7 Dec 2022

229

Server-Side Request Forgery (SSRF) Attack

Format: APA

Academic level: University

Paper type: Assignment

Words: 536

Pages: 2

Downloads: 0

Malicious cyber activities represent one of the foremost challenges that business organizations today face. The National Institute of Standards and Technology (NIST) (2012) defines malicious cyber activity as any unauthorized access to computer systems that compromises the integrity, availability, and confidentiality of networks, data, information, or computer systems therein.in 2016, malicious cyber-attacks cost the US economy between $45-109 billion. In 2018, $45 billion in losses was reported lost from just 2 million cyber-attacks. The cost of cybercrime in 2019 was $1.3- $13 million per organization (Anderson et al., 2019). Malicious attacks can be of many forms including, DDoS, Botnet attacks, insider threats, malware, phishing attacks, hacks, espionage, man-in-the-middle attacks, among others. For this discussion, an emerging and formidable cyber-attack threat knew as Server-Side Request Forgery (SSRF) will be discussed. Additionally, the papers will discuss the equipment, software, and information needed to study this threat and how to handle incident data from an SFRF attack.

Server-Side Request Forgery (SSRF) is a web-based security vulnerability that allows an attacker to induce crafted request from back-end servers to vulnerable HTTP web applications. Cybercriminals use SSRF to internal targe systems protected by a firewall and not accessible from an external network. This goes to show that having a firewall and protecting your network infrastructure is not enough. Attackers leverage SSRF to launch attacks against organization services, using the loopback interface (127.0.0.1) of the server being exploited. This attack is also common in public clouds such as the AWS. The servers are tricked into running commands that are not permitted to run. One recent example of this vulnerability in effect was against Capitol One, which led to the loss of 100 million customer data, one of the largest ever hacks ever seen.

It’s time to jumpstart your paper!

Delegate your assignment to our experts and they will do the rest.

Get custom essay

Information, Equipment, And Software Needed to Study SSFR Attacks 

Despite rigorous efforts to mitigate vulnerabilities and threats, they still occur. For SSRF, it is necessary to have extensive knowledge of how the AWS public cloud works, extensive studies in the server operations, as well as, knowledge on loopback interfaces and web applications running on your server. There are many software applications as well as hardware equipment that can help responders' study SSRF threats. The most common one is using an interactive Application Security Testing toolkit, which helps detect untrusted input from both internal and external sources. This toolkit is reliable and works better than DAST web scanners or Static analysis tools (SAST).

Acquiring, Handling, And Analyzing Data from An SSRF 

Data from an SSRF attack can be collected using [1] human intelligence, I.e., interviewing, interrogation, and social engineering, particularly on suspected malicious insiders; [2] from internal and external indicators of compromise;[3] malware analysis tests; [4] pen testing report; [5] and Cyber Counterintelligence, including passive DNS, honeypots, and malware sinkholes. All data from the forensic investigations must be handled in a manner consistent with the legal standards associated with digital evidence handling. Log and malware analysis is the most pertinent form of analysis for SSRF attacks.

Incident Response Protocol 

Organizations facing an SSRF attack should be well prepared in averting in response to this threat; the key steps involve assembling an Incidence response team made up of experts in computer science, software engineering, as well as cybersecurity experts. Next, the team should detect and ascertain the source using the Application Security Testing toolkit. Next, the team should try to contain and recover from the attack. If the company is on the AWS cloud, they can use tools such as the Access Advisor, the Guard Duty, the AWS WAF, the Amazon Macie, which are effective in containing SSRF attacks. Next, assessing the damage and severity of the attack, notify relevant stakeholders, and institute measures to prevent future incidents of the same nature.

References 

Anderson, R., Barton, C., Bölme, R., Clayton, R., Ganán, C., Grasso, T., ... & Vasek, M. (2019). Measuring the changing cost of cybercrime.

National Institute of Standards and Technology (NIST). (2012). Guide to Malware Incident Prevention and Handling for Desktops and Laptops. NIST Special Publication 800-83 Revision 1 . Retrieved 5th November 2020 from https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-83r1.pdf 

Illustration
Cite this page

Select style:

Reference

StudyBounty. (2023, September 14). Server-Side Request Forgery (SSRF) Attack.
https://studybounty.com/server-side-request-forgery-ssrf-attack-assignment

illustration

Related essays

We post free essay examples for college on a regular basis. Stay in the know!

Security Implication of the Internet of Things

The Internet of Things (IoT) can be described as s system of interconnected devices that have the ability to transfer information over a computer network without the need of human-to-computer or human-to-human...

Words: 892

Pages: 3

Views: 96

Modern Day Attacks Against Firewalls and VPNs

Introduction The need to have an enhanced security of the computer connectivity happens to be one of the reasons that attract companies and organizations towards wide usage of VPNs. Several simple techniques...

Words: 2025

Pages: 7

Views: 134

How to Deploy and Administer Windows Server 2012

Securing a reliable, and expandable configuration for a company is important to build a strong network. The new and enhanced features of the Windows Server 2012 can be used to implement the network. In this...

Words: 1673

Pages: 6

Views: 87

Deployment Model in Cloud Computing

Deployment model is a representation of a cloud environment primarily distinguished by parameters such as accessibility, proprietorship, and storage size. The National Institute of Standards and Technology gives the...

Words: 254

Pages: 1

Views: 81

How to Use Web Search Engines for Business Research

The advancement of technology has made it possible for many people around the world to have easy access to information whenever they want. The development of the Wide World Web-enabled different kinds of information...

Words: 773

Pages: 3

Views: 86

Distributed Database Management System (DDBMS)

Introduction Data management has been a headache to many technology enthusiasts for quite a long period of time. They have successfully managed to logically collect interrelated data and share it. If the data is...

Words: 799

Pages: 3

Views: 127

illustration

Running out of time?

Entrust your assignment to proficient writers and receive TOP-quality paper before the deadline is over.

Illustration