StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

IT Security Threats and Countermeasures - Literature review Example

Cite this document
Summary
This paper 'IT Security Threats and Countermeasures' discusses that IT security has become one of the inevitable expenses for any organization or individual since it threatens the integrity, confidentiality, and availability of their computing resources and data…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER95.3% of users find it useful
IT Security Threats and Countermeasures
Read Text Preview

Extract of sample "IT Security Threats and Countermeasures"

IT Security Threats and Countermeasures Introduction The technological advancement has leaped mankind to another level in terms of communication, business processes, acquisition of knowledge, management etc. The invention of internet has made the whole world come closer on the same platform. The emergence of e-learning has replaced the conventional forms of educational practices with online modes of acquisition of education and collaboration. The field of business has benefitted from the introduction of e-commerce and information management systems. Alongside all the advantages of IT, there exists an appalling consequence that compels the organizations to invest hefty amounts- IT security threats. This paper shall discuss the most commonly witnessed IT security threats, along with the counter measures that are used to safeguard data and systems. 2. Overview Computer technology has evolved with the passage of the years. These incremental improvements have been coupled with the increasing spiteful activities in the world of technology. Intruders and hackers have gotten more technology savvy with the evolution of newer systems and technologies. Cyber crimes are increasing drastically every year even in the presence of effective security systems. “Computer crime reports increase 22 percent in 2009: Crime News-Crime Prevention” included figures from FBI Internet Crime Complaint Center’s 2009 report; the year 2009 faced 22% increase in cyber crimes as compared to the year of 2008. National Institute of Standards and Technology Administration defined IT security as the protection of an automated information system to ensure that the key attributes of the computing resources (hardware, software, data and telecommunications) are preserved, namely confidentiality, integrity and availability. The report explained these three attributes in the following manner: Confidentiality can be defined as a requirement that compels the owner or bearer of the information or computing resource to protect it from exposure to any third parties. Integrity can be defined as the requirement that compels the owner or bearer of the information or programs to protect it from being changed by any unauthorized entity. Availability can be defined as the requirement that compels the owner of the information or computing resource to ensure that the service is available to all the legitimate users at all times. 3. Threats to IT Security 3.1 Denial of Service (DoS) Attack Denial of service attacks are aimed to bombard a certain server with excess number of requests to affect the availability of the server. A server is capable of granting requests to a certain number of users; the bombardment of requests from an unreliable host or multiple hosts makes the server incapable of servicing the legitimate users. McDowell stated that malicious intent users perform such spiteful activities to hinder the provision of service and likely to crash the systems with the overload of requests. Distributed denial of service attacks (DDoS) are initiated from multiple hosts, rather than the participation of a single host. 3.1.1 Repercussions of the Attack Roberts stated that the nation of Mynamar faced a massive denial of service attack in 2010 when their Ministry of Post and Telecommunication were attacked by denial of service. The investigation of the matter revealed that it was initiated from numerous sources thereby making it a distributed attack. It involved 10 to 15 Gbps of traffic to make the servers unavailable to legitimate users. This type of attack threatens the availability of the systems and services. 3.1.2 Countermeasures CAPTCHAs technology was introduced in the world of computing numerous years back to avoid the menace of denial of service attacks. Ahn, Blum, Hopper and Langford stated that CAPTCHAs are defined as small graphical images which constitute of scrambled text. The text is scrambled in such a manner that a human can only identify the characters correctly, rather than automated handwriting recognition applications. The presence of CAPTCHAs helps the organization to filter the computer automated requests (illegitimate hosts) from the ones initiated by humans. 3.2 Malware Attacks Malware is defined as any application or piece of code that is installed on a system in an automated manner without the consent or knowledge of the owner. Malware consists of many types of security attacks, namely viruses, worms, Trojan horse etc. These types of malware can be transferred or installed on the systems via email attachments, compromised links or images on websites, online advertisements etc. The user may only click upon these sources and the malware is automatically installed on the system. Viruses are capable of multiplying themselves on a network or system with the intention to cause harm to even more systems. Oldfield stated that viruses attach themselves with any program in the system and initiate their operations when the programs are launched. Viruses and worms harm the data by corrupting it, destroying it or modifying it. Trojan horses are those types of malware that provide access to the intruder such that he can access all the information and files in the owner’s system without his knowledge. It would not be wrong to state that Trojan horse attacks provide a backdoor access to the intruders into the system. Trojan horse might be running under an authentic name or process due to which it may not be detected by anyone. The source of this malware can also be from the internet, alongside the actions to run CDs from unreliable parties. 3.2.1 Repercussions of the Attack Such attacks threaten the attributes of availability, confidentiality and integrity of the data and computing resources that might be residing in the system under attack. The intruders can steal the data and use it for numerous malicious uses. Companies that offer products and services tend to have greater responsibility to protect their systems from malware attacks since their systems consist of extensive data regarding their customers and past sales records. Information is the key to success in the modern age since strategic management systems can provide valuable analysis on the basis of transactional and sales data. Customer buying trends and behaviors can be identified by means of past sales records. Customer details and information theft results in identify thefts and credit card frauds; intruder and hackers write malicious programs to steal data for such purposes therefore extensive efforts should be exerted to ensure greater IT security. McCullagh provided information about one of the largest identity frauds in recent history; the intruder stole millions of credit card and debit card information from different companies’ servers and withdrew millions of cash from ATM machines with the respective data. He was able to buy a condo, a diamond ring and multiple watches with that stolen money. 3.2.2 Countermeasures Harris defined the greylisting method that is used to reduce the number of unwanted emails receiving by any host. This method advocates the identification of the following fields from the received emails: IP address of the sender Address of the envelope sender Address of the envelope recipient These fields from unwanted emails are recorded and maintained for future reference. The emails that are received from a combination of these values are returned by the user since they are considered to be unwanted. Users are educated about not browsing unauthentic websites and clicking on links that may seem suspicious. 3.3 Botnet Attacks Botnet attacks make the system become a part of a bigger network of compromised systems. The intruders aim to identify such system that are not protected by extensive security measures and can be hacked easily. Botnet malware are also activated in systems through the internet. Banday, Qadri and Shah stated that the botnet controller may be sending commands to the compromised systems as they serve as ‘zombies’ for the cyber criminal. The communication between the botnet controller and the botnet hosts may not even be direct to avoid its identification by the victims. The spammers pay the owners of such compromised networks to conduct their malicious activities through the zombies. The following figure shows the steps that are involved in the process of performing malicious activities via botnets: Figure 1: Steps in botnet attacks (“Botnet”) 3.3.1 Repercussions of the Attack A botnet controller or remote host might be controlling the system to perform malicious activities like send spam (unwanted) emails or becoming extremely slow in operations. Botnets might also be controlled to launch distributed denial of service attacks on different services without the knowledge of the owner of the system. Koch stated that a massive DDoS was initiated for large organizations, namely CNN, Yahoo! and Amazon in 2000, even though these companies must be equipped with the most effective security measures. 3.3.2 Countermeasures Edwards defined honeypots as a method to identify the botnet controller in the network. A system is kept isolated in the network that possesses certain degree of data and serves as an attraction for the botnet controller. Upon the actions of the botnet controller to acquire power of the system (in other words, make it a zombie), the network administrators pursue their investigation regarding the origin of the commands and the identity of the host that remotely controls the system. 3.4 Insider Attacks Alongside the presence of external security threats to IT security, there exists equally important source of attacks that often go unnoticed by organizations- insider attacks. The employees possess great degree of information about the assets and login credentials for the intellectual assets of the organization. Insider attacks are either done as a result of lack of awareness of the required security protocol or thirst for selfish monetary gains. “Network Security Part II: Attacks” revealed an alarming fact that 70% of the attacks are initiated as a result of involvement of the employees, either on a direct or indirect basis. 3.4.1 Repercussions of the Attack Social engineering is defined as a mode to trick the employee into leaking relevant information about the login credentials or sensitive information regarding the organizational intellectual assets. For example, the intruder might call the network administrator while posing to be a senior manager of the organization. The impostor may request immediate changes in his login credentials. Due to lack of awareness, the network administrator may get intimidated by the caller and change his passwords without following any form of security protocol. Figure 2: Social engineering process (Allen) 3.4.2 Counter measures Employees need to be educated about the prevailing attacks on networks and social engineering instances that can trick them into revealing important information about the organization. The employees should also be educated about keeping strong passwords such that they cannot be hacked or guessed by malicious intent users. 4. Conclusion IT security has become one of the inevitable expenses for any organization or individual since it threatens the integrity, confidentiality and availability of their computing resources and data. The attribute of integrity safeguards the correctness of data, confidentiality preserves the exposure of the computing resources and data from third parties and the attribute of availability ensures that the service is available to the genuine users, rather than servicing the illegitimate ones. Few of the most common security threats are denial of service, malware and botnet attacks. Denial of service attack threatens the availability of the computing resources since the illegitimate requests and bombardment of information at a specific server makes it deny service to the legitimate users. Malware attacks cause the installation of malicious software and application on the system of the user; such applications may be corrupting the data in the system, transmitting the data from the system to a remote host without the knowledge of the owner. Botnet attacks end up making the system a part of a compromised network that may be involved in malicious activities. The botnet controller controls all the systems in the compromised network and sends them commands to initiate spam attacks, denial of service attacks etc. Another form of attacks that threaten the confidentiality, integrity and availability of computing resources and data is the insider attack. Employees bear extensive information about the information assets of the company. The employees of an organization become consciously or unconsciously involved in the revealing of information to unreliable third parties. All security threats and vulnerabilities can be improved with the deployment of effective countermeasures, coupled with making employees knowledgeable about the required security protocols and prevailing security threats. References Ahn, Luis. Blum, Manuel. Hopper, Nicholas, Langford, John. (2003), CAPTCHA: Using Hard AI Problems for Security, Proceedings of Eurocrypt ’03. Allen, Malcolm. Social Engineering: A Means to Violate A Computer System, SANS Institute, 2006, Print. Banday, Tariq., Qadri, Jameel., Shah, Nisar. “Study of Botnets and Their Threats to Internet Security”, Sprouts: Working Papers on Information Systems, 9(24). “Botnet”, Botnet Knowledge.com n.d., Web. 1 December 2011. “Computer crime reports increase 22 percent in 2009: Crime News-Crime Prevention”, Crime in America. Net, 16 March. 2010, Web. 1 December 2011. Edwards, John. “The Rise of Botnet Infections”, Network Security Journal, 15 Sept. 2008, Web. 3 December 2011. Harris, Evan. “The Next Step in the Spam Control War: Greylisting”, Pure Magic Software.com, 2003, Web. 3 December 2011. Koch, C. “A Brief History of Malware and Cybercrime”, CIO, 4 June. 2007, Web. 2 December 2011. McCullagh, Declan. “T.J. Maxx hacker sentenced to 20 years in prison”, CNet News, March 2010, Web. 30 November 2011. McDowell, Mindi. National Cyber Alert System, US-CERT, 2009, Print. National Institute of Standards and Technology Administration, An Introduction to Computer Security: The NIST Handbook, 1995, Print. “Network Security Part II: Attacks”, Security Innovation, 2003. Web. 1 December. 2011. Oldfield, Paul. Viruses and spam what you need to know, Sophos, ISBN 0-9538336-1-5. Roberts, Paul. “Massive Denial Of Service Attack Severs Myanmar From Internet”, Threat Post, 3 November. 2010, Web. 30 November 2011. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“IT Security Threats and Countermeasures Research Paper”, n.d.)
IT Security Threats and Countermeasures Research Paper. Retrieved from https://studentshare.org/information-technology/1438643-wireless-technology
(IT Security Threats and Countermeasures Research Paper)
IT Security Threats and Countermeasures Research Paper. https://studentshare.org/information-technology/1438643-wireless-technology.
“IT Security Threats and Countermeasures Research Paper”, n.d. https://studentshare.org/information-technology/1438643-wireless-technology.
  • Cited: 0 times

CHECK THESE SAMPLES OF IT Security Threats and Countermeasures

Can Security Countermeasures Be Overdone

Overdoing ‘hardware intensive' and ‘legislative' countermeasures seem to be only partly effective in containing terrorism.... The sweeping actions of the Department of Homeland Security (DHS), Department of Justice (DOJ) and other investigation agencies on the one hand, and the poor record of conviction secured by them, point to the limited effectiveness of the countermeasures.... On the contrary, some of the administrative countermeasures like enactment of The USA Patriot Act or the creation of the DHS certainly enabled putting a check on terrorist activities....
10 Pages (2500 words) Essay

Current Status of Security Awareness

It is, however, currently involved in the review of several information security awareness models for the purpose of doing just that.... hellip; th the aforementioned organizational objective in mind, this research will critically review the information security awareness construct for the purpose of potentially contributing to the design of the said model/program. Effective information security starts with the basics Therefore, perspectives and items that represent information security awareness should meet basic operational or user-level information security concerns....
4 Pages (1000 words) Essay

The Threat Of Hurricanes For The Infrastructure

The assessment of vulnerabilities and related countermeasures will be based mainly on the building codes, federal and state laws, recommendations of the federal agency, as well as on the overall history of Category III hurricanes that have occurred in the past in Florida.... The countermeasures mentioned in this report will apply to a wide range of assets.... The main aim of the paper "The Threat Of Hurricanes For The Infrastructure" is to address the potential threats regarding Category III hurricane for the university's beach campus....
23 Pages (5750 words) Research Paper

Intelligence and the Increasing Advancement in the Technology

Correspondingly, the study intends to identify two currents threats and two potential future threats for which the countermeasures will be provided.... nbsp;… The advancements also have created certain imperative challenges which need to be critically understood in order to frame reliable countermeasures.... The exposure to technological risks is constantly increasing and it has become an imperative proposition for the intelligence community to device countermeasures to mitigate current and potential future risks....
9 Pages (2250 words) Case Study

A Study on Threat Awareness and Use of Countermeasures among Online Users

The research paper " A Study on Threat Awareness and Use of Countermeasures among Online Users" describes the problem and consequences of the use of the internet, This paper outlines the background of threat awareness, types of threat, the severity of threats and main countermeasures.... Fortunately, there are a number of Human-Computer Interaction (HCI) principles that can effectively be used to enhance online user interaction and reduce internet security threats....
39 Pages (9750 words) Research Paper

Management of Information Security

There have been numerous recent cases of security threats to business information holdings inhuman, electronic, and physical form.... There have been numerous recent cases of security threats to business information holdings inhuman, electronic, and physical form.... These threats need effective management to prevent firms from undergoing heavy losses in terms of valuable assets and information.... These threats need effective management to prevent firms from undergoing heavy losses in terms of valuable assets and information....
13 Pages (3250 words) Literature review

Information Security Concept Map

CIA triad components (Stallings and Brown, 2008) To ensure information confidentiality is achieved countermeasures such as authentication, use of passwords, protection against malicious software, and restricting user access to organizational data by use of privileges and user rights.... The threats not only target the cyberinfrastructure but also people and their resources.... It will strive to highlight the information security and also look into the need to plan for possible threats, define security policies in order to limit vulnerabilities existing in the organizational information and computer systems....
7 Pages (1750 words) Term Paper

Boston Dynamics Company - IT Security and Management on Data Theft

The author of the paper "Boston Dynamics Company - it security and Management on Data Theft" will begin with the statement that information security is the fundamental priority of a company to prevent unauthorized individuals from accessing any information (Thomson, L.... it security management in the organization, therefore, has the following task to ensure the organization's data is safe.... Considering this scenario attacking the Boston Dynamics company, an overview of the security measures is essential for the company....
8 Pages (2000 words) Case Study
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us