Network Security

 

Importance of Information and system security for individuals and organizations

In 2020, the Covid pandemic hit the world. People were encouraged to stay home and avoid unnecessary contact with others to avoid the spread of the coronavirus.

For businesses to survive, they had to re-invent how to communicate since their employees were now in different physical spaces.

The use of information technology increased dramatically: video meetings and remote access to company data became the norm. 

Tisma (2021) proposes that the increase in cyberattacks during the pandemic directly responded to this increased use of information technology.

There are many ways to protect personal and organizational data.

One meaningful and relatively easy way is for individuals to opt out where possible. Many websites, subscriptions, and services are legally required to give this option to their customers.

Another way is to only click on links if one knows the link's legitimacy.

In most cases, cyber attacks will try to disguise themselves as coming from recognized institutions, sometimes even the company an employee is hired. This means that everyone, not just the cyber security department, must be on the lookout for suspicious emails or texts. 

Ping command attacks:

Ping commands can be used to create attacks that disable a network. These attacks are called Denial-of-Service (DoS) attacks.

According to Gupta, since these attacks are made using packets – albeit very large packets – of data, these attacks are usually hard to detect since all web traffic is made up of packets of data (Gupta, 2017).

To perform the attack, a malicious party will bombard a server with more data than it can handle in one go. This will effectively result in the server being unable to function, and therefore, legitimate data packets will be denied access to the server.

Such attacks can stop an organization from functioning because no data can be sent or received.

Phishing:

Phishing scams are usually sent via email. The email body will usually have information that sounds legitimate and encourages clicking on a link within the email to resolve an issue.

Once the link is clicked, a virus is usually downloaded onto the computer and can then spread through the network to infect other computers. 

For example, recently at work, we received an email that stated that Microsoft Office needed to be updated for the entire organization for security reasons.

The email stated that to comply with company security guidelines, we needed to click the link to start the update process. This email had a header and images similar to the organizational header and signature lines.

Fortunately, we realized the email address was external, not internal, and forwarded it to our cybersecurity team. 

One of the things our IT department is constantly cautioning against us is not to click on any links within emails.

If in doubt about an email, flag it as a "Phishing attempt," and it will automatically be forwarded to the cybersecurity department for analysis.

example of phishing email

Computer viruses:

There are several types of viruses. The most common one is where there is an attachment in an email, and clicking it downloads malicious code onto the user's computer and, sometimes, the network.

Cybercriminals use these because they are usually very successful. If they can get a user to click on a link, it is easy to gain access to the person's personal files and information, which can all be used in identity theft.

Additionally, these viruses could enable cyber criminals to take control of computers and even use them in other cyber attacks.

REFERENCES:

Gupta, B., & Badve, O. (2017). Taxonomy of DoS and DDoS attacks and desirable defense mechanism in a Cloud computing environment. Neural Computing & Applications, 28(12), 3655–3682. https://doi.org/10.1007/s00521-016-2317-5

Tisma, M., & Andric, J. (2021). Importance of cyber security awareness and e-learning motivation for cyber security in reshaping the education. Journal of Information Systems & Operations Management, 15(2), 284–296.

Vahid, F., Wheatland, N., & Lysecky, S. (2019). Computing technology for all. zyBooks.