A Study of Online Service and Information Exposure of Public Companies

摘要

It is believed that public companies should have put lots of efforts and resources in designing and implementing effective security policy in their dairy information processing and management against potential cyber attacks. A company web server accessible by the general public and attackers is usually a common entry point for cyber attacks. This paper studies and reports the security problems in web servers of public companies. We applied several commonly used tools and systems to collect information from publicly accessible web servers of (elected public companies, and studied some known security aspects in those public companies. Our findings will provide an insight to the effectiveness of web servers in public companies against cyber attacks. This paper also proposes a risk analysis tool for cyber attacks, which is known as pyramid risk analysis tool.