...Chapter 4 Threats and Attacks to a Computer Network Research shows that “threats to the computers and networks have been an issue since computers began to be used widely by the general public. Nowadays, any computer or network that is connected to the Internet is at risk” (http://infopeople.org/resources/security/basics/threats_vulnerabilities.html, 2008) There are unlimited different types of threats exists in computer networking field but in this report mainly six different common but important threats were discussed. 4. 1 Spoofing Spoofing is a technique used to hide identity of traffic originator or assume identity of trusted entity or fooling a computer into believing which actually you are not. The most common spoof is email where a hacker pretend to be a different internet address from the one you have just to gain his/her credit card no, passwords, personal information or to theft any identity. Spoofing normally involves sending many packets/messages pretending to be a real legitimate person and spoofed IPs are very hard to back track. There are many different types of spoofing, such as ▪ IP addresses, MAC addresses changing attacks ▪ Link alteration ▪ DNS server spoofing attack ▪ Content theft ▪ E-mail address changing attack 4.2 How Penetration Attack Works? Penetration attack is basically to an attempt to break the security features of a system in order to understand the system or system design and implementation. The main purpose of penetration...
Words: 934 - Pages: 4
...Individual: Network Based Threat Research There are so many people who are connected to network and with the passing time, the amount of people connected through network is increasing even more. As the network connectivity is increasing, the threats to security are also increasing. Network security and network-based threats are the most significant vulnerabilities that need to be maintained as it involves information, which is transferred between computers. There are several pieces of information, which is case sensitive and is vulnerable to outside attack. The network security is also exposed to hackers attack and is subject to various malicious threats that can endanger the sensitivity of information and pose a threat to network. The various network-based threats are pumped into the network all over the world and are a significant matter for consideration at the moment (Godbole, 2008). Network based threats There are various network-based threats some of which are explained below: * Viruses and Worms: Virus is a coded program or coded information that is transmitted or loaded into the computer unintentionally and run on the system. It exploits the system without the knowledge and wish of the system owner and can create huge damage and harm to the computer. Freezing or hanging of computer after opening a mail or coded information is an example of virus attack through network. The downloading of virus onto the computer system will affect the entire computer network because...
Words: 789 - Pages: 4
...being unmatched technologically in the battlefields, the low-cost, simple, complex and expensive asymmetric threats have proved to be significantly dangerous to the security of any country. While cyber-attacks are increasingly driven by automated processes, human beings still operate at human speeds. Today, cybercrime has developed and adversaries have gained sponsorship from governments, international organizations or individuals for their selfish interests. The most recent development in cyber-attacks are the advanced persistent threats. According to Vert, Gonen and Brown (2014), these kinds of attacks are known of being sophisticated and slow moving over a long period of time. Advanced persistent threats are computer network attacks in which unauthorized individuals gain access to network systems or its resources and continues to use the resources without detection for a long period of time. By definition, advanced persistent threats are highly sophisticated networked entity, typical of organized groups of attackers, which conduct hostile cyber-attacks against a computer system. As described in the scenario, the western interconnection power grid faces such a challenge. Adversaries intend to use malwares to gain access to the network system at the power grid. A. Analysis of the problem and Safeguards against the problem The lifecycle of an advanced persistent threat follows a six step process as shown in the diagram that follows. The first phase, the information collect,...
Words: 1247 - Pages: 5
...Abstract Now that personal computers are pretty much a must have in every household, school, or business cyber-criminals have moved from just being a hacker for fun into an estimated multi-million dollar world of computer crimes. New revenue streams have been realized and viruses in choice Computer crimes encompass unauthorized or illegal activities perpetrated via computer as well as the theft of computers and other technological hardware. As firms of all sizes, industrial orientation, and geographic location increasingly rely on computers to operate, concerns about computer crime have also risen, in part because the practice appears to be thriving despite the concerted efforts of both the law enforcement and business communities to stop it. But computer experts and business consultants alike note that both international corporations and modest family-owned businesses can do a great deal to neutralize computer "viruses" and other manifestations of computer crime. “http://rahimimohammad.blogspot.com/p/law-for-computer-crimesand-economic.html” Many analysts believe, however, that small business owners are less likely to take steps to address the threat of computer crime than are larger firms. Indeed, many small businesses admit that they are passive about the threat because of costs associated with implementing safeguards and the perception that computer "hackers" and other threats are far more likely to pick on bigger companies. But as Tim McCollum flatly stated in Nation's Business...
Words: 4313 - Pages: 18
...Integrative Network Design NTC 362 Integrative Network Design This project will consist of five different phases totaling a timeline of six months. The first month will be the planning phase. This phase will have a deadline no longer than 30 days. After the first 30 days, the second phase will take into effect, which is the installation phase. This phase will also have a timeline of no more than 30 days. The Third Phase will be the longest phase of a timeline of 60 days. The third phase will be the testing phase. The testing phase is important because this is the troubleshooting phase. Troubleshooting is important to ensuring the new system is running up to optimal standards. The fourth phase will have a deadline of 30 days. The fourth phase is the Training Phase, and our trainers only need a month to convert the needed employees to the new system. The Fifth and Final Stage is our Final Evaluation/Lessons Learned Stage. At this point, the system is at full running operation, and for the last month the system will be ready for a full evaluation. Riordan Manufacturing is a fast growing business, and has grown into a large fortune 1000 company. As they grew into this large company they have been encountering problems with lost or misplaced material. As of now Riordan’s material is manually tracked by paper and pen by employees then entered into a database by an inventory clerk at the end of the day. This is causing them to misplace customer packages resulting in unhappy...
Words: 2910 - Pages: 12
...Integrative Network Design Project Part 3 NTC/362 September 23, 2013 Integrative Network Design Project Part 3 Identify hardware and software needed to secure your choice of network against all electronic threats. Networking hardware is hardware that is used to help work stations connect to a server. What will be used on the wireless network will be the WPA2 encryption standard, Special hardware will be implemented when using WPA2 to work properly. The hardware that will be chosen would be routers, and switches. By using both along with firewall protection it will help protect not only the network but those networks that use Ethernet cabling. Each desktop will run Norton Anti-Virus. Norton will run the update programs automatically whenever there is an update to be made. This software along with the firewall will keep Kudler’s Fine Foods network safe and secure. Security Concerns Security should be the top priority for the network within an organization, and for the growth of the business. One of the concerns would be the mobile devices on the network. Smartphones and IPhone are effectively small computers and face many of those same threats that personal computers or laptops risk for those organizations. One thing that Kudler’s Fine Foods should install would be Norton Mobile Security. This offers an advance antitheft feature that will let you remotely lock your phone if it is lost or stolen, remotely erase sensitive information, block fraudulent websites designed...
Words: 885 - Pages: 4
...Identifying Potential Malicious Attacks, Threats and Vulnerabilities Networking Security Fundamentals – CIS 333 April 29, 2012 Identifying Potential Malicious Attacks, Threats and Vulnerabilities There are a myriad of potential threats and vulnerabilities that leave a system open to malicious attack, anytime you have a computer network that connects to the internet there is a potential for malicious attack so it is important that you know the vulnerabilities of a system to protect it from potential threats and malicious attacks. “A vulnerability is any weakness in a system that makes it possible for a threat to cause harm.” (Kim & Solomon, 2012, p. 96). There are several common vulnerabilities that exist within the seven domains of an IT infrastructure for example there is the lack of awareness or concern for security policy vulnerability in the User Domain as well as intentional malicious activity ( Kim & Solomon, 2012). Within the Workstation Domain there exists unauthorized user access, weakness in installed software, and malicious software introduced vulnerabilities, unauthorized network access, transmitting private data unencrypted, spreading malicious software, exposure and unauthorized access of internal resources to the public, introduction of malicious software, loss of productivity due to internet access, denial of service attacks, brute-force attacks on access and private data are all examples of vulnerabilities within the seven domains of IT infrastructure...
Words: 587 - Pages: 3
...architecture and security in an organisation. This report found that the major security threats within an organisation’s ICT are; Cracking into an organisation’s wireless intranet in search for vital corporate information; Former employees accessing wireless intranets and extranets without authorization; Information sent via an extranet could be intercepted in its transit; Viruses and Trojans accidentally downloaded by employees and been spread around the LAN. Solutions to these threats are; WiFi protected access (WPA) password and hide the network; ICTs should be protected with a login screen for the users; To secure an extranet, organisations should use a virtual private network (VPN); Any organisation should provide basic training in how to detect viruses and Trojans. This is a proactive way to prevent an infection in a whole organisation’s LAN. This report also found that the major legal and ethical issues within an organisation’s ICT are; Employee monitored by computer technology and in the building; Privacy on e-mail stored on an organisation’s computer; Illegal and offensive use of an organisation’s computer. Solutions to these issues are; the organisations have to inform their employees about the monitoring and the non-privacy on their work e-mail. The organisations are legally allowed to monitor and read the employees e-mails. To overcome illegal and offensive activities on a organisation’s computer, the organisation has to; install and activate a ‘Rated R-filter’ in the...
Words: 2419 - Pages: 10
...invested vast amount of money in computer networks, only to find out that although it is providing means of improving the efficiency and productivity of the organization but it also exposes the Organization to possible attacks and threats. Such attacks have been the most challenging issue for most network administrators and a worrying topic for administrators. Organizations need to share services resources and information but they still need to protect these from people who should not have access to them, while at the same time making those resources available to authorized users. Effective security achieves these goals. The greatest threat to computer systems and their information comes from humans, through actions that are either malicious or ignorant. When the action is malicious, some motivation or goal is generally behind the attack. For instance, the goal could be to disrupt normal business operations, thereby denying data availability and production. April 13, 2000, 3:55 P.M. Pacific time: The Web site for the Motion Pictures Association of America (MPAA) is suffering intermittent outages, and the organization suspects computer vandals are to blame. A source inside the organization, who asked not to be identified, said that the MPAA is currently “experiencing problems with their public Web site, and they suspect a denial-of-service attack.” The attack was first rumored on http://www.hackernews.com/, a Web site for news on computer hacking. Most of the attacks...
Words: 5140 - Pages: 21
...Cyber Security Student: Maurice Jones Class ISSC461: IT Security: Countermeasures Instructor: Professor Christopher Weppler Date: 2 August 2013 Introduction “In a future conflict, an adversary unable to match our military supremacy on the battlefield might seek to exploit our computer vulnerabilities here at home (President Barack Obama, 2012).” Technology has changed the total lifestyle of people around the world. Here in the United Stated, society’s daily lives revolve around social interaction, economic stability, job security and information dominance. Information Dominance is “the degree of information superiority that allows the possessor to use information systems and capabilities to achieve an operational advantage in a conflict or to control the situation in operations other than war while denying those capabilities to the adversary (US Cyber Command, 2012).” Corporations as well as many of the world’s governments have risen and fallen due to their degree of Information Dominance and Information Security. Cyber-attacks have increased exponentially within the last 10 years. Battlefield lines that were once drawn in the sand no longer exist. Cyber-attacks can occur from any location in the world and at any time. A Cyber-terrorist has the ability to use current communication infrastructure to launch an attack that could cripple a nation. In 2012, Defense Secretary, Leon Panetta spoke at the Business Executives for National Security (BENS) summit....
Words: 3217 - Pages: 13
...Abstract— Computer viruses are widely recognized as a significant computer threat. The “birth rate” of new viruses is high and increasing due to global connectivity, and technology improvements can accelerate their spread. In response to this threat, some contemporary research efforts are aimed at creating computer virus immune systems. This paper analyses the computer viruses and attacks and also some countermeasures to prevent them. In particular, we discuss Intrusion Detection and Prevention techniques for handling web based attacks and to patch up different kinds of vulnerabilities in computer system. I. INTRODUCTION Web based system makes the next way of computing. Global prosperity and even faster pace of business are driving the desire for employees, partners and customers to able to communicate from different location in this world. With this phenomenal growth of computing devices, the threat of viruses is likewise growing. New platforms such as MAC OS of Apple and Microsoft Windows are highly attractive targets to virus and Trojan writers. As technology in the world of networking industries advances, virus writers have plenty of room for growth. Worse thing is security measures such as firewalls and virus scanners i.e. antivirus softwares are not widely used. The future may be even worse. With distributed programming platforms such as .NET, combine with Microsoft’s Windows platform the potential for viruses is even greater. II. OVERVIEW OF THREATS AND POTENTIAL...
Words: 4071 - Pages: 17
...Malicious Attacks and Threats Malicious Attacks and Threats As the lead Information Systems Security Engineer it is my job to ensure that the ongoing threat of malicious attacks and vulnerabilities to the organizations computer network are kept to a minimum so that highly sensitive data will continue to remain protected. However, recent reports from the CIO suggest that there has been a small amount of malicious activity reported on the network. The CIO is requesting I look into the current network infrastructure and make necessary changes to the network so that the system remains free from the threat and vulnerability of future malicious activity that would impact the organizations network. Attacks on computer systems and networks occur by the billions every year and are on a dramatic increase. Many organizations have invested vast amounts of money in computer networks, only to find out that although it is providing means of improving the efficiency and productivity of the organization it also exposes the organization to possible malicious attacks and threats. Such attacks have been the most challenging issue for a majority of Information System Security Engineers where they utilize the necessary resources to protect the network from these vulnerabilities. The greatest overall threat to computer systems and their information comes from humans, through actions that are either malicious or ignorant. When the action is malicious, some motivation or goal...
Words: 1172 - Pages: 5
...Case Study: Network Security Computer networks of every company have the potential to be exposed to dangers that have the potential to do great harm. Individuals could gain access to Windows and Unix/Linux servers to exploit the company’s vulnerabilities. Computer networks are not only vulnerable to outsiders, but employees also have the opportunity to compromise the system. An unprotected network would open the door for malicious activity that could damage the company’s system, compromise company and customer information, and cost a great amount of precious time and money. A breach in the network could have a negative impact on finances, privacy, and information. Securing the Windows and Unix/Linux servers within a company from shortcomings and vulnerabilities to potential threats by both outsiders and insiders is an absolute necessity. This is achieved by using technical measures and enforcing security policies. One reason it is important to secure the servers is potential of the insider threat. With 1,500 employees, the chance of an attack from the inside is elevated. The threat could come in the form of a disgruntled employee, by someone looking for gain, or by someone who unknowingly compromises the system. Conklin and White (2010) stated the following: One of the hardest threats that security professionals will have to address is that of the insider. Since employees already have access to the organization and its assets, additional mechanisms need to be in place to detect...
Words: 647 - Pages: 3
...Computer security and Network Security is the means by which business and governments are protecting against computer intrusions and attack to prevent loss of data, information and provided services. Everything is now on computers, peoples whole lives are documented on computers. Big business and the government rely on technologies that use computers, whether it is used for storage, a medium between the customers and themselves or actual work. With all this information and data being stored, transferred and used it needs to be secured. A bank is open to the public; you would not have this bank unsecured would you? There would be security guards, cameras, and a vault. The same mentality to secure your data should be implied if you have a network that is connected to the Internet. You should have software, hardware, and/or personnel monitoring your networks operations and security. All computers and systems that connect to the internet or networks run off software of some type. People called hackers or crackers, manipulate programs, create worms, and viruses to make systems do thing there not supposed to, access places they aren’t allowed, and shutdown or hinder a system from working properly (Dasgupta). Then there are attacks, phishing attacks which come in the form of email that try to lead you to fraudulent sites, Denial-of-service attacks overload servers causing no one to get on or shuts them down. Then there are SQL injection attacks which are used in security vulnerable...
Words: 1949 - Pages: 8
...invested vast amount of money in computer networks, only to find out that although it is providing means of improving the efficiency and productivity of the organization but it also exposes the Organization to possible attacks and threats. Such attacks have been the most challenging issue for most network administrators and a worrying topic for administrators. Organizations need to share services resources and information but they still need to protect these from people who should not have access to them, while at the same time making those resources available to authorized users. Effective security achieves these goals. The greatest threat to computer systems and their information comes from humans, through actions that are either malicious or ignorant. When the action is malicious, some motivation or goal is generally behind the attack. For instance, the goal could be to disrupt normal business operations, thereby denying data availability and production. April 13, 2000, 3:55 P.M. Pacific time: The Web site for the Motion Pictures Association of America (MPAA) is suffering intermittent outages, and the organization suspects computer vandals are to blame. A source inside the organization, who asked not to be identified, said that the MPAA is currently “experiencing problems with their public Web site, and they suspect a denial-of-service attack.” The attack was first rumored on http://www.hackernews.com/, a Web site for news on computer hacking. Most of the attacks...
Words: 5140 - Pages: 21
