Network Security Threats and Their Solutions - Literature review Example

?Introduction Advancements in information technology have continued to facilitate corporations, governments, businesses among other entities with an avenue to automate almost all of their information processing (Laudon, 2011). Networking is one of such technologies which have played a great role in this development as it has enhanced the transfer, storage, and sharing of data and information without necessarily having to rely on physical files. Traditionally, communication was highly based on sending and receiving letters among other primitive methods, such as smoke signals, horn blowing, as well as communication through the word of mouth. These channels were time consuming and, on top of that, they were subject to distortion. With networking in place, real time communication has been made possible through emails, VOIP, teleconferencing, online chats among other channels. However, these networks are vulnerable to numerous security threats, which have the capacity to cause extensive damage and losses for the users (Andress, 2011). This paper is a critical evaluation of network security threats and their solutions. Network Security Threats A network is an interconnection of two or more computers for the purpose of sharing resources, such as hardware and software (Wetherall, 2010). There are various types of networks which include, but not limited to, local area networks (LAN), wide area networks (WAN) and metropolitan area networks (MAN). Local area networks are commonly found in institutions and offices, whereby sharing of resources is internal, for example, between departments or various workstations in an office. Wide area networks facilitate sharing of information on a wide geographical location, whereby numerous LANs around the world are interconnected for this purpose. The internet and the World Wide Web are examples of LAN as they can be accessed by users from every corner of the globe as long as they are connected to an internet service provider (ISP). MAN, on the other hand, exists in a smaller geographical location than WAN but larger than that of LAN (Wetherall, 2010). These networks have facilitated criminals with an avenue to make money through illegal activities especially due to the fact that millions of people around the world utilize one or all of the above mentioned networks on daily basis. Loads of data and sensitive information are exchanged over these networks on hourly basis and due to this; criminals have taken advantage through their technical skills to conduct cyber attacks, either for economic benefits or for malicious purposes (Zalewski, 2011). The internet, for example, has facilitated users with an avenue to conduct businesses and transactions through online shopping. Online shopping is a mode of doing business whereby manufacturers and retailers design interactive websites, in which they display their products and details. Interested shoppers are only required to visit the websites from the comfort of their personal computers, from which they can evaluate and compare prices of commodities offered by different companies. Processes, such as cataloguing and placing orders are made through the same media thus making it easy and cheap for marketers and consumers to fulfill their desires without necessarily having to travel to the physical business location. This has also facilitated globalization as digitizing the world in this manner brings the world citizens closer thus forming a global village (Schneider, 2011). However, online shopping has been noted as being one of the major targets and facilitators of cyber crime. Rogue programmers have continued to develop phishing sites, which they utilize to steal users’ personal information for the purposes of committing fraud. Phishing sites are websites, which impersonate genuine websites such that it becomes difficult for users to differentiate between the genuine and the rogue websites. These websites usually request users to input their personal details, such as credit card numbers, emails, names, bank details among other sensitive information. Once the criminals get this information, they use it to empty bank accounts without the knowledge of the account holders (Schneider, 2011). Networks facilitate users with remote access to servers and data bases. Corporations have continued to utilize this advantage by allowing their employees to telecommute (Schneider, 2011). Telecommuting is a situation whereby employees are allowed to work from their home computers, which are connected to their company’s database such that once they finish their assignments, they upload them directly to the database after which the employer can download and utilize the information for its intended purpose. This mode of doing business is advantageous as it works as a motivation factor for the employees, who are facilitated with comfort and independence as they do not have to work under strict surveillance by their superiors. Furthermore, it enables employees to maintain physical presence at home, which is important in promoting family unity unlike when they have to work overtime and in their offices, where they cannot spend quality time with their families. However, telecommuting is an eminent threat to network security. To begin with, the fact that employees are allowed to utilize their personal computers means that the management has no control over the integrity of data that is uploaded to the company’s database. Some employees have unethical behaviors such as accessing and downloading materials from sites that contain highly suspicious contents such as pornography, funny clips, free software among others, which are utilized by rogue programmers to spread computer viruses and malware. Once the employees download these materials, the viruses attached to them are also downloaded after which they attack files and folders stored in the computer, which transmit the viruses to any other computer that comes into direct contact with the files (Scambray, McClure, & Kurtz, 2009). Viruses are dangerous as they are usually programmed to corrupt and destroy files stored in a computer system (Andress, 2011). If the files are destroyed, then the company stands to lose a lot in terms of the time and money spent to prepare such information. Inconveniences are also caused owing to the fact that the files cannot be accessed at the right time, as more time and resources would be required in order to facilitate the efforts of trying to recover the lost data. One of the qualities of good information is timeliness meaning that it must be accessible as and when it is required. If this quality is absent, then such information becomes useless to the user. Replication of files and folders also occur as a result of computer worm infections in a network. Despite the fact that this may not be a highly dangerous activity, it has the capacity to deteriorate the speed at which a computer executes tasks. This occurs due to the replicated files’ tendency to consume memory space and processor time, which could otherwise be utilized by other genuine programs and processes. If the replication continues to occur, then the computer becomes highly unreliable after which it crashes completely (Andress, 2011). Telecommuting also poses a threat to the security of information stored in a database owing to the fact that employees may be facilitated with database passwords so as to allow them to upload their assignments. This makes it possible for them to access sensitive information, which they may utilize to cause malicious damage to the company’s integrity by sharing it with competitors and other curious organizations such as the press (Laudon, 2011). In order to be able to utilize this technological advancement maximally and with minimal risks, businesses and organizations should ensure that their employees are lectured on safe internet browsing habits, as well as the importance of installing and frequently updating antivirus software on their computers. The systems and database administrators should also dedicate their technical skills and attention towards ensuring that the computers and data flowing in, out and within an organization’s network is free of viruses and that passwords are shared only with trusted and responsible employees. By restricting passwords to a limited number of employees it becomes easier to trace the sources of vulnerability and to punish those responsible (Laudon, 2011). The internet has facilitated users with cheap and convenient channels of communication. These are for example social networking sites such as Facebook, Twitter, and MySpace among others. Through Facebook, for example, users are able to chat, share pictures and video, advertise products, send and receive messages among other numerous advantages that cannot be achieved through other communication devices such as fixed telephones. Facebook currently boasts having more than 650 million subscribers worldwide who spend a total of more than 700 billion minutes a month on facebook. Statistics also indicate that in every 20 minutes, more than 1 million links are shared on facebook alongside other numerous activities such as invitations to events (Schelkle, 2010). In general, it would be true to say that there is no other channel or network apart from Google, where such a significant number of people can be reached with a click of a mouse. Consequently, criminals have taken this as an advantage to their quest of creating problems to innocent civilians. It may be important to note that social sites, such as facebook, usually request users to input their personal details, such as names, date of birth, location, phone contacts, religion, schools and institutional affiliations among others, which makes it easy for friends to search and connect with past friends and acquaintances. However, hacking of facebook accounts has been on the rise and indeed it has become even possible for any interested person to find websites containing information on how to hack facebook on popular search engines such as Google (Schelkle, 2010). Hacking is a criminal offense, which involves breaking into computer networks either to take over their control or to retrieve information for malicious or financial gains. To this end, unauthorized access to facebook accounts makes it possible for hackers to impersonate the genuine holders of the accounts such that they are able to enjoy equal privileges without being noticed. Such persons could be for example; former boyfriends, girlfriends, stalkers or any other interested party. Once these people gain access to the accounts, they can, for example, send insulting messages to the people listed as friends, which may get the genuine owner of the account into trouble. They can also utilize information such as phone numbers to contact the owners and possibly make appointments, which may end up causing harm to the unsuspecting user. This may be enhanced by the fact that not many people will stop to consider the possibility of getting themselves into trouble by accepting to meet with strangers especially in this era of technology where the internet has enabled users to conduct online dating, some of which matures into relationships that end up in marriage. Social sites such as facebook do not accept liability whenever subscribers experience harm or other negative consequences, which may arise in the process of utilizing the various tools that these sites facilitate (Schelkle, 2005). It is, therefore, the sole responsibility of the subscribers to ensure that they take all necessary precautions whenever they are conducting their affairs over the internet. For example, they should refrain from clicking on links without first establishing the reliability of the source even if the links have been sent by close friends. Some of these links are sent arbitrarily by crackers, whose main objective is to spread spyware and worms, which enables them to steal passwords to online accounts. Hacking of email accounts is also a major security problem facing individuals and corporations in the contemporary society. Emails facilitate users with a channel to send and receive text messages as well as to exchange documents, which may contain sensitive information such as financial information and medical records. Companies such as Google Inc have in the past suffered this form of cyber espionage, whereby hackers, who were believed to be university students, attacked Google accounts and emails belonging to human rights activists and perceived dissidents (Blenner, 2011). China is a country in which freedom of speech is limited and the ruling communist party will go great lengths to ensure that any individuals or organizations fighting for democracy are dealt with accordingly. In addition, there are speculations that the government may have facilitated the hacking for industrial purposes since the hackers were not only interested in emails but also intellectual property. The country has a long history of promoting theft of intellectual property through its reluctance to protect foreign innovators by punishing those found to have duplicated other people’s ideas without authorization. Probably, this reluctance is motivated by the government’s plan to have the country achieve high industrial growth in order to compete with other industrialized countries such as the US. The company’s management reacted by restricting some of its employees from accessing its internal networks due to the fact that there were also speculations and suspicion that the hacking could have been facilitated by insiders. These factors, in addition to China’s unfair censorship laws, compelled Google to close down its operations in the country (Blenner, 2011). Hacking of emails is also conducted by businesses and corporations in order to gain them competitive advantage over their competitors. Through this, they are capable of spying on communications between the competitors and their customers as well as their suppliers. The hacked emails are also utilized as a tool for marketing whereby the hacker uses the emails to send spam messages containing advertisements and promotional materials. However, these messages are annoying especially if the recipient has no interest in the sort of messages being sent to him. It may also be important to mention that some of the email hackers have greater goals other than promoting businesses. They use these opportunities to broadcast links and documents which contain worms, spyware and Trojans as well as computer viruses (Scambray et al., 2009). It therefore becomes necessary for users to always ensure that their computers are well protected by an updated antivirus, which they must use to scan such documents before downloading them into their personal or networked computers. Users should also ensure that their computers, especially mobile devices such as laptops and smart phones, are well protected in order to make it difficult for strangers to access them. This is one of the major challenges faced by computer users in the contemporary society. Numerous portable devices are stolen on daily basis and the fact that majority of users do not sign out from their online accounts, after they have completed their sessions, makes them vulnerable to identity theft. Online accounts must be set in a way that makes it mandatory for a user to enter username and password whenever he or she is logging in irrespective of whether it is on a personal or a shared computer. Telecommunication through telephone networks has also been a major target for criminals around the world. Wire tapping, for example, has been used by these people to listen to phone conversations without the knowledge of the caller or his recipient. Unauthorized wire tapping is illegal in most of the jurisdictions but it has continued to be utilized covertly by security agencies such as the National Security Agency (NSA) among others in their efforts to combat threats to national security in the US (Blenner, 2011). Wiretapping can be achieved through various ways such as installing physical bugs on telephone receivers, which then relay conversations to another receiver located at a different location. This may require the person installing the transmitters to break into the house or office of the potential victim but with the advancements in technology, it has also become possible to achieve this objective from a remote location. In addition to wire tapping, caller ID spoofing has also become a dilemma in the contemporary society. Spoofing is a process through which criminals use advanced technologies to make calls that are difficult to trace (Zalewski, 2005). More often than not, telephone and mobile phone users rely on caller identity displayed on the screens of their phones as a way of authenticating the source of the calls. However, this is no longer a reliable way of doing so based on the fact that criminals are using these technologies to impersonate genuine organizations and corporations such as Microsoft. For example, it may be difficult for a user to suspect or reject an incoming call whose caller id is displayed as Microsoft. Such calls will usually try to convince the user that he has won a rotary of a huge amount of money after which they request for information such as bank accounts, credit card numbers among other information that can facilitate fraud. Conclusion Computer networks have revolutionized the way people interact with each other. They have made it possible for people to conduct businesses and interact in a virtual environment, which is quicker and less expensive than traditional modes of communication. The internet, for example, has facilitated users with a platform to send and receive messages, conduct online shopping, make voice calls through internet tools such as Google, yahoo, social sites such as facebook, twitter and MySpace among others. On the other hand, these networks have continued to expose innocent users to cyber terrorism, whereby criminals break into the networks through various methods such as hacking, cracking, spoofing and wiretapping among others, with the sole intention of stealing private information. Users, therefore, are advised to take extra caution whenever they are divulging personal information such as credit card numbers, bank account details, telephone numbers, their location, institutional affiliations, among others, which may assist criminals in committing crime. They should also ensure that their computers are password protected at all times and also that all online accounts are signed out after successful sessions. Works Cited Andress, J. Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners. Syngress: 2011. Print. Blenner, J. America the Vulnerable: Inside the New Threat Matrix of Digital Espionage, Crime, and Warfare. Penguin Press HC: 2011. Print. Laudon, K. (2011). Management Information System. Prentice Hall Scambray, J., McClure, S., and G. Kurtz. Hacking Exposed: Network Security Secrets and Solutions. McGraw-Hill Osborne Media: 2009. Print. Schelkle, W. Paradigms of Social Change: Modernization, Development, Transformation, Evolution. St. Martin's Press: 2010. Print. Schneider, G. Electronic Commerce. Course Technology: 2010. Print. Wetherall, D. Computer Networks. Prentice Hall: 2010. Print. Zalewski, M. Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks. No Starch Press: 2005. Print. Read More