It is clear that information security technology has advanced much faster than
the number of people who are knowledgeable to apply it. It is even clearer that with these advancements come more difficulties in keeping networks secure from intruders, viruses and other threats.
Information Security is the protection of information against unauthorized access, modification, transfer, loss and destruction whether accidental or intentional.
1) The Independent Hacker tends to be young and opportunistic. To him, hacking is a sport; he enjoys beating the system undetected. 2) The Disgruntled Employee is an insider. Perhaps he just got fired. Maybe he did not get the pay raise he wanted.
Macro Viruses – commands embedded in software infect and spread to other files viewed by that software. Worms – duplicate themselves and use communications such as email to spread. They can look at your email address book and send themselves to users in your address book File Viruses – attach themselves to other software. When the software is run, the virus first loads itself into memory so that in can further infect other files or begin damaging the computer. Trojan Horses – a program that claims to perform a particular function, but does something different. Backdoor Trojans – a program that allow other computer users to remotely control your computer via a local area network or the Internet. Boot Sector Viruses – an older type of virus and not so common. They used to infect a computer's startup program to activate the virus.
Denial of Service – attempt by attackers to prevent legitimate users of obtaining access by flooding a network or disrupting connections between two machines and rendering it incapable of responding to requests in a timely manner. Insider Abuse of Network – current and former employees and on-site contractors with authorized access to facilities and networks continue to pose the most significant risk to intellectual property such as research data, customer files and financial information. Unauthorized Access – use of a computer or system without permission. Typically performed by hackers or crackers. Packet Sniffer – a program that captures data from information packets as they travel over the network. Data could include passwords, user names and proprietary information that travels over the network in clear text. Probe or Scan – a probe is an unusual attempt to gain access to a system or to discover information about the system. A scan is simply a large number of probes.
Training & Awareness – employees play a critical role by adhering to the security policy and protecting the IT systems. Security Policy – security policies are the foundation of a security strategy and form the guidelines for system administrators and acceptable activities for the users. The security policy should also include a risk analysis and security-related procedures. Physical Security – organizations should define physical security zones to prevent environmental damage and penetration of unauthorized people. Dedicated Management – a dedicated staff provides the framework to initiate, Implement, maintain and manage security. They are also responsible for Auditing & Administration.
Viruses – Anti-virus software should be installed on all network servers and desktop computers. Firewalls – primary means of enforcing the security policy by creating a choke point between a private network and the public Internet. Intrusion Detection – complements firewalls to detect if internal assets are being hacked or exploited. There are both Network-based and Host-based intrusion detection services. Authentication & Authorization – determines what someone needs to know (password) , have (entry card), or are (fingerprint) to ensure they only access what they are supposed to. ATM cards use two authentication factors. Encryption – protects data in transit by making it unreadable by using algorithms. Virtual Private Networking, Secure Sockets Layer and S-MIME are popular encryption technologies. Data & Information Backup – this is a must have for disaster recovery and business continuity. Should include daily & periodic backups and stored at an off-site location.