Network Security

 Greetings Broders!

Network Security is vital to the functionality and protection of critical assets for individuals and organizations. Functionality can be applied to ensure a server stays up and running correctly. Protection comes from a mixture of computer system infrastructure and understanding users' role in preventing data loss. Attackers can use resources to crash servers through ping command attacks and maliciously build trust with users through social engineerings, such as phishing.

Information and system security are essential for individuals and organizations because unrestricted access can equal detrimental harm. For individuals, not having security could mean someone is stealing your identity and, subsequently, your money, amongst other things. LifeLock says a stolen identity could lead to criminal charges (Johansen, 2021). Getting criminal charges removed from your record is challenging because you must prove it was not you. For organizations, a lack of security could mean system downtime, which leads to decreased revenue (upset customers), and sensitive information leakage, just to name a few consequences. 

Attacks used to hurt servers and executed using ping commands are a ping flood and the ping of death. A ping flood attack is when a large number of ping requests (sometimes from multiple devices or fake IP addresses) are sent to a device without waiting for a response, overloading the server, and preventing regular traffic (Ping (ICMP) Flood DDoS Attack, n.d.). A ping of death attack is when a large ping packet is broken down, sent to a device in fragments, and put back together. Because it is too big according to protocol, it crashes the device's network (What Is the Ping of Death (PoD)? Definition, Damage & Defense, n.d.).

Social Engineering is the overarching umbrella of tactics attackers use to create an environment where users voluntarily release sensitive information. Computer systems are vulnerable to these threats because they can introduce "malicious software" onto a device (Webroot Inc., n.d.). After compromising a system, attackers can access personal data connected to that device. Two recommendations for protecting a computer system or network from each type of security breach are: using multi-factor authentication and maintaining firewalls/anti-virus software. Multi-Factor authentication uses multiple verifications for accessing an account and a password. "Even if an attacker obtains your password, they may not be able to access your account if it's protected by MFA" (CISA, 2020). The information is inaccessible because they lack secondary resources for access, much like having two keys for a safe. You need both to open it. Firewalls and anti-virus software can be purchased and installed to block diverse data types like IP addresses, apps, etc. (CISA, 2019).

Phishing is a type of social engineering where the attacker tries to get sensitive information from a user by "baiting" them (Vahid & Lysecky, 2019). They lure a user in by, for example, sending an email asking for account information or verification, pretending to be a business, boss, fellow employee, etc. Computer systems are vulnerable to phishing because the data is widely available on the web, and "phishers" can create believable content (Gillis, 2020). You can recognize phishing by hovering over a link to see the actual location if an email is sent from a non-company email address but says it is from a coworker and misspelled website names to name a few. The damage of a phishing scam can vary from personal monetary loss to a significant data leak at a major company. There are a few ways to protect a computer system or network from phishing; filtering/blocking phishing emails, anti-spoofing controls, and proxy servers (Phishing Attacks: Defending Your Organisation, 2018). Even with the best measures in place, phishing can still take place. Training users on what to look for can prevent users from falling into these traps. Some companies have mandatory annual training on phishing. In combination with training, periodically sending fake phishing emails can ensure users actively use the skills from training. Microsoft Outlook has the capability for a tool that users can alert IS teams of detected phishing. Anti-spoofing controls such as "packet filtering to detect inconsistencies" and IP address authentication with a "network attack blocker" are ways to prevent attackers from adjusting bad IP address headers that appear as if they care from credible sources (Kaspersky, 2022). Proxy servers are an excellent protection resource because they look at the information before it reaches the user and look for anything that could be harmful beforehand (Chachak, 2022).

Attackers can use resources to crash servers through ping command attacks and maliciously build trust with users through social engineerings, such as phishing. Proactively building up security through training, robust infrastructure, and purchasing protection software can prevent most attacks. Investing in information and system security is essential to the success and safety of an organization and every individual.

Happy Coding!

Lotus 

References

Chachak, E. (2022, December 19). Why Are Proxy Servers Important For Cybersecurity? CyberDB. https://www.cyberdb.co/why-are-proxy-servers-important-for-cybersecurity/

CISA. (2020, January 21). Supplementing Passwords. https://www.cisa.gov/uscert/ncas/tips/ST05-012

CISA. (2019, November 14). Understanding Firewalls for Home and Small Office Use. https://www.cisa.gov/uscert/ncas/tips/ST04-004

Gillis, A. S. (2020, May 5). phishing. Security. https://www.techtarget.com/searchsecurity/definition/phishing

Johansen, A. Grace. (2021, February 4). 4 Lasting Effects of Identity Theft. LifeLock. https://lifelock.norton.com/learn/identity-theft-resources/lasting-effects-of-identity-theft#

Kaspersky. (2022, May 13). IP spoofing: How it works and how to prevent it. www.kaspersky.com. https://www.kaspersky.com/resource-center/threats/ip-spoofing

Phishing attacks: defending your organisation. (2018, February 5). The National Cyber Security Centre. https://www.ncsc.gov.uk/guidance/phishing

Ping (ICMP) flood DDoS attack. (n.d.). Cloudflare. https://www.cloudflare.com/learning/ddos/ping-icmp-flood-ddos-attack/

Vahid, F., & Lysecky, S. (2019). Computing technology for all. ZyBooks.

Webroot Inc. (n.d.). What is Social Engineering? Examples & Prevention Tips. Webroot. https://www.webroot.com/us/en/resources/tips-articles/what-is-social-engineering

What Is the Ping of Death (PoD)? Definition, Damage & Defense. (n.d.). Okta, Inc. https://www.okta.com/identity-101/ping-of-death/