Network security threats are increasing as more people and devices connect to networks. The document identifies ten major network security threats: viruses and worms, Trojan horses, spam, phishing, packet sniffers, maliciously coded websites, password attacks, hardware loss and data fragments, shared computers, and zombie computers/botnets. Each threat is described and potential solutions are provided, such as using security software to block viruses, encryption to prevent packet sniffing, and intrusion prevention systems to counter botnets. Network security managers face ongoing challenges due to the variety of threats and lack of solutions for some issues like password attacks.

1. By Colin Daly W20028223 February 2009

2. With an increasing amount of people getting connected to networks, the security threats that cause massive harm are increasing also. Network security is a major part of a network that needs to be maintained because information is being passed between computers etc and is very vulnerable to attack. Over the past five years people that manage network security have seen a massive increase of hackers and criminals creating malicious threats that have been pumped into networks across the world.(Source [1]: ITSecurity, 2007)

3. According to ITSecurity.com the following are ten of the biggest network threats: “ 1.Viruses and Worms”, “ 2.Trojan Horses”, ” 3.SPAM”, “ 4.Phishing”, “ 5.Packet Sniffers”, ” 6. Maliciously Coded Websites”, ” 7. Password Attacks”, “ 8.Hardware Loss and Residual Data Fragments”, “ 9. Shared Computers”, “ 10.Zombie Computers and Botnets” (ITSecurity [2], 2007)

4. A Virus is a “program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes (Webopedia [3], 2007)”. Viruses can cause a huge amount of damage to computers. An example of a virus would be if you opened an email and a malicious piece of code was downloaded onto your computer causing your computer to freeze.

5. In relation to a network, if a virus is downloaded then all the computers in the network would be affected because the virus would make copies of itself and spread itself across networks (Source [4]: Trendmicro.com, 2008). A worm is similar to a virus but a worm can run itself whereas a virus needs a host program to run. (Source [5]: TechFAQ, 2008) Solution: Install a security suite, such as Kaspersky Total Protection, that protects the computer against threats such as viruses and worms.

6. A Trojan Horse is “a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the file allocation table on your hard disk. (SearchSecurity.com [6], 2004)” In a network if a Trojan Horse is installed on a computer and tampers with the file allocation table it could cause a massive amount of damage to all computers of that network. Solution: Security suites, such as Norton Internet Security, will prevent you from downloading Trojan Horses (Source: Symantec [7], 2007).

7. SPAM is “flooding the Internet with many copies of the same message, in an attempt to force the message on people who would not otherwise choose to receive it. (Spam.abuse.net [7], 2009)”. I believe that SPAM wouldn’t be the biggest risk to a network because even though it may get annoying and plentiful it still doesn’t destroy any physical elements of the network. Solution: SPAM filters are an effective way to stop SPAM, these filters come with most of the e-mail providers online. Also you can buy a variety of SPAM filters that work effectively.

8. Phishing is “an e-mail fraud method in which the perpetrator sends out legitimate-looking emails in an attempt to gather personal and financial information from recipients. (SearchSecurity.com [9], 2003)” In my opinion phishing is one of the worst security threats over a network because a lot of people that use computers linked up to a network are amateurs and would be very vulnerable to giving out information that could cause situations such as theft of money or identity theft. Solution: Similar to SPAM use Phishing filters to filter out this unwanted mail and to prevent threat.

9. “ A packet sniffer is a device or program that allows eavesdropping on traffic travelling between networked computers. The packet sniffer will capture data that is addressed to other machines, saving it for later analysis. (Wisegeek.com [10], 2009)” In a network a packet sniffer can filter out personal information and this can lead to areas such as identity theft so this is a major security threat to a network. Solution: “When strong encryption is used, all packets are unreadable to any but the destination address, making packet sniffers useless. (Wisegeek.com [11], 2009)” So one solution is to obtain strong encryption.

10. Some websites across the net contain code that is malicious. Malicious code is “Programming code that is capable of causing harm to availability, integrity of code or data, or confidentiality in a computer system… (Answers.com [12], 2009)” AVG report that “300,000 infected sites appear per day (PC Advisor [13], 2009)” Solution: Using a security suite, such as AVG, can detect infected sites and try to prevent the user from entering the site.

11. Password attacks are attacks by hackers that are able to determine passwords or find passwords to different protected electronic areas. Many systems on a network are password protected and hence it would be easy for a hacker to hack into the systems and steal data. This may be the easiest way to obtain private information because you are able to get software online that obtains the password for you. Solution: At present there is no software that prevents password attacks.

12. Hardware loss and residual data fragments are a growing worry for companies, governments etc. An example this is if a number of laptops get stolen from a bank that have client details on them, this would enable the thief’s to get personal information from clients and maybe steal the clients identities. This is a growing concern and as of present the only solution is to keep data and hardware under strict surveillance.

13. Shared computers are always a threat. Shared computers involve sharing a computer with one or more people. The following are a series of tips to follow when sharing computers: “Do not check the “Remember my ID on this computer” box … Never leave a computer unattended while signed-in … Always sign out completely … Clear the browsers cache … Keep an eye out for “shoulder surfers” … Avoid confidential transactions … Be wary of spyware … Never save passwords … Change your password often (security.yahoo.com [14], 2009)”

14. “ A zombie computer, or “drone” is a computer that has been secretly compromised by hacking tools which allow a third party to control the computer and its resources remotely. (WiseGeek.com [15], 2009)” A hacker could hack into a computer and control the computer and obtain data. Solution: Antivirus software can help prevent zombie computers.

15. A botnet “is a number of Internet computers that, although their owners are unaware of it, have been set up to forward transmissions (including spam or viruses) to other computers on the internet. (SearchSecurity.com [16], 2004)”. This is a major security threat on a network because the network, unknown to anyone, could be acting as a hub that forwards malicious files etc to other computers. Solution: Network Intrusion Prevention (NIP) systems can help prevent botnets (Source: SearchSecurity.com [17], 2009).

16. Network Security is a very broad field and being a Network Security manager is not an easy job. There are still threats such as password attacks that have no prevention. Many of the threats set out to get personal information.

17. [1] ITSecurity. (2007) Network Security Threats for SMBs. Available at: http://www.itsecurity.com/features/network-security-threats-011707/ (Accessed: 11 th February 2009). [2] ITSecurity. (2007) Network Security Threats for SMBs. Available at: http://www.itsecurity.com/features/network-security-threats-011707/ (Accessed: 11 th February 2009). [3] Webopedia. (2007) Virus. Available at: http://www.webopedia.com/TERM/v/virus.html (Accessed: 11 th February 2009). [4] Trend Micro. (2008) Network viruses . Available at: http://us.trendmicro.com/us/threats/enterprise/glossary/n/network-viruses/index.php (Accessed: 11 th February 2009). [5] TechFAQ. (2008) What is a Computer Worm? Available at: http://www.tech-faq.com/computer-worm-virus.shtml (Accessed: 11 th February 2009). [6] Search Security. (2004) Trojan horse. Available at: http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci213221,00.html (Accessed: 11 th February 2009).

18. [7] Symantec. (2007) Trojan Horse. Available at: http://www.symantec.com/security_response/writeup.jsp?docid=2004-021914-2822-99 (Accessed: 11 th February 2009). [8] Spam.abuse.net (2009) What is spam? Available at: http://spam.abuse.net/overview/whatisspam.shtml (Accessed: 11 th February 2009). [9] Search Security. (2003) phishing. Available at: http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci916037,00.html (Accessed: 11 th February 2009). [10] Wise Geek. (2009) What is a Packet Sniffer? Available at: http://www.wisegeek.com/what-is-a-packet-sniffer.htm (Accessed: 11 th February 2009). [11] Wise Geek. (2009) What is a Packet Sniffer? Available at: http://www.wisegeek.com/what-is-a-packet-sniffer.htm (Accessed: 11 th February 2009). [12] Answers.com (2009) malicious code. Available at: http://www.answers.com/topic/malicious-code (Accessed: 11 th February 2009).

19. [13]PC Advisor. (2009) Websites hosting malicious code on the up. Available at: http://www.pcadvisor.co.uk/news/index.cfm?newsid=110102 (Accessed: 11 th February 2009). [14] Yahoo Security Center. (2009) Using shared computers. Available at: http://security.yahoo.com/article.html?aid=2006102604 (Accessed: 11 th February 2009). [15] Wise Geek. (2009) What is a Zombie Computer? Available at: http://www.wisegeek.com/what-is-a-zombie-computer.htm (Accessed: 11 th February 2009). [16] Search Security. (2004) botnet. Available at: http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci1030284,00.html (Accessed: 11 th February 2009). [17] Search Security. (2009) Network Intrusion Prevention (IPS) . Available at: http://searchsecurity.techtarget.com/topics/0,295493,sid14_tax299840,00.html (Accessed: 11 th February 2009).