Understanding IT Security Threats: Internal And External Attacks

Information Leakage

INTERNAL ATTACKS

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

Some study carried out by the US Cert (Computer Emergency Response Team) suugested that about 40% of the Security threats of IT are instigated by the employees of a company.  The attacks of the criminals are most likely to be carried out from within the company: a study carried out recently indicated that 90% of the crimes that are criminal performed on computers were done by the employees of the company they worked for. Either, some carried out the attacks since they wanted to revenge for being fired or due to persinal grudges or just lack of satisfaction in terms of the payments. Businesses that are coming up or just small businesses are most likely to be attacked by the security breaches of IT since they may not be able to afford systems of detection of intrusion and monitoring that are sophisticated compared to the enterprises that are already established or large enterprises. The internal attacks comprises of the following;

Information leakage

There are numerous ways through which information can be collected from the network of the computer that you are using and shared with the outsiders of the organization. It can be either through the CD-ROM, USB stick of data, MP3 player or even through the digital cameral. According to Ring (2014), the named devices are significantly highly portable and also the hard drives contain large volumes as an employee can easily walk away with almost 60GB of data using the stick of the USB. Through that, the employees of today may easily collect a good amount of the database of the customer outside and use it for their personal gain. According to Troyansky (2013), one quarter of workers in a certain country who work using PCs in an organization admitted that they usually copy data into their mobile devices for more than once in a week. Additionally, 40% of them also admitted that they also use the sticks of USB in circulating data and one fifth admitted that they have exposed their passwords to outsiders or third parties. Using the data collected from those portable devices and exposure of the credentials of the employees, they are likely to be used by the criminals in performing the attacks on the network of a company, steal the information of the customers and use it for fraud.

It is advisable thatcompanies implement usage of software in specifying policies on the kind of devices which are allowed to be linked with the network of the company and the kind of data that is allowed for downloading. The company ought to enforce that and also educate the workers the reason as to why they are enforcing the policies, otherwise the employees would just find a way of breaking the policies. It is also recommended that, a company ought to consider blocking the access of the email that is web-based and services of data storage like the Gmail since once confidential documents are stored to a storage site that is online,then, the information turns out to be out of the control of human. Finally, networks should be locked to prevent access of wireless thriugh the use of Wi-fi or Bluetooth apart from the users that are authorized with devices that are authorized. (Greenemeier, 2016)

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

Downloading Malicious Internet Content

Downloading malicious internet content

Some study carried out indicate that an average worker of a small or growing business uses almost one hour per day browsing the website for their own use, may be watching or looking at a video or websites that share files, using websites of social media like the facebook or perhaps playing games. Besides costing an individual time, the activity, according to some reports given by analyst indicate that the number of threats of virus and malware is becoming higher with the rate of more than 50% every year and a numerous number of these payloads that are destructive may be brought about to the network by the workers of the companies or businesses. According to Scott (2015), an example rootkit malware may be easily hidden in a clip of video or in a game which the common user may not easily recognize while watching or playing the game. When the malware is introduced on the network, it can the n be used by the criminal to commit crimes.

To avoid or curb this, a company is advised to update and patch the systems of IT constantly to make sure that the systsmes are secure against attacks as they are perpetrated. The companies should not rely on the security downloads that are done monthly or quarterly. This is because, the time between discovery and exploitation of the vulnerabilities shrinks all the time, therefore it is essential that the antivirus and the pacthes should be regularly updated and also use more than one type of the products of antivirus instead of one. Additionally, one ought to consider whether the software of antivirus they are using can monitor, filter or block the content of a video. Only very few antivirus products can filter that, for example, a video showing an individual falling over may offer cover for the purpose of downloading all kinds of contents to a given network. (Hausken, 2009)

Malicious cyberattacks 

A survey carried by Cert has discovered that the perpetrators of the cyberattacks are likely to be the IT staff or the administrators of the systems who have already acquired the priviledges of access of the system. Technically, employees who are proficient may use their access to the system to unlock the back doors and enter into the systems of the computer or just place programs on the networks in order for them to steal information or just cause damage.

Malicious Cyberattacks

In the year 2006, Roger Duronio, an IT programmer was confined since he accepted injecting Unix logic bombs, which is a malware in the network of UBS which is an investment bank (Chaikin, 2006). This resulted to the company suffering the cost of damage which was more than $3m. The reason as to why Durogio resulted to doing that was because the company had offered a bonus that did not quite satisfy him as it was low. After following up the matter through filing complaints, the company did not listen to him and hence he decided to resign from the job. Since he already had access to the network of the systems, he was able to easily use the knowledge to commit fraud by commiting the crime. (Nykodym et al, 2010)

For a company to protect itself against such kind of attacks, the company ought to monitor its employees closely and also take note of employees who are disgruntled since they can decide to abuse the positions they are holding. Additionally, it is advisable that the access of networks and passwords of the employees should be immediately cancelled after leaving the company in order to prevent any chances of them abusing their passwords in accessing the network in days to come.

EXTERNAL ATTACKS

Cyber-criminals are hackers who besides being coders who are brilliant, they also comprehend in detail how people carry out their businesses and will always come up with a way which they will use in hacking systems when they put their minds into it. They use viruses and other methods such as phishing in order to externally gain access to a software, site or a network. A firm ought to have a repertoire of good security in order for it to handle the threats and ways of preventing the risks of external cybersecurity no matter they form they used to penetrate into the network or site. The cybercriminals continue to reside within the network after gaining access of the network for a number of months, without anyone noticing them and in the process they extract information from the network. A number of them go unnoticed and moreso, they go undiscovered until the time the results will start showing. A firm is likely to face a large number of external aatcks compared to the number of internal attacks, therefore it is only advisable that, firms harden their perimeter in order for them to keep the attackers out. These perimeters may be developed in the right manner through the use of the correct type of penetration testing carried out by a firm of cybersecurity that is experinced. The external attacks include the following;

External Attacks

Rogue Software

This is a malware that disguises itself as a software that is legitimate and important software of security that will enhance the security of the system.the designers of this malware develop windows that pop-up and also create alerts which appear to be legitimate. The alerts provide suggestions to the user that they download the software of security, come to an agreement with the terms or proposes to them that in order for their systems to stay protected they ought to update the software they are using currently. Once they agree to that by clicking Yes, they unknowingly download the software that is rogue. After downloading the software, it enters into the system and starts extracting vital information regarding the customer details as well the accounts of the company and then abuses the information in committing crimes for their onw benefit. (Taylor et al, 2014)

In order for the company to protect itself against such kind of attacks, they can apply the slogan that, The Best Defense is a Good Offense, whereby they ought to regularly update their firewall. One needs to ensure that in the office there is a firewall that is already functioning and it is protecting everyone in the firm against these kinds of attacks. Also during the installation of anti-spyware and anti-virus, it would be advisable to ensure that those program software originate from trusted sources and that they have the ability to discover threats like the software that is rogue. (Waxman, 2011)

Man in the Middle (MITM)

This kind of attack occurs whereby an attacker impersonates the endpoints of the exchange of information carried out online, that is, the connection carried out between the a smartphone and a site. Through this, the man in the middle is able to collect data from the client and the entity that they are conversing with. For example, when shopping online and then you try to reach a customer care for some queries, the man in the middle will reach you by impersonating the customer care of your online shop and then communicate with the customer care by impersonation you as the client. Through that, the man in the middle will be able to obtain all the information exchanged between the client and the customer care which may comprise of data that is sensitive like the account of the customer and their credit card numbers and other details. (O’Rourke, 2013)

Rogue Software

The MITM performs this kind of attack through gaining access by use of a wireless point of access that is not encrypted, that is, the network that does not implement measures of security such as the WAP, WPA2, WPA among others. Through that, they can then gain access of all the data that is being exchanged between the parties involved in a transaction.

Man in the middle attack however can be prevented by use of wireless point of access that is encrypted which also uses security of WPA or greater. When connecting to a website, it is advisable to ensure that it is using the connection of HTTPS or to ensure improved security, investing in a VPN should be considered. This is because HTTP applies certificates  which validates the servers’ identity which one is intending to connect to through the use of the third parties like VeriSign. On the other hand, VPNs enable an individual to connect to a webiste through the private networks that are virtual. (Hovav and D’Arcy, 2013)

Denial-of-Service (DoS) Attacks

This kind of attack concentrates on disruption of service to a network. The criminals send large volumes of traffic or data through the use of the network, that is, creating numerous numbers of requests of connection, until they are able to overload the network which results to the network becoming non-fucntional. There are a number of ways through which the criminal can achieve the DoS attackers though the commnly used method is the DDoS (Distributed-Denial-of-Service) attack. This is whereby an attacker uses several computers to send data or traffic which would be used to overload a system. In most of the cases, an individual may not even recognize that the computers they are using have been hijacked and that they are a part of the reason as to why the DDoS attack is happening.

DoS can be prevented by ensuring that the system is secure by regularly updating software, online monitoring of security and also monitoring the flow of data in order to discover any suspicious or spikes that are threatening in traffic before they result into an issue. Another way of preventing DoS attacks is through cutting of a cable or disconnecting the plug which connects the server of the webiste to the internet. Another recommendation is due dilligence in monitoring physically the connections. (Fung and Evans, 2011)

Conclusion:

Like any other kind of criminal activity, its better to be vigilant as a key method of preventing any kind of security attack on the networks of frims. The rate at which threats are occuring to businesses and people is increasing and continually growing as the number of transactions migrating to the online platform increase and the criminals who commit crimes of cyber attacks tend to become more sophisticated. In order fro individuals to prepare themselves and their businesses against these attacks, they ought to take their time for them to secure their systems and prioritize cyber security. Other ways of remaining vigilant against crimes of cyber attacks suggets that an individual ought to begin at home.

Man in the Middle (MITM)

Lelong.my is an e-commerce online market located in Malaysia. It provides customers with the experience of shopping online that besides supporting transactions of customer to customer, it also supports relationships of business to business. Lelong.my also provides several categories of products which customers can choose when buying products such as watches, electronics, books, cameras among others from a several stores that sell online and sellers in Malaysia. This is carried out in a safe and convenient environment. The market is always working throughout and is open to everyone. Lelong.my also offers sellers a platform whereby they are able to own a store that is personalized using a cost that is low. They also offer lessons to sellers on becoming successful in selling online. Customer care team of support is also provided in case of any enquiries.

Lelong.my has implemented principles of compliance and personal data protection which is according to the PDA (Personal Data Protection Act 2010) which is meant to protect the personal information of the customer. SSL Certificates are also employed to provide strong encryption on the customer data which makes it secure as it becomes difficult for the attackers to penetrate though it. Firewalls are also another aspect that ought to be considered on the network of the Lmall. They offer protection to the network against any kind of threats and malware that is advanced, malicious traffic of the internet and viruses. They continuously scan the activities of the server and they are also designed in a manner that they are able to adapt to the threats introduced through intrusion prevention that is based on signature without causing the traffic to slow down.

References:

Chaikin, D. (2006). Network investigations of cyberattacks: the limits of digital evidence.

Crime, law and social change, 46(4-5), 239-256.

Fung, D. Y., & Evans, S. C. (2011). U.S. Patent No. 7,865,414. Washington, DC: U.S. Patent

and Trademark Office.

Greenemeier, L. (2016). Insider Threats. INFORMATION WEEK-MANHASSET-, 1118, 25.

Hausken, K. (2009). Information sharing among firms and cyber attacks. Journal of   Accounting and Public Policy, 26(6), 639-688.

Hovav, A., & D’Arcy, J. (2013). The impact of denial?of?service attack announcements on the

market value of firms. Risk Management and Insurance Review, 6(2), 97-121.

Nykodym, N., Kahle?Piasecki, L., & Marsillac, E. L. (2010). The managers guide to

understanding, detecting, and thwarting computer crime: An international performance issue. Performance Improvement, 49(5), 42-47.

O’Rourke, M. (2013). Cyberattacks prompt response to security threat. Risk Management,

50(1), 8.

Ring, T. (2014). Threat intelligence: why people don’t share. Computer Fraud & Security,

2014(3), 5-9.

Scott, D. M. (2015). The new rules of marketing and PR: How to use social media, online video, mobile applications, blogs, news releases, and viral marketing to reach buyers directly. John Wiley & Sons.

Taylor, R. W., Fritsch, E. J., & Liederbach, J. (2014). Digital crime and digital terrorism.

Prentice Hall Press.

Troyansky, L. (2013). U.S. Patent No. 8,407,784. Washington, DC: U.S. Patent and Trademark Office.

Waxman, M. C. (2011). Cyber-attacks and the use of force: Back to the future of article 2 (4).

Yale J. Int’l L., 36, 421.