While network and Internet technologies provide numerous growth and competitive opportunities for small and medium-sized businesses (SMBs), they also raise the urgent need to protect computer systems against security threats.
According to a survey conducted by the Computer Security Institute (CSI) in 2003, as much as 78% of computers were attacked through the Internet (up from 59% in 2000). Today, even the smallest businesses feel compelled to engage in online activities, bringing several factors that must be ensured for this model.
However, according to Jim Browning, Vice President and Director of SMB Research at Gartner, most businesses do not adequately recognize the importance of security; they often overlook it when it should be a top priority for online operations.
If not properly protected, every part of a network system becomes a target for hackers, competitors, or even employees within the company. Although in 2005, 40% of SMBs implemented security network management and increased their Internet usage, Gartner’s statistics show that more than half of them were even unaware that they were being attacked by hackers.
Fundamental Platforms
Like many other types of crime, network threats and Internet resources originate from a small community. Despite their small numbers, these factors continue to grow as there are few effective regulations to restrain them; merely one attack tool disseminated online can immediately target numerous computer systems through software vulnerabilities. Those behind these attacks can be hackers, software crackers, or “insiders.”
– Access Control: This involves verifying identity and deciding whether to grant access to the network. Authentication may be through passwords or more complex measures like biometric devices (fingerprint or facial recognition). – Firewall: A software or hardware solution that helps prevent unauthorized access attempts from the outside or only allows legitimate data to enter the network. Nowadays, firewalls are widely used in corporate network systems. – Identity Management: Identifying users and their current acceptance status, defining and enforcing access rights to system and network resources. – Intrusion Detection: The capability of software to analyze network activity, detect intrusion behavior, and notify administrators. – Threat Prevention: The integration of multiple security technologies (firewalls, intrusion detection/prevention) and smart network services to mitigate the impact of known or unknown threats. – VPN (Virtual Private Network): A virtual private network allows secure (safe) computer connections to the corporate network system over the Internet. By combining hardware devices on the corporate network and specialized software on remote control computers, businesses can use VPNs for satellite offices, remote headquarters, and employee mobile devices. |
* Hacker: Most hackers are knowledgeable about security and the principles of Internet and computer operation. In the past, hackers often breached computers for non-profit purposes, merely to showcase their skills or brag about their “achievements.” Today, this purpose has gradually disappeared, replaced by larger motives: money, personal grudges, politics… The concept and perception of hackers are quite diverse; however, they can be categorized into three types: white hats, black hats, and gray hats.
White hat hackers are often security experts who work for the common safety of the community in the fight against black hat hackers. Gray hats refer to hackers who possess both good and malicious characteristics, and their motives may shift depending on the circumstances.
* Cracker: These individuals are also very dangerous and cause significant harm to businesses. Their “favorite” activities include cracking software, modifying websites, stealing credit card information, and destroying data.
* Insider: This refers to employees within a company who seek to obtain personal information from others to satisfy curiosity or serve other purposes.
Common security threats include network attacks, social engineering attacks, viruses, worms, and spyware. Complex cyberattacks motivated by political or financial reasons typically target specific companies or computer systems. The intent is often to modify databases, steal accounts or personal information, and install spyware to allow the intruder to launch attacks from the victim’s computer system.
Cyberattacks can be categorized into three basic methods:
* Reconnaissance Attack: This is a method of gathering information to initiate a real subsequent attack on the network.
* Access Attack: This method exploits vulnerabilities in the network (often bugs or security loopholes).
* Denial of Service Attack: This is currently the most aggressive form of attack, sending a large number of information requests to a server, causing overload and making it difficult (or impossible) for external access to the computer.
System administrators must accurately assess the level of attacks to formulate appropriate countermeasures and protection.
– Virus: A program that can search for other programs on the network device and infect them by copying a version of the virus into them. When these programs are executed, the attached virus is also activated to begin the next infection cycle. Unlike worms, viruses cannot infect computers without some form of interaction (user intervention). – Worm: A program that can self-propagate and spread across the network at a very rapid pace. – Trojan Horse: Named after a phrase, this term refers to a dangerous program hidden within some other guise (such as a game program), allowing the perpetrator to remotely command the system. The “social engineering” method is often used to steal sensitive information from businesses. This is one of the least labor-intensive yet highly effective attack methods in many cases. Sometimes, all it takes is a phone call for an attacker to obtain what they want, such as asking for password information to upgrade a system from the technical support department. To be continued… Leave a Reply |