A malicious threat is a potential cause of incidents that may cause harm to the organization; it is made up of the initial events that can cause harm to the information system. Malicious attacks, on the other hand, are actions with the objective of harming a target system. These are actions that are motivated and premeditated by the executor. Given that many businesses are going e-business direction, the level of security threats increases. The organization has a network that needs to be secured. The current network design faces a challenge as the business, and internet application demands grow. This paper presents malicious attacks, threats and vulnerability analysis from a perspective of an information security engineer.
The process of risk analysis is to identify the loopholes in the information security system. The most crucial thing for a security engineer of the game company to do is to account for information components and all infrastructures. The objective of risk analysis is to identify the components of a network, evaluate the importance of each component and then apply an appropriate level of security (Heberlein et. al., 1990). The game company should have an evaluation of each component on the network in order to apply an appropriate level of security.
The most crucial concept to understand in security analysis is the need to protect the company assets. There are two types of network design, open and close network. It is easier to secure a closed network because the numbers of possible attacks are reduced. It is easy to manage and control threats and vulnerability. The main security threat in a closed network is instant messaging. This can be used to transfer files or malicious codes within an organization. Open network has many challenges because there are an unlimited number of attacks. Internal attackers can also get access into the system by chatting with others within the network and phish password.
Identification of network security risks and Vulnerabilities
Vulnerability is the weakness that is inherent in every network and device. Vulnerability can be a weakness in the routers, switches, host computers or the work stations. They are the ‘soft spots’ that can be exploited by people with malicious intention.
There are three primary types of vulnerabilities or weaknesses
- Technology weaknesses
- Configuration weaknesses
- Security policy weaknesses
Technological weaknesses
Network and computer technologies have security weaknesses. The weakness may result from the TCP/IP protocol weaknesses, operating system weaknesses, and network equipment weaknesses. There are some weaknesses also in the operating system. All operating systems such as UNIX, Linux, Macintosh, Windows have security problems, which should be addressed (Brinkley and Schell, 1995). TCP/IP protocol weakness HTTP, FTP, and ICMP are intrinsically insecure. Simple Network Management Protocol (SNMP), Simple Mail Transfer Protocol (SMTP), and SYN floods are related to the essentially insecure structure upon which TCP was designed (Stallings, 1995). Network equipment weakness is a vulnerability that is exhibited through the network components such as routers, firewalls and switches. The security weaknesses of this equipment include password protection, lack of authentication, routing protocols and firewall holes.
Configuration weaknesses
It is essential for network administrators to understand what the configurations vulnerable in a computer network are. This will help them correctly configure the systems and the components correctly. Below are some of the weaknesses that come can be exploited by malicious people if the network is not well configured (Stallings, 1995).
Unsecured user accounts can be transmitted across the network in an insecure manner resulting in exposure of the s and passwords to intruders. System accounts with easily guessed passwords are also weaknesses in a network setup. There are systems that users are allowed to configure accounts with weak passwords (Farahmand, et. al., 2003). . Such poorly selected and easily guessed user passwords present a security challenge.
Security policy weaknesses
The impact of security policy weakness is very large because it creates unforeseen security threats. If the network users do not follow security policies, then the network is extremely insecure. We are going to look at some of the security policy weakness and how they are exploited.
Logical access controls not applied is another security policy weakness. If there are inadequate monitoring and auditing facilitates attacks and unauthorized use of organizational resources (Heberlein et. al., 1990). There must be an audit on the use of company resources by the employees, lack of audit reports makes it hard to enforce IT security policies
Control measure for risk ad vulnerabilities
Technological weakness can be handled by updating the technology frequently in order to overcome the challenges.
The lack of documented security policy is an extremely serious weakness that cannot be overlooked. If the policies are not documented then they cannot be enforced consistently. It also gives loopholes to intruders who may exploit this weakness and defend themselves that there are no written security policies they should adhere (Stallings, 1995). Politics is another security policy weaknesses in a network setup. It can be exceedingly difficult to implement a sound security policy just because of political battles and turf wars. . Lack of disaster recovery plans, this is a state that causes panic, confusion and chaos in the event that the network is attacked. It is a security policy weakness which can be exploited to get more access to the system at the time when people are in panic and confusion.
Having documentation and disaster plans should be put in place so that the organization can the above vulnerability.
Types of malicious threats
Physical threats these are threats that are aimed at destroying the physical information components.
Cyber threats these are the threats to make the communication devices unable to work by blocking, delaying, corrupting information flow.
Inner threats these are the intentional and unintentional actions executed by the employees. Intentionally damaging information systems and providing fake information knowledge.
Network Security Threats
Unstructured threat is a group of individuals who do not particularly experience with hacking. They just use hacking tools that are easily accessible such as password crackers. Although the main purpose of such threats to the system is for fun or test the level of hacking expertise, they can cause large damages to the network.
Structured threats this is a threat that comes from individuals who are experienced in hacking and are technically competent. They are individuals who can create codes to exploit system weaknesses because they understand them perfectly.
External threats these are individuals or organization working from outside the company poses threats to the organization. Such threats do not have access to the computer system; hence they gain access through the internet server. They can cause a large damage to the company such as loss of data confidentiality and integrity.
Internal threats these are individuals or organizations that have authorization to access the computer systems and the internet.
Control for information threats
The process of securing a computer network of an organization is complex because of the dynamic challenges they face. Computer threats evolve each day and the techniques used to secure the system in a given period may not be valid within a short time. The best way of dealing with the threats and vulnerability is by creating an inventory of all the components that are on the network. This will ensure that the network administrator can configure and monitor their usage. Documenting network security policies is another crucial thing that should be encouraged in the organization (Kaufman, Perlman, & Speciner, 2002).
References
Heberlein, L. T., Dias, G. V., Levitt, K. N., Mukherjee, B., Wood, J., & Wolber, D. (1990, May). A network security monitor. In Research in Security and Privacy, 1990. Proceedings., 1990 IEEE Computer Society Symposium on (pp. 296-304). IEEE.
Kaufman, C., Perlman, R., & Speciner, M. (2002). Network security: private communication in a public world. Prentice Hall Press.
McClure, S., Scambray, J., Kurtz, G., & Kurtz. (2005). Hacking exposed: network security secrets and solutions (p. 340). New York: McGraw-Hill/Osborne.
Stallings, W. (1995). Network and internetwork security: principles and practice. Prentice-Hall, Inc.