oriented. The Transport Layer is also able to resend segments for those that fail.  This is also the layer that provides acknowledgement of data sent successfully and it will send the next data if there were no other errors. Typical examples of Layer 4 include Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). The difference between TCP and UDP is that TCP prioritizes data quality over speed and UDP is a connectionless protocol that prioritizes speed over quality. Both protocols are rules that are in place regarding how to send data packets.

Something interesting about the Transport Layer is that this layer can be prone to some of the threats to previous media layers (Platsis, 2021).  One can expect sniffing, especially related to ports and protocols. DDoS attacks are also common at this layer. Other types of attacks that are typical at the Transport Layer include SYN Floods and SMURF attacks. In a SYN flood, a hacker initiates multiple connections to a server using a spoofed IP address, while not waiting for a connection to finalize. Smurf attacks use malware to overload network resources. The attacker then broadcasts Internet Control Message Protocol echoes, which causes an infinite loop of requests. To mitigate attacks of this layer, it’s recommended to lock down ports and configure firewalls for only what is needed and gate access to your transmission protocols. Overall, it’s important for the Transport Layer to be as error-free as possible because there is a lot going on with all of the packet movement.

References

Platsis, G., George Platsis Senior Lead Technologist, Platsis, G., Technologist, S. L., & George Platsis works with the private. (2021, June 14). The OSI model and you part 4: Stopping threats at the OSI transport layer. Security Intelligence. Retrieved October 22, 2021, from https://securityintelligence.com/articles/osi-model-stopping-threats-osi-transport-layer/.

What is layer 4 of the OSI model: Transport layer?: DDI (secure DNS, DHCP, IPAM). Infoblox. (2021, April 27). Retrieved October 22, 2021, from https://www.infoblox.com/glossary/layer-4-of-the-osi-model-transport-layer/. 

Peer 2:

Physical Security Threats

Threats today range from hybrid attacks to targeting both physical and cyber assets.  With the adoption and integration of Internet of Things (IoT) and the Industrial Internet of Things (IIoT)  devices has increased interconnected mesh of cyber-physical system (CPS), that expands the attack surface and blurs the once clear functions of cybersecurity and physical security in this new threat landscape.

This new landscape allows for successful cyber/physical attacks on industrial control systems (ICS) to disrupt operations and deny services to the population affected by the attack.  Cybersecurity & Infrastructure Security Agency (CISA) provides examples of types of physical attacks (CISA 2021):

• A Security gap in access controls-  an unauthorized access to facilities or system permissions, can allow an individual to use a USB or removable hardware to introduce a virus or malware to a network
• HVAC systems  can be virtually overridden, causing rising temperatures to disable network servers.
• Law enforcement and emergency services can have impaired communications if a cyber attack on their telecommunication system that can result in loss of life and delayed response times.
• Medical device malfunctions can be detrimental causing injury or loss of life when a cyberattack exploits an healthcare target.
• An unmanned aircraft, can compromise sensitive data if access is gained using an unsecured network using wireless hacking technology.

As cyber-physical attack continue to grow, global insurance companies are trying to ascertain how much to cover for such a dynamic risk as attacks are constantly evolving.  There are so many potential attack surfaces, vectors and avenues there are infinite possibilities for cyber-physical attacks as the world moves forward with self-driven cars, telehealth, medical devices, traffic flow sensors, drones, transit systems.    The triad’s approach to Confidentiality, Integrity and Availability, with Confidentiality at the forefront with physical security, will need strict access controls, educating all users of technology of the dangers of cyber world.  (Hamilton 2021)

References

CISA (2021) “ Cybersecurity and Physical Security Convergence” Cybersecurity & Infrastructure Security Agency Cybersecurity and Physical Security Convergence (cisa.gov)

Hamilton, E., (July 2021) “ What are Cyber-Physical Attacks?” The Science Times What Are Cyber-Physical Attacks? | Science Times