This document discusses security threats and vulnerabilities. It begins by noting that threats and vulnerabilities are constantly changing with evolving technology. It defines threats as actions that could damage an asset, and vulnerabilities as weaknesses that allow threats to occur. The document then discusses how to identify important organizational assets and assess risks to them. Several types of threats are outlined, including human threats like errors, criminal behavior, and insider threats from employees. Common forms of malicious software like viruses, worms, Trojan horses, rootkits and spyware are also described. Strategies for reducing insider threats like monitoring, multi-person access, and job rotation are presented.
Cybersecurity is the practice of defending computers and servers, mobile devices, electronic systems, networks and data from malicious attacks.
Topic Covered:
Cyber Security Introduction
Online & Offline Identities
Hackers and their types
Cyberwarfare
Cyber Attacks Concepts & Techniques
System, Software & Hardware Vulnerabilities
Security Vulnerabilities Categories
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...IOSR Journals
Technical solutions, introduced by policies and implantations are essential requirements of an
information security program. Advanced technologies such as intrusion detection and prevention system (IDPS)
and analysis tools have become prominent in the network environment while they involve with organizations to
enhance the security of their information assets. Scanning and analyzing tools to pinpoint vulnerabilities, holes
in security components, unsecured aspects of the network and deploying of IDPS technology are highlighted.
Malicious Insiders examines the role that insider play in sabotage, industrial espionage and fraud. We also examine how taking proactive steps reduces these risks.
Today's corporate world is part of the battleground fighting against potential threats and attacks. Though the threat landscape is evolving ra pidly, security has usually always caught up to gain the upper hand.
Cybersecurity is the practice of defending computers and servers, mobile devices, electronic systems, networks and data from malicious attacks.
Topic Covered:
Cyber Security Introduction
Online & Offline Identities
Hackers and their types
Cyberwarfare
Cyber Attacks Concepts & Techniques
System, Software & Hardware Vulnerabilities
Security Vulnerabilities Categories
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...IOSR Journals
Technical solutions, introduced by policies and implantations are essential requirements of an
information security program. Advanced technologies such as intrusion detection and prevention system (IDPS)
and analysis tools have become prominent in the network environment while they involve with organizations to
enhance the security of their information assets. Scanning and analyzing tools to pinpoint vulnerabilities, holes
in security components, unsecured aspects of the network and deploying of IDPS technology are highlighted.
Malicious Insiders examines the role that insider play in sabotage, industrial espionage and fraud. We also examine how taking proactive steps reduces these risks.
Today's corporate world is part of the battleground fighting against potential threats and attacks. Though the threat landscape is evolving ra pidly, security has usually always caught up to gain the upper hand.
ybersecurity is an increasing
concern for many in the
medical cybersecurity and
information technology
professions. As computerized
devices in medical facilities
become increasingly networked
within their own walls and
with external facilities, the risk
of cyberattacks also increases,
threatening confidentiality,
safety, and well-being. This
article describes what health
care organizations and
imaging professionals should
do to minimize the risks.
This slide gives a brief description of social engineering, its classcification, attack environment and various impersonation scenario which will give the audinece a sound knowledge on social engineering technique.
Booz Allen Hamilton focuses on defining the vulnerabilities
further and identifying the potential mobile security exploits that could harm or damage a business. This article covers Booz Allen's approach to helping organizations develop a secure and effective mobile application security program.
This document is a guide for the detailed development, selection implementation of information system and program level procedures to indicate the execution, effectiveness, and impact of security controls along with and other security associated activities.
Looking to understand how hackers and other attackers use cyber technology to attack your network and your executives? This slide set provides an overview and details the anatomy of a cyber attack, and the strategies you can use to manage and mitigate risk.
Cyber Warfare is the current single greatest emerging threat to National Security. Network security has become an essential component of any computer network. As computer networks and systems become ever more fundamental to modern society, concerns about security has become increasingly important. There are a multitude of different applications open source and proprietary available for the protection +-system administrator, to decide on the most suitable format for their purpose requires knowledge of the available safety measures, their features and how they affect the quality of service, as well as the kind of data they will be allowing through un flagged. A majority of methods currently used to ensure the quality of a networks service are signature based. From this information, and details on the specifics of popular applications and their implementation methods, we have carried through the ideas, incorporating our own opinions, to formulate suggestions on how this could be done on a general level. The main objective was to design and develop an Intrusion Detection System. While the minor objectives were to; Design a port scanner to determine potential threats and mitigation techniques to withstand these attacks. Implement the system on a host and Run and test the designed IDS. In this project we set out to develop a Honey Pot IDS System. It would make it easy to listen on a range of ports and emulate a network protocol to track and identify any individuals trying to connect to your system. This IDS will use the following design approaches: Event correlation, Log analysis, Alerting, and policy enforcement. Intrusion Detection Systems (IDSs) attempt to identify unauthorized use, misuse, and abuse of computer systems. In response to the growth in the use and development of IDSs, we have developed a methodology for testing IDSs. The methodology consists of techniques from the field of software testing which we have adapted for the specific purpose of testing IDSs. In this paper, we identify a set of general IDS performance objectives which is the basis for the methodology. We present the details of the methodology, including strategies for test-case selection and specific testing procedures. We include quantitative results from testing experiments on the Network Security Monitor (NSM), an IDS developed at UC Davis. We present an overview of the software platform that we have used to create user-simulation scripts for testing experiments. The platform consists of the UNIX tool expect and enhancements that we have developed, including mechanisms for concurrent scripts and a record-and-replay feature. We also provide background information on intrusions and IDSs to motivate our work.
ybersecurity is an increasing
concern for many in the
medical cybersecurity and
information technology
professions. As computerized
devices in medical facilities
become increasingly networked
within their own walls and
with external facilities, the risk
of cyberattacks also increases,
threatening confidentiality,
safety, and well-being. This
article describes what health
care organizations and
imaging professionals should
do to minimize the risks.
This slide gives a brief description of social engineering, its classcification, attack environment and various impersonation scenario which will give the audinece a sound knowledge on social engineering technique.
Booz Allen Hamilton focuses on defining the vulnerabilities
further and identifying the potential mobile security exploits that could harm or damage a business. This article covers Booz Allen's approach to helping organizations develop a secure and effective mobile application security program.
This document is a guide for the detailed development, selection implementation of information system and program level procedures to indicate the execution, effectiveness, and impact of security controls along with and other security associated activities.
Looking to understand how hackers and other attackers use cyber technology to attack your network and your executives? This slide set provides an overview and details the anatomy of a cyber attack, and the strategies you can use to manage and mitigate risk.
Cyber Warfare is the current single greatest emerging threat to National Security. Network security has become an essential component of any computer network. As computer networks and systems become ever more fundamental to modern society, concerns about security has become increasingly important. There are a multitude of different applications open source and proprietary available for the protection +-system administrator, to decide on the most suitable format for their purpose requires knowledge of the available safety measures, their features and how they affect the quality of service, as well as the kind of data they will be allowing through un flagged. A majority of methods currently used to ensure the quality of a networks service are signature based. From this information, and details on the specifics of popular applications and their implementation methods, we have carried through the ideas, incorporating our own opinions, to formulate suggestions on how this could be done on a general level. The main objective was to design and develop an Intrusion Detection System. While the minor objectives were to; Design a port scanner to determine potential threats and mitigation techniques to withstand these attacks. Implement the system on a host and Run and test the designed IDS. In this project we set out to develop a Honey Pot IDS System. It would make it easy to listen on a range of ports and emulate a network protocol to track and identify any individuals trying to connect to your system. This IDS will use the following design approaches: Event correlation, Log analysis, Alerting, and policy enforcement. Intrusion Detection Systems (IDSs) attempt to identify unauthorized use, misuse, and abuse of computer systems. In response to the growth in the use and development of IDSs, we have developed a methodology for testing IDSs. The methodology consists of techniques from the field of software testing which we have adapted for the specific purpose of testing IDSs. In this paper, we identify a set of general IDS performance objectives which is the basis for the methodology. We present the details of the methodology, including strategies for test-case selection and specific testing procedures. We include quantitative results from testing experiments on the Network Security Monitor (NSM), an IDS developed at UC Davis. We present an overview of the software platform that we have used to create user-simulation scripts for testing experiments. The platform consists of the UNIX tool expect and enhancements that we have developed, including mechanisms for concurrent scripts and a record-and-replay feature. We also provide background information on intrusions and IDSs to motivate our work.
What Happens When You Donate Your Career to ScienceThea Boodhoo
New giant dinosaurs. Mountain ranges on Pluto. Gravity waves from other galaxies. We live in a golden age for scientific discovery, and it’s hard not to wonder, as we pry ourselves away from Mars panoramas back into the earth-bound corporate things waiting in our other browser tabs, what it would be like if we’d gone into that science field we really like instead.
Thea Boodhoo was a run-of-the-mill content strategist at an admittedly pretty great ad agency, who also found inspiration in the discoveries of science. She thought, “Surely scientists need content strategists. They must. Right?” And she set off on a journey that took her into the depths of time, the insides of a dead pigeon, and the far, exotic reaches of New Jersey, Utah, and academia.
Now she’s ready to share what she learned about the reality of modern science, what it’s like working with scientists, how she overcame the hurdles of being an outsider, and how you, too, can apply your skills as a creative professional to science projects where they are, truly, needed. Without having to dissect a pigeon.
Effect of mixed industrial effluent on the growth of abelmoschus esculentusroaddistancein
Industrialization play an important role in the development process but the wastewater disposal has become a global dilemma for the industries because of generation of high volume of effluents, limited space for land based treatment & disposal and high cost of treatment technologies (Kumar & Chopra).
This is very important as consistency is one of the great qualities you can only expect in a professional wedding photographer. Dallas wedding photographer has a great work portfolio and he is an apt person to fulfill your purpose.
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdfEnterprise Insider
According to the 2022 Ponemon Cost of Insider Threats Global Report, insider threat occurrences surged 44% in the last two years, with expenses per incident climbing by more than a third to $15.38 million.
Best BCA colleges in Delhi NCR JIMS Vasant Kunj New Delhi.
cyber ethics is a part of curriculum of BCA 6TH Sem of BESTBCACOLLGE IN DELHI NCR.
JIMS Vasant KunjII is the Top institute for BCA. JIMS is one of the Best BCA Colleges in Delhi which offers best placements in Top IT Companies in Delhi NCR. It is amongst the top A+ Category highest ranked colleges in Delhi, provides 3 years Regular Degree from UGC Approved University
Mitisol is the perfect solution for Cyber security and risk management, Cyber security and risk management, Cyber Security Company in Dhaka, Bangladesh.
We are the best instutute for Cyber security courses, Cyber Security Course Training, Advanced Cyber security courses in Dhaka, Bangladesh. So keep visiting our websites to get update on regular basis.
Running Head CURRENT CHALLENGES FACING CYBER SECURITY .docxhealdkathaleen
Running Head: CURRENT CHALLENGES FACING CYBER SECURITY 1
CURRENT CHALLENGES FACING CYBER SECURITY 12
(Name of School)
(Your Name)
(Course Code)
(Instructor’s Name)
(Date)
Current Challenges Facing Cyber Security
Abstract
Modern technology has been used today in various fields and it has proved to be of importance. Technology as a whole makes the world appear small in terms of distance due to fast transport and communication and a huge task to be less. Many people have been so dependent on technology, which is advancing fast. The technology faces quite several challenges with the main one being cyber-crimes in different organizations and that where cybersecurity plays its part in the protection of vital information from being accessed or destroyed by unauthorized individuals. Cybersecurity plays a significant role in ensuring that any computer-related information is secure, no harm can come to it or threat is detected early before it thrives (Raman, 2019, p.3). Despite that still, the cybersecurity faces a lot of challenges; the main objective of this paper is to focus on those challenges faced by cybersecurity, making it less effective in playing its role. Also on some of the measures that have been taken in preventing the crimes associated with computer systems (Sutherland, 2018, p. 27).
Introduction
The world today starting from an individual moving to the largest organizations, all at least have a computer system for either storing information or used in day to day activities. Human beings can communicate with their loved ones from the far distance, they can travel long distance within the shortest time possible, and also they make what is deemed to be less effective, to be efficient. This is how good the technology is and why people are obsessed with it day in day out. Before all this, there is still the fact that they are unable to safeguard their information mostly the private one (Sadeghi et al., 2015, p. 4). This is why this paper is of importance as it makes one realize that within a fraction of a second or a mini second one can lose over a million in his bank account, millions of passwords could be hacked, the funny part is that someone can give out your money for donation without your knowledge, a virus can be sent into your computer to disrupt it or malware this is mostly associated with computers. That is how cyber-crime is and you can imagine how the victims cope with such surprise events when they do occur, in some cases, others take their lives in such a situation. These may occur due to the lack of cybersecurity that allows computer and other machines to be exploited (Sutherland, 2018, p. 27).
Objectives
To come up with a strategy that can respond quickly from cyber incidents and also prevent them when they occur.
To ensure that there is integrity maintained and availability of linked systems.
Encourage the creation of cyber secured machines to fight cyber threats.
Literature Revi ...
Introduction Over the past years, there have been increasing ca.docxnormanibarber20063
Introduction
Over the past years, there have been increasing cases of information security threats. As the information technology professionals stay up to date with the latest technologies, they navigate through complicated playing field. There has been a newly introduced terminology that has brought a lot of confusion in the area of technology. This paper focuses on the background of information security. It also looks at the information technology threats as well as the importance of planning policies to mitigate these risks.
History of Information Security
The computers were initially created to facilitate the swift exchange of information from one person to another (Jouini, 2014). The initial information technology infrastructure was created around the mainframe computers while others were established around the personal computers. At first, it seemed impossible to advance these computers to the present generation computers and information technology gadgets. However, as information technology revolutionize, new avenues are opening for the possibility of crimes. Cyber criminals take advantage of these opportunities to steal the passwords of the computers and get access to the private information as well as make devastating effects on computers and networks.
The nature of the use of computers has changed over the years. Various networks have been developed to enable the sharing and circulation of information and data. Regulating the access to these possessions is problematic as one need to stabilize the need for access to free information with the value of the content of the data he or she receives (Layton, 2016). Most of the information today is very sensitive while others are not. The information technology has today progressed over just the usernames and passwords. The field today encompasses digital strategies, the process of biometric identification and integrated security strategies.
The Need for Security
Many organizations agree that putting up the policies for information security is expensive and time-consuming. Most users also get interrupted by the substantial security policies that complicate their works and in turn develop bad politics within organizations (Omar, 2017). As such, it is essential to plan an audit policy on large networks that may consume a lot of time and money. Most users believe that there is no need to implement the security policies if there is no secret work done.
Developing a poor security plan can lead to detrimental effects and even devastating disasters. A password policy which enables the users to use weak or poor passwords is the paradise for the hackers (Von Solms, 2013). The absence of firewall or protection for the proxy between the firm and the local area network is a loophole for the company to become a cybercrime target.
Organizations should figure out the amount it may take them to efficiently implement the information security policies to safeguard their information as well as their ass.
In today's digitally connected world, malware has become a formidable menace, capable of wreaking havoc on individuals and organizations alike. This comprehensive article delves into the dark world of malware, exploring its various types, methods of entry, and the devastating consequences it can bring. With viruses, worms, trojans, ransomware, and spyware lurking around every corner, the need for robust malware detection and prevention strategies has never been greater.
The article takes readers on a journey through the intricate web of malware's infiltration methods, from phishing attacks and drive-by downloads to infected email attachments and external devices. It elucidates how malware can compromise systems, steal sensitive information, and cause significant financial and reputational damage. But fear not, as the article doesn't just point out the threats; it equips readers with powerful tools for defense.
Discover the key to safeguarding your digital fortress through cutting-edge malware detection methods, such as antivirus software, intrusion detection systems, and behavior monitoring tools. Understand the pivotal role that user education and awareness play in fortifying your defense against cyber threats, empowering individuals to recognize and thwart potential attacks.
The article then shifts focus to proactive measures, emphasizing the critical importance of regular software updates, strong passwords, and secure web browsing practices. Learn how network segmentation and application whitelisting can create additional layers of protection, minimizing the damage caused by any potential malware breaches.
Lastly, the article highlights the indispensable role of firewalls as stalwart guardians, standing between your organization's internal network and malicious external forces. By enforcing strict security policies, firewalls act as an impenetrable barrier against unauthorized access and suspicious activities, bolstering your digital fortress against malware intrusions.
In conclusion, this article is a comprehensive guide to understanding and combating malware. With the knowledge gained from its insights and recommendations, readers can fortify their digital environment, safeguard sensitive information, and remain one step ahead in the relentless battle against malicious software. In this digital age, knowledge is power, and with this article, you hold the key to a safer and more secure online world.
Social engineering is a non-specialized system cyber attackers utilize that depends intensely on human communication and regularly includes fooling individuals into breaking standard security rehearses. The accomplishment of social engineering systems relies upon attackers' capacity to control unfortunate casualties into playing out specific activities or giving confidential information. Today, social engineering is perceived as one of the best security dangers confronting associations. Social engineering contrasts from customary hacking as in social engineering assaults can be non-specialized and don't really include the trade-off or misuse of programming or frameworks. Whenever fruitful, numerous social engineering assaults empower attackers to increase real, approved access to confidential information.
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docxarnoldmeredith47041
The uniqueness of the text:
61.5%
SHOW ALL MATCHES
Page address
Similarity
View in text
http://yandex.ru/
18.1%
Show
http://google.ru/
20.3%
Show
http://yandex.ru/
1%
Show
I NEED HELP WITH MY CONTENT EDIT THIS TEXT CHECK ANOTHER TEXT
Information Security Issues Faced by Organizations In any organization, Information Security threats may be many like Software assaults, theft of intellectual belongings, identity robbery, theft of gadget or statistics, sabotage, and facts extortion. A risk can be something which could take gain of a vulnerability to breach security and negatively adjust, erase, damage object or gadgets of interest. Software attacks imply an attack by Viruses, Worms, Trojan Horses and so forth. Many customers consider that malware, virus, worms, bots are all the same matters. But they're now not identical, the simplest similarity is that they all are malicious software program that behaves differently. Apart from these threats, there are some headache information security threats they are: Cyberattack Threats: - Cyber-attacks are, of course, establishments’ pinnacle problem. There are many methods cybercriminals can target companies. Each will motive distinct types of harm and need to be defended in opposition to in one-of-a-kind methods. Some attacks, consisting of phishing campaigns, are typically designed to thieve private information. Others, such as ransomware and denial-of-carrier assaults, have several feasible pursuits, ranging from extorting cash to disrupting business operations for political reasons. Cyber threats, unfortunately, are getting an increasing number of risks in these days clever international. But what precisely is cyber risk? A cyber threat is an act or viable act which intends to scouse borrow records (non-public or in any other case), damage records or motive a few types of digital damage. Today, the time period is nearly exclusively used to explain records safety topics. Because it’s tough to visualize how digital signals touring throughout a cord can represent an assault, we’ve taken to visualizing the virtual phenomenon as a bodily one. A cyber-attack is an assault this is hooked up in opposition to a corporation (that means our digital gadgets) making use of cyberspace. Cyberspace, a digital space that doesn’t exist, has grown to be the metaphor to assist us to understand virtual weaponry that intends to harm us. What is actual, but, is the purpose of the attacker as well as the potential impact. While many cyberattacks are mere nuisances, a few are quite serious, even potentially threatening human lives. Malware: - Software that plays a malicious project on a goal tool or community, e.g. Corrupting facts or taking on a machine. Ransomware: - An attack that involves encrypting information on the goal system and traumatic a ransom in alternate for letting the consumer has got right of entry to the facts again. These assaults range from low-level nuisances to severe incidents just like the locking do.
1. Running head: SECURITY THREATS & VULNERABILITIES 1
Security Threats & Vulnerabilities
John Intindolo
American Public University
2. SECURITY THREATS & VULNERABILITIES 2
Security Threats & Vulnerabilities
In a world where technology is constantly evolving it comes as no surprise that threats and
vulnerabilities are also changing continuously. Information Security is keeping the confidentiality,
integrity, and availability of an entire organization, and is virtually impossible to accomplish
without being aware of the security threats and vulnerabilities that exist. A security threat is any
action that has the potential to damage an asset. Threats could be a result of a natural or man-
made event. There is no single security threat out there, but rather many different threats that can
bring down an entire organization’s network if they are unprepared on how to handle them.
Having a plan in place before an event occurs will ensure that the security professionals will be
equipped to handle any and all situations in a timely manner.
A vulnerability differs from a threat in that a vulnerability is defined as “a weakness in a
product that could allow an attacker to compromise the integrity, availability, or confidentiality of
that product” (“Definition of,” 2013). In other words vulnerability works to allow the threat to
occur. A threat needs a vulnerability to infiltrate a network. If a vulnerability is secured than the
threat cannot do its damage; therefore, it is important to keeping the network as secure as
possible. Before discussing that however the first thing to think about is what is it that the
organization wants to protect? After all how can an asset be protected if it is unknown what is
important to the organization?
The basic description of the things attempting to be protected are anything that has value
otherwise known as assets. Assets within an organization range from sensitive data like trade
secrets, to financial data like credit card information, to hardware and software components, or
even to reputation assets such as a brand imaging. Once the assets of the organization are
understood it is important to determine the risk of an attack at each level. This can be done by
performing a risk assessment. A risk assessment should be performed by prioritizing the risk of an
3. SECURITY THREATS & VULNERABILITIES 3
attack from the most likely all the way down to the least likely vulnerability. The next phase
would be to explain the different security threats. The first threat to the security of a network is
the human element.
People are human meaning that everyone makes mistakes, and no person is perfect.
Human beings also have the ability to make a choice for themselves, right or wrong. The security
threats that a person poses to computer security can be through user error, being uneducated in
using the system properly, or even purposely attempting to damage or steal data. Criminal
behavior is dealt with in a much different manner in normal everyday life as oppose to in
cyberspace. The laws and consequences in real world are respected by people (for the most part),
but in cyberspace criminal behavior runs rampant and often goes unpunished (or even
undiscovered). There are two different types of people that are a threat to a network’s security,
an insider and an outsider. Which of the two is the bigger threat? Well according to Gartner,
“More than 70% of unauthorized access to data is committed by an organization’s own
employees” (Beaver, 2006). That is an astonishing number to think about.
An insider threat is one that describes the people within the organization that are
disgruntled and have become a principal source of computer crimes due to their knowledge of the
victim’s system (Erbschloe, 2005, p. 2). This intimate knowledge that an insider has can lead to
things such as stealing or corrupting company data. A key thing to understand is that while
viruses and Trojan-based attacks are often thought as an issue from an outsider, an insider poses a
bigger threat because they have a higher chance of performing a successful attack. How severe is
an insider threat? Well according to Ernst & Young survey, 25 percent of organizations surveyed
have experienced an increase in attacks by malicious insiders (2009, p. 5). That is a pretty
significant number. Now the question that remains is what makes a person disgruntled to the point
that they would perform an attack against their employer? There are several reasons that an
4. SECURITY THREATS & VULNERABILITIES 4
otherwise trustworthy employee may become an insider threat. Some reasons would be the stress
and fear of being laid-off, or an unexpected financial problem that they may come under. How can
an insider threat be guarded against?
There are three strategies that work best for reducing the risks associated with an insider
threat. Those would be monitoring, two-person or multi-person control, and job rotation. Trust is
something that cannot be taken for granted no matter how great of a team an organization has.
These strategies are put into place to keep “the bad seeds honest and the good ones from slipping
up” (“Best practice guide,” 2012). Monitoring can be done in the form of scanning an employee’s
computer for unauthorized activity (such as visiting a webpage that is not work related during
business hours) or double checking periodic results, like counting the cash held by a cashier for
example (Smith, 2011, p. 573). One of the main reasons that an employee would attempt to steal
a company’s data is because they feel that they can do it without getting caught. Monitoring
greatly increases the chances of them being caught, and may deter someone from attempting to
follow through on an attack or stealing.
The second strategy to help reduce the risk of an insider threat is through two-person or
multi-person control. Two-person or multi-person control requires the use of more than one
person to be involved in a critical transaction. For example, a nuclear missile launch may require
the use of two or more people so that one person does not have the ability to perform an attack.
Without all parties’ access codes the launch will not occur. Most internal attacks are done
individually, therefore implementing two-person or multi-person control can greatly reduce the
risk. The third strategy that can help in the reduction of an insider threat is through job rotation.
This is done by having a rotation of several people doing the same job duties. Not only does this
help to combat against insider attacks, but it also exposes the employees to different experiences
5. SECURITY THREATS & VULNERABILITIES 5
and gives them a more varied skill set. If more than one person performs the same task it lessens
the risk that one of them will be performing some sort of malicious behavior.
Outsider threats are threats to an organization’s network using the Internet or outside
networks to gain authorized access to the organization’s network. An outsider, as the name
suggests, comes from a source outside of the network that attempts to damage the confidentiality,
integrity, and availability of a network. Insider and outsider threats come in many forms, but both
come in the form of malicious software and several different attacks. Malicious software is also
known as Malware and is used to follow the instruction of an attacker to cause damage to or
disrupt a system (Kim & Solomon, 2012, p. 117). Malware can be broken down into two
categories, infecting programs and hiding programs. Within these two categories are several
types of Malware and they are: viruses, worms, Trojan horses, rootkits, and spyware.
The first example of an infecting malware program is a virus. Viruses are the most
common type of malicious attacks to the everyday computer user. Even if a person has a limited
background in information technology, chances are they are aware of what a virus does to a
computer. A virus is a program written by a hacker to alter the way a computer operates without
the permission or even knowledge of the user, and it will replicate and execute itself in the hopes
of damaging the user’s computer (Ahmad, 2012, p. 751).
Viruses and worms are both a type of Malware that are categorized as an infecting
program. Infecting programs actively try to copy themselves onto other computers to carry out
the attacker’s instructions onto new targets (Kim & Solomon, 2012, p. 117). Worms like viruses
reproduce and spread to other computers, but they differ from viruses in that they are independent
programs as opposed to ones that hide inside another program. The second category of Malware
that exists are known as hiding programs. The difference with hiding programs is that they carry
6. SECURITY THREATS & VULNERABILITIES 6
out the attacker’s instructions while hiding in the computer and avoiding detection. This is where
Trojan horses, rootkits, and spyware fall under.
Trojan horses are destructive programs that disguise themselves as a harmless computer
program with the purpose of getting access to the victim’s computer from a different location
(“Information security office,” 2012). They try to trick the victim into thinking that it is a safe
program in an effort to damage the system. This is often done through an e-mail attachment or
from a file that was downloaded off of the Internet. A rootkit is like a Trojan horse in that it will
hide itself, but it will not try to corrupt or damage the system. So if a rootkit does not attempt to
damage the system, then what does it do?
A rootkit rather than damage the system will be used instead to give the attacker ability to
access information, monitor the victim’s actions, modify programs, or carry out other functions
on the victim’s computer without being detected (McDowell, 2013). Due to the fact that a rootkit
can allow an attacker to modify programs it makes recovering from this type of an attack a
difficult task. If it is unable to be removed the best way to recover may be to simply reinstall the
operating system, because a prior version of a file may not be trustworthy. The third type of
hiding program Malware would be spyware. Spyware is very common to the average computer
user nowadays and is almost as well known to people as viruses. Spyware is used to collect
information about someone or an organization without their approval or knowledge. This
information is then used for such things as selling to advertising agencies or in some cases it can
be used for identity theft.
Like Malware there are also different types of attacks including the following: key
logging, spoofing, phishing, social engineering, and denial-of-service attacks. Knowing each one,
how they affect an organization’s infrastructure, and what to do in order to prevent an attack will
go a long way to keeping the network secure. Key logging refers to an attack that logs every key
7. SECURITY THREATS & VULNERABILITIES 7
stroke that the victim makes and can allow the attacker to get passwords, bank account
information, etc. This can lead to some stealing of valuable data or even money. Spoofing is when
the attacker falsifies data in order to give them an illegitimate advantage.
Phishing threats meanwhile take spoofing one step further in that not only do they falsify
data, but they do so in order to steal sensitive financial or personal information (Ahmad, 2012, p.
751). Social engineering attacks are similar to phishing and spoofing threats, but by deceiving the
victim into revealing secure information and in turn using that secure information to attack the
organization’s network. These attackers are modern-day con-artists that prey on people’s
emotions to get their information. The next attack that is a threat would be a denial-of-service
attack. DOS attacks are used to interrupt or suspend the victim’s services to the Internet.
Now that the threats and vulnerabilities have been outlined the question remains, how can
these threats be stopped before doing damage. A default deny policy should be implemented,
meaning that everyone on the network will be denied access as a default. Only those whose job
requires access to items will have it. This will help alleviate many problems that are caused from
user error or unauthorized personnel accessing sensitive data. Internet usage should be relegated
to work related sites only. Cyber threats such as Malware, phishing, and impersonation are most
common in social networking sites, which is why they should be banned from the workplace (Al-
Mushayt, 2013, p. 57).
Anti-virus software, anti-malware software, firewalls, and intrusion detection systems
should be installed on each and every computer connected to the network to prevent a malicious
attack. Additionally, all software should be updated and a strong use of passwords should be used
in order make it difficult for attackers to guess. Furthermore, multi-factored authentication and
encrypting files and passwords whenever possible will make the system much harder to attack.
One other important implementation in addition to these tools would be having security teams run
8. SECURITY THREATS & VULNERABILITIES 8
security tests against the network from the outside in to allow vulnerabilities to be discovered and
corrected before an attack is able to take place (“Vulnerability management,” 2013). All of these
tools will help, but they alone will not solve the problem. There must be a security process that
takes place in addition to the use of the tools listed above.
In order to keep the network secure, reduce the risk of an attack, or decrease the effect an
attack will have, it is best to put into practice the following six phases of the security process:
identify the assets, analyze the risk of an attack, establish a security policy, implement the
defenses, monitor the defenses that have been implemented, and recover from attacks. Identifying
the organizations assets will as stated earlier show exactly what the organization will want to
protect. Once that is complete, an analysis of each asset’s risk of an attack will identify where the
company is vulnerable and in need of more secure measures. From that point a security policy can
be written and put into place to create a set of rules and guidelines for everyone on the network to
adhere by while connected to the network.
The written security policy gives people a list of rules to follow, but it is important that
they are followed from the top of the organization all the way to the bottom. Additionally, the
importance needs to be emphasized by those who created the policy by thoroughly going over the
policy with anyone who will have network access. This can be done in the form of a company
meeting. Whenever a change is necessary the policy should be updated, and the users should be
properly informed of all changes.
Next would be implementing the defenses. The defenses are implemented to protect
against an attack or intrusion. They will need to be constantly monitored by the IS professionals
to see where a weakness may be exploited. It is their job to find the weakness and correct it
before a malicious attack occurs. This form of continuous improvement is extremely important to
the security of a network, because without constant evaluation and correction the network will
9. SECURITY THREATS & VULNERABILITIES 9
become susceptible to an attack. Keeping up with the latest Windows Updates and downloading
the latest patches are some examples of this. Recovery from an attack may be the last phase of the
security process, but it just might be the most important as well.
There is no 100 percent secure method. There will be a time when the organization will
experience an attack, and it is how well prepared the security team is to handle that and how fast
they handle it that will be key. The best methods for recovery are to have an incident response
team, incident response plan, business continuity plan, and backups. The incident response team
will be put into place to handle any and all incidents as set forth in the incident response plan.
Having a plan in place will keep everyone from panicking and get the problem resolved much
quicker. A business continuity plan will give a set of procedures to follow to either keep the
company running in the event of an attack, or to minimize the time that the company is down.
Backups should be taken once every 24 hours and if possible stored at a secure off-site facility. If
stored on-site they should be locked away where only authorized personnel have access to them.
There are many threats and vulnerabilities that exist out there, but through careful
management and planning as detailed above, an organization’s network can remain secure against
many threats. No method is going to keep the system completely secure, so it is important to be
ready to handle any and all attacks. In this day and age so many companies rely on being
connected to the Internet for their everyday business needs. Therefore, if their network is down
for a lengthy amount of time it is going to cost them a significant amount of money. In some cases
a company rendered without power may even cause the end of the company altogether.
10. SECURITY THREATS & VULNERABILITIES 10
References
Ahmad, A. (2012). Type of security threats and it’s prevention. International Journal of
Computer Technology and Applications, 3(2), 750-752.
Al-Mushayt, O. S. (2013). Threats and anti-threats strategies for social networking
websites.International Journal of Computer Networks & COmmunications, 5(4), 53-61.
Retrieved from http://airccse.org/journal/cnc/5413cnc05.pdf
Beaver, K. (2006). Five common insider threats and how to mitigate them. Retrieved from
http://searchsecurity.techtarget.com/tip/Five-common-insider-threats-and-how-to-
mitigate-them
Best practice guide to minimizing your insider risk. (2012). Retrieved from
https://www.lumension.com/Media_Files/Documents/Marketing---
Sales/Whitepapers/Best-Practice-Guide-Minimizing-Your-Insider-Risk.aspx
Definition of a security vulnerability. (2013). Retrieved from http://technet.microsoft.com/en-
us/library/cc751383.aspx
Erbschloe, M. (2005). Trojans, worms, and spyware: A computer security professional's guide to
malicious code. Burlington, MA: Elsevier Butterworth-Heinemann.
Ernst & Young. (2009). Outpacing change: Ernst & young’s 12th annual global information
security survey. Retrieved from http://www.b3b.ch/wp-
content/uploads/12th_annual_GISS.pdf
Information security office faqs. (2012). Retrieved from
http://secureonline.iowa.gov/faqs/index.html
Kim, David, Solomon, Michael. (2012). Fundamentals of Information System Security.
Information Systems & Security Series. Sudbury, MA. Jones & Bartlett Learning.
References
11. SECURITY THREATS & VULNERABILITIES 11
McDowell, M. (2013). Understanding hidden threats: Rootkits and botnets. Retrieved from
http://www.us-cert.gov/ncas/tips/ST06-001
Smith, R.E., PhD. (2011). Elementary Information Security. Burlington, MA: Jones & Bartlett
Learning.
Vulnerability management. (2013). Retrieved from
http://www.veracode.com/security/vulnerability-management