Table of contents
1) Forms of attacks presented in the “IT Security”
2) The IT security Attacks
3) Classifying Threats
4) IT security awareness
a) Acts of human error of failure
b) Deliberate acts of sabotage or vandalism
c) Deliberate acts of theft
d) Deliberate software attacks
e) Forces of nature
f) Technical hardware failure
g) Technical software failure
1) Forms of attacks presented in the “IT Security”
There are different forms of attacks in the “IT Security”. A network attack can be referred as any method; procedure or rather means that is used to cruelly crack down the network security. Individuals may want to attack public networks for various reasons. Person(s) that attempt to compromise with the network or rather attack the IT industry are referred as the network attackers, hackers or simply the crackers. The following lists give some of the few activities that the IT attackers may perform. There are mainly two forms of attacks in the IT industry:
Internal threats
External threats – Unstructured
- Structured threats
2) The IT security Attacks
Threats toward the IT
security can emanate from various sources, and this is the reason why the IT attacks are categorized as either external or the internal attacks/threats. External attacks happens when hackers execute an attack or rather an external threat without merely involving the employees from within an industry. The attack is very multifaceted thus it has to be carried out by experienced personnel. The person must be very proficient in IT. The attacker does not just carry out the attack aimlessly; rather he/she has a predetermined purpose or goal that they want to attain. The major feature of external attack is that it incorporates both scanning and collecting of information. As a result, users are capable identifying an external attack by inspecting the present firewall logs. An intrusion Detection system is the only gadget that can help in swift identification of the external attacks. External attacks can be expounded to include both the structured and or the unstructured attacks. The structured attacks emanates from an ill-mannered individual, a group of ill-mannered individuals or even an organization. On the other hand, unstructured external threats emanates from an individual who an attacker that has no experience on what entails IT attacks. The individual is not very inexperienced as such, but rather he/ she use the cracking tools from the internet in order to initiate an attack. Most of them must ask for some help from others that have an experience. They carry out the attack without any profound aim, as they just want to seek out for fame. Additionally, external attack can further be classified as either remotely or locally. Remote attacks are attacks that mostly target the services that an industry provides to the society. This is also further divided into various forms, for example, remote attacks for the services offered to the internal users among others.
The second form of attack to the IT security is the internal threat or attack. This form of attack is mostly executed by the internal employees. They may attack the industry simply because if they r not contented with the services offered by the industry or just for their own malicious benefit. Internal attack is regarded as the hardest attack to shy away from or either prevent. Mostly, the attack is very prevalent since the internal employees have an access to most of the systems and have an ample time carrying out the process without being noticed. As a result of the attacks which have greatly affected the IT security, network securities have been put in place to prevent and curb some of the threats. In this case, the IT security has introduced the following. In preventing the prevalence of the internal attacks, some suggestions are offered in the IT security. The below are some of the security measures that may help preserve the welfare of an IT industry from malicious people. An access should only be provided to the concerned parties and the access should only be to what a person needs to access.
Crucial accounts should be restricted to few persons
One should log out accounts when not using them.
Change passwords regularly
3) Classifying Threats
a. Virus attack - Internal attack
b. Spam mail - Internal attack and external
c. Port scanning - Internal attack
d. System compromise - Internal attack
e. Website defacement - Internal attack
4) IT security awareness
Every single successful business must ensure that they are able to store data properly and at the same time be able to prevent the loss of data. Data can be lost in a lot of ways which and this may tarnish the company’s image because existing customers are not handled properly. As a result in IT Security awareness is an important aspect in every organization because it can affect the general company ultimate profit margin. Many firms would like to have a secure and convenient IT environment but this does not happen because it comes into conflict with other pressing priorities. If securities issues are not tackled, soon or later the consequences will be more detrimental.
a) Acts of human error of failure
The number one vulnerability in many systems is passwords because it is not easy to have a secure system where one is required to choose a password. Systems administrators are a security problem because of the amount of responsibility they have. The systems administrator has full access to sensitive information and can plan to sabotage the company by leaking information which in many cases will affect the stability of the company. Consequently, employees can pose a threat when they make use of unsecured wireless networks because any one can modify the network traffic.
b) Deliberate acts of sabotage or vandalism
Social engineering attracts often happen when attackers take advantage on the weaknesses in the human nature rather than the flaws within the technology. A perfect example includes phishing attacks which tend to target a subset of society and it is normally opportunistic. They tend to look very familiar to the end user but can end up revealing very sensitive information that can be used against the user. Such information may include the retrieval of pin codes; passwords and credit card numbers.
Many of the organizations tend to make use of servers for emails, file sharing and customer relationship management. For this reason they are prone to attacks and the fact they have sensitive information would be detrimental to them.
c) Deliberate acts of theft
Internet attacks are not the only source of attacks for example laptops and mobile phones contain crucial information is more likely to get lost or be stolen. This is not the only threat that organizations face. For instance theft can occur when there are unprotected endpoints. Another key point, the use of DVD drives and USB ports because they can be used to transfer or leak crucial information out of the organization. This is a major threat for the organization because the information may get into the wrong hands. There is the need to make sure that all the open points and servers are secure so as to prevent spoofing.
d) Deliberate software attacks
Most of the business requires internet connections to operate and they need this in order to run their organization. At any given point the organizations have been attacked by computer viruses. This has generally slowed the rate of production because the machines are slowed down. At times a whole organization that entirely depends on computers will have to shut down the work place if the infection is severe. It is important to realize, that Malware is a term that includes any kind of malicious software for example viruses, Trojans and worms. The main reasons as to why computers are attacked by viruses include the installation of pirated executable files and receiving of emails that have viruses. Viruses do not have to be installed manually because some of the basic software’s are vulnerably like Firefox, Internet Explorer and Adobe Acrobat Reader. Malware writers tend to explore this weakness so as to transmit viruses to computers. For instance, Google issued an alert in 2007 stating that 450,000 could install malware without the user’s consent.
e) Forces of nature
Natural disasters such as fires can be a detrimental to the organization because there will be a major loss of valuable data. Therefore, by backing up information will be beneficial when disasters occur because a well managed backup system will get the business back up running within not time;
f) Technical hardware failure
Some organizations tend to have single points of failure in an attempt to minimize costs. Having a single point of failure in any given organization can be detrimental to the company. Therefore, an organization should ensure that they have addressed their single point of failure despite it being costly. Thus, they must be well prepared for any incident and have policies that prevent future occurrences.
g) Technical software failure
Offering protection to the organization is the utmost goal but at times it is a race between the anti-virus and virus. Usually, the malware is capable of disabling the anti-virus and hence the need to install in the computer first. When the anti-virus is disabled the computer is open to a lot of risks.
Bibliography
Common Criteria for Information Technology Security Evaluation (CC), Version 2.2, (Version
2.1, August 1999, with interpretations through December 2003 applied). Retrieved from:
http://www.commoncriteriaportal.org/public/consumer/index.php?menu=2
Federal Information Processing Standard 199, Standards for Security Categorization of Federal
Information and Information Systems, FIPS-199, February 2004. Retrieved from:
http://csrc.nist.gov/publications/fips/fips199/FIPS-PUB-199-final.pdf
Information Assurance Technical Framework (IATF), Release 3.0, October 2000.
http://www.iatf.net/, member-only area, site registration at: https://www.iatf.net/register/
Management of Federal Information Resources, Circular A-130, Office of Management and
Budget (OMB). Retrieved from:
http://www.whitehouse.gov/omb/circulars/a130/a130trans4.html
