Networked systems and Security threats

Networked systems and Security threats

Ever since the advent of the first computer virus in the 1980s, it has become even more popular with the invention of the network, the first of which was the Internet, by DARPA. But what constitutes has a network and how is it governor.? These are the question we will have to answer before we can fully appreciate or understand why preventing its vulnerabilities is so important to not only businesses and or organizations but to the sustainability of the Internet itself.

Brookshear(2012, p140) explains that “ The need to share information and resources among different computers has led to linked computer systems, called networks”. Networks essentially allow computers and or network compatible devices to communicate with each other within a region or across regions. Networks are classified as follows: LAN —local area network(which is a collection of computers and devices in an organization and or company), MAN —metropolitan area network(this is simply a network of various sizes) and WAN —wide area network(allows for the communication of computer systems within a region or across region). “When a computer is connected to a network, it becomes subject to unauthorized access and vandalism.” Brookshear (2012, p173). Imagine a hackers being able to manipulate medical devices such as a PaceMakers or an Insulin Injectors as did the late Barnaby Jack, an elite white-hat hacker expressed that once devices where network compatible(ethernet, wifi, Bluetooth, NFC, etc) it would become easier for it to be hacked, as he did with ATM machines, Simonite(2013).

As proclaimed by Murphy’s Law, “if anything can go wrong, it will” and as such networks are faced with security risks and vulnerabilities, these include: Malware(which are: viruses, worms, trojan horse and spyware), Denial of Service(DoS) and Distributed DoS, Misconfigured firewall, Vendors or Custom Software errors, Mobile devices and USB Flash Drives also known as Thumb Drives. In an IEEE publication, Maple,(2010) confirmed this, when he stated: “Modern networking systems, applications and services are found to be more complex in terms of integration and distribution, therefore, harder to be managed and protected.” In the past, if a computer system was attacked by a virus, the recipient would be notified immediately, but as technology got more sophisticated it became more difficult to detect. With the previous, viruses such as the “Virus.DOS.Walker” was clearly visible whilst the latter can be a trojan horse laying dormant of the computer waiting for a trigger date or action.

Malware is simple malicious unwanted software that infects a computer more recently within the acknowledgment of the user and or company. A malware in any form has the potential to become detrimental if not detected has it can report its’ findings to the instigator.

Solution: Invest in antivirus software that updates often and inform users of this negative potentials.

DoS or DDoS references to a network computer and or server being overloaded with messages or requests from an intruder. This, in turn, overwhelms the service and brings all its’ activities to a halt. Which could be monetarily cost.

Solution: Implement a proxy server so has to mitigate attacks.

Misconfigured firewall

as claimed by Beaver(2013) “One of the biggest, most dangerous, assumptions is that everything is well in the firewall because it’s been working fine.” Analyzing the configuration of a firewall might reveal unforeseen vulnerabilities.

Solution: Revisit the Security Policy and ensure to update same.

Vendors or Custom Software errors

Occasionally organizations and or companies are unaware of any vulnerabilities within the software purchased or created in-house. Programmers often make mistakes and these are not normally noticeable until something goes wrong.

Solution: Contract white-hat hacker and or Philanthropist with are experts in the area of software analysis.

Mobile devices

This has to be looked at from a board spectrum, as we are dealing with mobility and the use of rogue access points all around us. This makes it even easier for black-hat hackers and or malware to access these devices.

Solution: Security Policies and invest in antivirus software that updates often and encrypts the data.

USB Flash Drives

Allowing anyone to plug in a flash drive into a computer could do more harm than good. Very recently, we(the company I work) were exposed to the same incident that halted operations for two(2) department for more than three 3 hours. A rapidly replicating virus was transferred from a user’s thumb drive onto the network. It was noticed after as many 20 PCs were already affected.

Solution: Stricken Active Directory(AD) and Security Policies and Invest in antivirus software that updates often.

In conclusion, further to the solutions listed above Elazari(2014) in a TED speech, expressed that “We need hackers” and I agree. She was clearly not referring the black-hat hackers but more so the white-hats. White-hat hackers “help organizations to assess and understand the vulnerabilities and exposures in their systems.” (Martin, 2001). It was Barnaby Jack who said “Sometimes, you have to demo a threat to spark a solution” and in these times, who better to take up the great responsibility; the white-hat hackers, who are also known as security researchers. “With power comes great responsibility”.

References:

Martin, R.A., 2001. Managing vulnerabilities in networked systems.Computer, 34(11), pp.32-38.

Elazari, K. (2014) Hackers the Internet’s immune system, Available at:http://www.ted.com/talks/keren_elazari_hackers_the_internet_s_immune_system(Accessed: April 2, 2016).

Beaver, K. (2013) Top 5 Common Network Security Vulnerabilities that Are Often Overlooked, Available at: http://www.acunetix.com/blog/articles/the-top-5-network-security-vulnerabilities/ (Accessed: April 2, 2016).

Maple, C. and Viduto, V., 2010, July. A visualisation technique for the identification of security threats in networked systems. In Information Visualisation (IV), 2010 14th International Conference (pp. 551-556). IEEE.

Brookshear, J. G., Smith, D. and Brylow, D. Computer Science: An Overview, 11th Edition. Reading, MA: Pearson (Addison-Wesley), 2012

Simonite, T. (2013) Watch the ATM Hacker At Work, Available at:https://www.technologyreview.com/s/517621/watch-the-atm-hacker-at-work/ (Accessed: April 2, 2016).

Comments (1)
Mark

Wow this is a good read, thanks

Leave a Reply

Your email address will not be published. Required fields are marked *

Groope Multimedia © 2019, All rights reserved