Is Your Network Secure?
Most of us probably remember a recent serious data breach. These violations targeted large companies that we believe would deploy the most recent network security procedures. The problem is that every company, big or small, gets advice on how to secure their network, but I’m afraid to say that in many cases, security policies are not always implemented as planned.
Why are comprehensive security policies not implemented? It may be a question of cost, housing IT staff, who must recognize the dangers. It is sometimes pure complacency where a company assumes that because its network has not been seriously compromised, it will probably never do so.
Threats to a network come in many forms and sizes:
A computer virus falls under the category of malware. The virus integrates with another program and is usually able to replicate itself so that it can spread from one computer system to another. The effects of a computer virus can range from slightly annoying symptoms to corruption or deletion of data from the infected computer system. There is normally an executable file associated with a virus, which often forces a user to execute this file. It is a well-documented fact that viruses are often introduced into a system through email, file transfer from a disk, or file sharing over a network. Worms and Trojans can often be classified as viruses.
Advertising software, as the name implies, is a program designed to display advertisements on a user’s computer or to redirect a user’s browser to a website displaying advertisements. Some adware is even designed to collect data on the user’s system, often with little indication to the user of what is happening.
Adware is often introduced into a computer system via certain free or shared programs (freeware and shareware), or through the use of websites infected by these programs. Sometimes you notice that your browser has been hacked and, whatever you do, it is deliberately directed to a particular web page. The good thing is that adware can usually be removed quite easily, but can still be an initial nuisance.
Dos (denial of service)
As its name clearly indicates, the purpose of the DoS is to seriously inhibit or completely stop a network service or the network itself. This is often done by overloading a target machine with false requests so that genuine requests can not be processed, and thus rendering the service unusable. Web servers or mail servers are often the intended victims, especially those run by large commercial organizations. There are a number of well known DoS attacks:
SYN attacks exploit the three-way negotiation that precedes a TCP connection by sending a connection request, but never ending it. Finally, all TCP ports used for the service are used and the authentic users can not establish a connection to the server.
ICMP Flooding works by flooding a network of ping packets that require responses, thereby consuming valuable network resources and eventually exhausting those services.
Buffer overflow attacks target network-specific devices or programs with excessive traffic, causing the system to hang or shut down under the weight of traffic.
Other denial of service attacks simply exploit vulnerabilities that cause the target system or service to crash. During these attacks, an entry is sent, exploiting the bugs of the target which, afterwards, seriously crash or destabilize the system, thus preventing its access and use. A particularly effective DoS attack is a distributed attack, which means that a system is attacked by many machines in multiple locations, increasing the attack’s ability.
Hackers only exploit the vulnerabilities and weaknesses of networks or IT systems. The motives behind piracy are many and varied, the most common being stealing or compromising an organization’s information, embarrassing an organization, or simply hacking a system for the prestige of hackers.