After this article you
will be able to do following:
Ø Identify the top threats to computer network:
intrusion, Denial of Service attacks and malware.
Ø Assess the likelihood of an attack on your
personal computer and network.
Ø Define key terms such as cracker, sneaker,
firewall & authentication.
Ø Compare and contrast perimeter and layered
approaches to network security.
Ø Use online resources to secure your network.
INTRODUCTION
It’s hard to find a facet of modern life
that does not involve a computer system on some level. The following are just a
few examples that illustrate this point.
§
Financial
transactions----including online banking. ATMs and debit cards ---- are a
pervasive part of modern commerce system.
§
Some
small and large businessman automatic checkout.
§
You
may be taking this class online or perhaps you registered for it online. You
may have online order this book.
§
There
is even widespread discussion of eventually online voting.
Because so much of our business is
transacted online, a great deal of individual or personal information of any
one is stored in computers. Medical record, tax record, academic record and
more are all stored in database. Whether this level of technology in our daily
lives is to our advantage or not is question that is beyond the scope of this
book. The fact is that our lives are inextricably intertwined with computer
system. This leads to several important questions.
How
is information safeguarded?
What
are the vulnerabilities to these systems?
What
steps are taken to ensure that these systems and data are safe?
|
FYl:
Online Banking |
|
|
A
recent study found that 28% consumer’s access their primary banking
institution by phone, the internet or at branches at least three times in a
week (Online Banking Report). These consumers use online banking to view
statements and checks, pay bills, balance, transfer of money. |
|
Recent news stories do not offer
encouraging answers to these questions. The electronic media often gives a
great deal of attention to dramatic virus attacks, hackers and other
interesting phenomena of Internet. Virus attacks news, often becomes lead
stories on national networks. Even the most technically native person cannot go
more than a few weeks without hearing of some new virus or hacking incident,
such as the dramatic attack in Feb 2003, when a hacker was able to get some
millions of credit cards numbers.
In spite of daily horror stories,
however, many people (including some law enforcement professionals and trained
computer professional) lack an adequate understanding for the reality of these
threats. Attention is often focused on the most dramatic computer security
breaches (intrusions), which do not necessarily give an accurate picture of the
most plausible
|
FYl:
Online Shopping |
|
|
The
commerce department reports show a rapid increase in online retail sales in
just a few years. Since the year 2018, when sales were approximately 27. 3
million, online sales increased by nearly 325% to approximately 88.3 million
in 2019. At the time of this writing, sales for 2020 were projected to
approximately 109.9 million. |
|
threat
scenarios. Clearly, may people are aware of the attacks that can be executed against
a target system. Unfortunately, they are often not familiar with the attack’s
mechanism, its actual danger level or how to prevent it.
This article outlines current dangers,
describes the most common types of attacks on your personal computer and
network, teaches you how to speak the lingo of both hackers and security
professionals and outlines the broad strokes of what is necessary to secure
your computer as well as network.
How Seriously Should You Take Threats to Network Security
The first step in understanding computer
and network security is to formulate a realistic assessment of the threats to those
systems. The general population tends to have two extreme attitudes about
computer security. The first group assumes there is no real threat. Subscribers
to this theory believe that there is little real danger to computer system and
that much of the negative news is simply unwarranted panic. They often think
that taking only minimal security precautions should ensure the safety of their
systems. The prevailing sentiment of these individuals is, “If our computer /
organization have not been attack so far, we must be secure,” they tend to have
a reactive approach to security. They will wait until after an incident occurs
to address security issues --- the proverbial “closing the barn door after the
horse has already gotten out.” If you are fortunate, the incident will have
only minor impact on you or your organization and will serve as much needed
wake up call. If you are unfortunate, then your organizations may face serious
and possible catastrophic consequences. For example there are organizations
that did not have an effective network security system in place when the virus
attacked they system. One of those companies estimated that lost productivity
through downtime of the systems cost over 100,000/-.
The second extreme attitude toward the
dangers to commuter and network security is one that tends to overestimate the
dangers. The people in this group are prone to assume that talented hackers
exist in great numbers and all are imminent threats to your system. They may
believe that any teenager with a laptop can traverse highly secure systems at
will. This viewpoint has, unfortunately, been fostered by a number of movies
that depict computer hacking in a somewhat glamorous light. Such as world view
makes excellent movie plots, but it is
simply unre3alistic. The reality is that many people who call themselves
hackers are less knowledgeable than they think. They have ascertained a few
buzzwords from the Internet and are convinced of their own digital supremacy,
but they are not able to affect any real compromises to even moderately secure
system.
Both extremes of attitudes regarding the
dangers to computer systems are inaccurate. It is certainly true that there are
people who have both the comprehension of computer systems and the skills to
compromise the security of many, if not most, system. However, it is also true
that many who call themselves hackers are not as skilled as they claim. As with
any field of human endeavor, the majority of hackers are, by definition,
mediocre. Often, the people who most loudly declare their cyber prowess are
usually those with the least actual skill. The truly talented hacker is no more
common than the truly talented concert pianist. Consider how many people take lessons
at some point in their lives; then consider how many of those mind that even
those who do possess the requisite skill also need the motivation to expend the
time and effort to compromises your system. This does not mean that unskilled
hackers are no threat at all, but rather they are much less of a threat than
administrators, the hackers themselves, might think. Additionally, the greatest
threat to any system is not hackers, by rather virus attacks and Denial of
Service attack.
A more balanced view and therefor, a
better way to assess the threat level to your system is to weigh the
attractiveness of your system to potential intruders against the security
measures in place.