OCU C)OST B Discussion Lesson 08
- This topic has 7 replies, 5 voices, and was last updated 7 months ago by
.
-
Posts
-
-
-
Networks are vulnerable in many ways. One major vulnerability is phishing attacks, where cybercriminals deceive users into providing sensitive information through fake emails or websites. Another significant threat is malware, including viruses, worms, and ransomware, which can infiltrate networks, causing data theft, damage, or service disruptions. Additionally, unpatched software poses a risk, as outdated programs may have security flaws that attackers can exploit to gain unauthorized access.
To protect network infrastructure, several methods and controls can be implemented. Firstly, deploying firewalls and Intrusion Detection Systems (IDS) can help block unauthorized access and monitor network traffic for suspicious activity, providing alerts for potential threats. Secondly, regular software updates and patch management are crucial, as they ensure that known vulnerabilities are addressed, reducing the risk of exploitation.
Lastly, conducting employee training and awareness programs can significantly enhance security. Educating employees on cybersecurity best practices, such as recognizing phishing attempts and using strong passwords, helps minimize the risk of human error leading to security breaches. Implementing these strategies can fortify network defenses and mitigate potential vulnerabilities.
-
Addison,
Phishing is a type of cybercrime where individuals impersonate trusted entities, such as banks or online services, to deceive people into revealing sensitive information, such as usernames, passwords, and financial details. This is typically done through deceptive messages, often via email or text, containing links to fake websites that closely resemble legitimate ones. These fraudulent websites are designed to trick individuals into entering their personal information, which is then used for malicious purposes such as stealing money or committing identity theft. It’s important to be cautious and verify the authenticity of any requests for personal information, especially when they come from unexpected or unfamiliar sources.
-
-
Networks are very prone to various kinds of vulnerabilities that may result in unauthorized access, data breach, or disruption of a service. Basically, the identification of such vulnerabilities is important for the proper application of security measures. There are three common types of network vulnerabilities:
Poor authentication protocols: In most of the network breaches, poor authentication methods were used. Default and weak passwords are the most common ones applied. Without strong authentication protocols, it will be an easy job for an attacker to access the network. According to Tian et al. (2020),
Unpatched bugs in the software fail to be updated or patched, providing bugs to systems for their easy exploitation. Unpatched bugs are targeted by hackers to inject malware or take control of networking devices. According to Singh & Kumar, “To inject malware or take control of networking devices, hackers seek unpatched bugs.”.
Social Engineering Attacks: These are attacks that manipulate human mistakes instead of technical vulnerabilities. One of the most common forms of social engineering involves phishing, a method of deceiving users into giving attackers sensitive information or even downloading malware.
Multi-factor authentication: MFA simply makes the use of authentication a little more complicated as the user would have to involve another means of verification aside from the password, including a fingerprint. This helps in reducing weak authentication, as noted by Kumar & Shyamasundar (2018).
Software patching and frequent updating: Basically, patching and keeping software up-to-date simply closes down security gaps and vulnerabilities that attackers can take advantage of. This is said to apply to operating systems, firmware, and applications (Singh & Kumar, 2021).
Training in User Education and Awareness: Seasonal training sessions to enlighten the employment with the risks involved in phishing and other social engineering tactics would be crucial for reducing human mistake-based attacks. Hadnagy & Fincher. (2020).
References
Hadnagy, C., & Fincher, M. (2020). Human hacking: Win friends, influence people, and leave them better off for having met you. Harper Business.Kumar, A., & Shyamasundar, R. (2018) Multi-factor authentication to enhance cloud-based system security. IEEE Transactions on Cloud Computing, 6(3), 795-809, https://doi.org/10.1109/TCC.2017.2769643
Singh, V & Kumar, P. 2021. Vulnerability management in network security – A comprehensive review. Journal of Information Security and Applications, 58, 102731, https://doi.org/10.1016/j.jisa.2021.102731
Tian, X., Wang, J., & Wang, W. (2020). Password authentication vulnerabilities and countermeasures. Computer Networks, 175, 107310. doi: https://doi.org/10.1016/j.comnet.2020.107310
-
A network is very prone to various kinds of vulnerabilities that may result in unauthorized access, data breach, or disruption of a service. Basically, the identification of such vulnerabilities is important for the proper application of security measures. There are three common types of network vulnerabilities:
Poor authentication protocols: In most of the network breaches, poor authentication methods were used. Default and weak passwords are the most common ones applied. Without strong authentication protocols, it will be an easy job for an attacker to access the network. According to Tian et al. (2020),
Unpatched bugs in the software fail to be updated or patched, providing bugs to systems for their easy exploitation. Unpatched bugs are targeted by hackers to inject malware or take control of networking devices. According to Singh & Kumar, “To inject malware or take control of networking devices, hackers seek unpatched bugs.”.
Social Engineering Attacks: These are attacks that manipulate human mistakes instead of technical vulnerabilities. One of the most common forms of social engineering involves phishing, a method of deceiving users into giving attackers sensitive information or even downloading malware.
Multi-factor authentication: MFA simply makes the use of authentication a little more complicated as the user would have to involve another means of verification aside from the password, including a fingerprint. This helps in reducing weak authentication, as noted by Kumar & Shyamasundar (2018).
Software patching and frequent updating: Basically, patching and keeping software up-to-date simply closes down security gaps and vulnerabilities that attackers can take advantage of. This is said to apply to operating systems, firmware, and applications (Singh & Kumar, 2021).
Training in User Education and Awareness: Seasonal training sessions to enlighten the employment with the risks involved in phishing and other social engineering tactics would be crucial for reducing human mistake-based attacks. Hadnagy & Fincher. (2020).
References
Hadnagy, C., & Fincher, M. (2020). Human hacking: Win friends, influence people, and leave them better off for having met you. Harper Business.Kumar, A., & Shyamasundar, R. (2018) Multi-factor authentication to enhance cloud-based system security. IEEE Transactions on Cloud Computing, 6(3), 795-809, https://doi.org/10.1109/TCC.2017.2769643
Singh, V & Kumar, P. 2021. Vulnerability management in network security – A comprehensive review. Journal of Information Security and Applications, 58, 102731, https://doi.org/10.1016/j.jisa.2021.102731
Tian, X., Wang, J., & Wang, W. (2020). Password authentication vulnerabilities and countermeasures. Computer Networks, 175, 107310. doi: https://doi.org/10.1016/j.comnet.2020.107310
-
The common types of network vulnerabilities include outdated software, which can be exploited due to unpatched security flaws, Working outside of the company network, which can expose sensitive data to unauthorized access, and stolen passwords and usernames, which can be used for unauthorized access to the network or sensitive information.
There are several methods to safeguard network infrastructure. One effective approach is encryption, which involves encoding data to render it indecipherable to anyone monitoring it. Encryption is the cornerstone for ensuring authentication, confidentiality, and integrity within a network. Another crucial method is the use of a firewall, which acts to isolate a network and shield it from unwanted traffic. Firewalls can be integrated into devices such as routers and switches, or they can be separately implemented for added protection. Additionally, network segmentation plays a vital role in network security by isolating specific components to prevent unauthorized access and potential infections from spreading to other parts of the network, particularly IoT devices.
-
Three network vulnerabilities are weak password, malware and keyloggers. Each possesses its own distinctive threat. Each of the vulnerabilities must be addressed in specific ways to rectify.
Malware is short for malicious software. The are several types of malicious software. some types of malicious software are Trojans, viruses, ransomware, and worms. Malware is used to lock up PC’s and networks making them unusable. (The Future of Ransomware: Inside Cisco Talos Threat Hunters, 2024). It also has the capability to steal computer resources and monetize by selling company data. Ways to prevent malware attacks are to ensure all updates are completed on devices, strong authentication, and antivirus protection.
Weak passwords are often overlooked when thinking of network vulnerability. Passwords are often considered the weakest link in an organization’s network. (Specops Software, 2022). 98% of passwords include 8 characters and per a report from google 65% are often reused for different application (Specops Software, 2022). To protect your devices from this type of intrusion it is important to ensure that you are not reusing passwords, using several types of character in your password helps prevent attacks, and not using personal information in your passwords are ways to prevent hackers from accessing your passwords
Keyloggers are another vulnerability. Keylogger is short for keystroke logger. Keylogger records all keystrokes on the device being used. This gives hackers the ability to track passwords and other sensitive information. A way to combat keyloggers are using a virtual keyboard, keeping software updated, and regular security scans. (2024)
Specops Software. (2022). THE 2022 WEAK PASSWORD REPORT [Report]. https://specopssoft.com/wp-content/uploads/2022/02/Specops-Software-Weak-Password-Report-2022-2.pdf
The future of ransomware: Inside Cisco Talos threat hunters. (2024, June 18). [Video]. Cisco. https://www.cisco.com/site/in/en/learn/topics/security/what-is-malware.html#jump-anchor-1
Keyloggers explained: How to protect against keyloggers. SOPHOS. (2024, September 23). https://www.sophos.com/en-us/cybersecurity-explained/keylogger
-
Three types of physical security hardware are intrusion detection, surveillance systems, and access control systems. All three hardware systems a highly effective and prevent the intrusion of unwanted persons. Each system serves a different purpose that ensures the physical protection of data.
There are five types of intrusion detection systems, a few are Network-based intrusion detection systems, Host-based intrusion detection system, and Protocol-based. (What Is an Intrusion Detection System?, n.d.) Network based intrusion detection monitors all traffic flowing from and to devices on the protected network. This is valuable today due to the advanced malware that hackers use.
In today’s society it is imperative for surveillance systems. Surveillance systems use to be used on more of a commercial basis but since the introduction of affordable home surveillance like the Ring camera surveillance systems have become accessible to majority of consumers, allowing to monitor camera activities from the phone or computer.
Access control systems are physical hardware that has become indispensable. Access control systems set specific restrictions for access to areas of company property. Three types of access control systems are role-based access control, attribute access control and discretionary access control. (Locksmiths, 2023) All three systems are used to protect sensitive areas by only allowing users with those credentials to access the area.
What is an Intrusion Detection System? (n.d.). Palo Alto Networks. https://www.paloaltonetworks.com/cyberpedia/what-is-an-intrusion-detection-system-ids
Locksmiths, F. (2023, February 27). What are the 3 types of access control? | Access control security. The Flying Locksmiths. https://flyinglocksmiths.com/blog/three-types-of-access-control/#:~:text=The%203%20types%20of%20access%20control%20are%20Role%2DBased%20Access,property%20and%20data%20is%20secure.
-
- You must be logged in to reply to this topic.
