Network Security

Security is a substantial portion of any IT department's concerns. If a hacker manages to sneak in and encrypt your data, they can essentially lock you out of your own data and make you pay to get it back. Being a target of a ransomware attack can be costly, not only monetarily but also in terms of reputation. However, ransomware is only one of many tools available to modern hackers. Simply misconfiguring your network can leave you vulnerable to denial-of-service attacks, such as ping of death, where the attacker sends a ping packet larger than the maximum allowable size, crashing the target server or machine. Sometimes, hackers can use multiple computers to launch what is known as distributed denial-of-service (Vahid et al., 2015/2019). Although DDoS attacks are less successful now than they used to be, one can be frustrated if they try to visit a website to purchase a product and the request constantly times out; the customer will likely migrate to another company to buy their product instead.

Two of the biggest concerns for any organization when it comes to security are to ensure users do not leak their data or accounts to others and that the customer data is secure. More specifically, we will focus on these two concerns: security vulnerabilities and phishing attacks.

Security Vulnerabilities

Security vulnerabilities are typically flaws in a program's code that allow nefarious individuals to manipulate the program into doing something it was not necessarily designed to do. One of the most significant examples of a recent substantial security vulnerability was the log4j vulnerability. The log4j vulnerability affected versions 2.0-beta-9 and 2.14.1 and any variations from those code versions (Gupta et al., 2022). Essentially, it allowed hackers to execute code, effectively granting them full access to the device containing the Apache log4j instance. Diagnosing the issue can be frustrating due to the sheer number of tools the hacker can use, provided they know how to write code. The vulnerability was patched out in the subsequent versions of log4j, hinting at the importance of keeping applications up-to-date and patched to their latest stable versions. Keeping your system on its latest patching cycles as fast as possible is essential to being a proper systems administrator to lower the chances of security vulnerabilities as much as possible. Secondly, being cognizant of these new vulnerabilities by signing up for security vulnerability reports can bring much-needed attention to the severity of the issue and help you get the resources necessary to fix the problem.

Photo Courtesy of Microsoft Stock Photos

Phishing

Phishing, on the other hand, is a specialized version of social engineering where the user attempts to emulate either an authority figure or company to instill trust in the user, tricking them into providing their credentials to the hacker (Cooper, 2022). Nowadays, one of the most common versions of phishing is fake emails. The email can look extremely convincing, tricking users into visiting a fake website that mirrors the actual website and asking for users to identify themselves with their username/password. A common symptom of a user who has fallen for a phishing attack would be seeing the user's ID in logs during odd hours when the user would not be actively working. Seeing your coworker log onto the network at 11:30 pm without a good reason may imply their credentials were swiped at some point. Once the hacker is in the system, they explore ways to elevate their account to get a more significant hold on the data and system as a whole. Two recommendations to avoid these phishing scams are to hold regular training or simulations on users to ensure they follow protocol and to check every link provided in an email. If the email address is suspicious, do not click on any links. It is theoretically simple not to fall victim to these types of attacks, but it can happen even to C-level executives if they are not constantly applying best practices.

Conclusion

Although security vulnerabilities and phishing attacks are only two of many times of cyber-attacks, they are essential to know about and avoid in today's climate. A user can even use pings, a simple networking tool, to create too many requests for a server to manage! Awareness of these types of attacks and their repercussions is an essential step to ensuring your systems are secure.

References

Cooper, P. G. (2022). Phishing. In Salem Press Encyclopedia. EBSCOhost; Research Starters. https://search.ebscohost.com/login.aspx?direct=true&AuthType=shib&db=ers&AN=89139014&site=edslive&scope=site&custid=s8856897

Gupta, H., Chaudhary, A., & Kumar, A. (2022). Identification and Analysis of Log4j Vulnerability. 2022 11th International Conference on System Modeling & Advancement in Research Trends (SMART), System Modeling & Advancement in Research Trends (SMART), 2022 11th International Conference On, 1580–1583. IEEE Xplore Digital Library. https://doi.org/10.1109/SMART55829.2022.10047372

Vahid, F., Lysecky, S., Wheatland, N., & Siu, R. (2019). TEC 101: Fundamentals of Information Technology & Literacy (8th ed.). zyBooks. https://learn.zybooks.com/zybook/TEC101:_Fundamentals_of_Information_Technology_&_Literacy_(TED2412A) (Original work published 2015)

Comments