Saturday, March 9, 2019
Cyber Security Essay
President Obama has decl ard that the cyber affright is i of the most serious economic and national security ch allenges we face as a nation Americas economic prosperity in the 21st century lead depend on cyber security. So wherefore is it that so umpteen people lock up foolt turn in some of the basic ways that produce cyber threats? The purpose of this paper is to reboot some of the more basic cyber threats. Even though it is just the rise to the hazards you preempt obtain, they be highly effective because of the number of people that still allow these kinds of breaches. commencement ceremony and foremost argon viruses. According to ck straightaway.com, There were e realplace 50,000 information processing outline viruses in 2000 and that number was then and still is growing rapidly. Sophos, in a print ad in June 2005 claims over 103,000 viruses. And, Symantec, in April 2008 is account to have claimed the number is over unrivaled million. With so many several(pre dicate) viruses out there, how do you know what to cypher for and how to entertain your cyber earth from viruses? approximately of the most common viruses that effect people ar Trojans and Net Bots.PCmag.com desexs a Trojan as A program that appears logical, but performs some illicit activity when it is run. It may be used to locate password nurture or make the form more vulnerable to future inlet or simply destroy programs or data on the fleshy disk. A Trojan is similar to a virus, except that it does non simulate itself. It stays in the computer doing its damage or allowing somebody from a remote rate to take control of the computer. Trojans often sneak in attached to a free game or other utility. To tot up to their definition, it can as well as be affixed to an email attachment or the email itself. So now that you know what it is youre probably persuasion so what can I do to protect myself from obtaining this virus? The top hat thing to do would be to educate y ourself some this threat. Know what they look want and common nettsites they reside. The following(a) thing that to do is to be authorized to always have an up to date WELL KNOWN antivirus much(prenominal) as Sophos, McAfee, or Norton.The well known part is very authorized because some of the smaller antivirus companies are part of the reason there are so many Trojans out there. Once you ascertain some antivirus packet system you emergency to be sure to keep it up to date. Also, dont open emails from senders that you dont recognize. Several of the Trojans out there that get circulated by email come from people opening emails from enigmatical senders. The next one is botnets. http//searchsecurity.techtarget.com says A botnet (also known as a zombie army) is a number of profits computers that, although their owners are unaware of it, have been set up to forward transmissions (including spam or viruses) to other computers on the Internet. Any much(prenominal) computer is summonred to as a zombie in effect, a computer robot or bot that serves the wishes of some master spam or virus originator. Most computers compromised in this way are home-based. According to a encompass from Russian-based Kaspersky Labs, botnets not spam, viruses, or worms currently pose the heroicgest threat to the Internet. Trojans are the major(ip) way that you can get one of these viruses.So it is alpha that you over again get antivirus software, keep it up to date, and dont open emails from unknown senders. However, with this virus you can get it just from going to a self-styled web site. So how do you know what ones are good and what ones are questionable? Well that you can for the most part guess victimisation these deciding factors Are there several java applications on the web page? Is there a lot of download able cognitive content? Are there pop up advertisements that come up on the page? Then you probably should do your silk hat to stay remote from the page. In case you are unsure, some antivirus software are now including a trusted and untrusted shew so when you search a site it will let you know if the page is safe or fit at your own risk. If your antivirus does not have such a feature then there are some applications out there that will do the same thing just to name one would be WOT or Web of Trust. The next go away is a petite more targeted to the business world.It deals more with their emails and correspondence but can also be directed to an average internet user. It is phishing. Webroot.com expounds Email Phishing scams are carried out online by tech-savvy con artists and identity theft criminals. They use spam, fake websites constructed to look kindred to a real sites, email and instant messages to trick you into divulging sensitive information, like bank account passwords and credit card numbers. Once you take the phishers bait, they can use the information to create fake accounts in your name, reproach your credit, and sneak your money or even your identity. This is a serious issue that takes some skill to recognize to evade taking the phishers bait. First and foremost is to educate yourself on phishing efforts or scams. Know what it looks like. There are many resources that you have available to you on the internet to learn how to do it a phishing attack and a legitimist email. The Department of Defense offers a outstanding course on how to spot a phishing email at http//iase.disa.mil/eta/phishing/Phishing/launchPage.htm. A more specific attack is whaling. Blogs.iss.net explains The adoption of the term Whaling within phishing is fairly new and may have been derived from the use of Whales within gambling to refer to big-time gamblers and high rollers, but most likely come from the colloquialism for big fish.Regardless, Whaling describes the most focused type of phishing currently encountered by businesses or government targeted attacks against groups of high-level decision makers within a single organization, or executive positions common to multiple organizations (e.g. the CTO or CFO). In a whaling attack, the phisher focuses upon a very small group of senior personnel within an organization and tries to steal their credentials preferably through the installation of malware that provides back-door functionality and key logging. By counseling upon this small group, the phisher can invest more time in the attack and finely tune his message to achieve the highest likelihood of success. Note that these messages need not be limited to email. Some scams have relied upon regular pestle systems to deliver infected media for example, a CD supposedly containing evaluation software from a known supplier to the CIO, but containing a hidden malware installer.So if youre not a high level employee, youre probably wondering how this is important to you. How phishers go some their scam is by obtaining little bits of what some would pick out being harmless information from oth er employees about level executives and devises going on in the company. They start at the bunghole to get more information at the top. So in all actuality it very much concerns everyone in the company. This leads me in to my last but important area of cyber security insider threat. Frankly, that is you. Every employee is potentially an insider threat. So let me define it a little better with some help from searchsecurity.techtarget.com. An insider threat is a malicious hacker (also called a cracker or a glum hat) who is an employee or officer of a business, institution, or agency. The term can also apply to an outside person who poses as an employee or officer by obtaining false credentials. The cracker obtains access to the computer systems or net doings of the enterprise, and then conducts activities mean to cause harm to the enterprise.Insider threats are often disgruntled employees or ex-employees who remember that the business, institution, or agency has done them wrong a nd feel justified in gaining revenge. The malicious activity usually occurs in four steps or phases. First, the cracker gains entry to the system or network. secondly, the cracker investigates the nature of the system or network in order to learn where the vulnerable points are and where the most damage can be caused with the least effort. Thirdly, the cracker sets up a workstation from which the nefarious activity can be conducted. Finally, the actual erosive activity takes place. The damage caused by an insider threat can take many forms, including the introduction of viruses, worms, or Trojan horses the theft of information or incarnate secrets the theft of money the corruption or deletion of data the mending of data to produce inconvenience or false criminal depict and the theft of the identities of specific individuals in the enterprise.Protection against the insider threat involves measures similar to those recommended for Internet users, such as the use of multiple spywa re scanning programs, anti-virus programs, firewalls, and a rigorous data backup and archiving routine. It could also be an employee giving away what you would consider to be harmless information like an email address, a project you are working on at work, how many people you work with, or even where you work and the location of the building. Even with some of the best antivirus software, a stellar knowledge of phishing, and an elite cyber security system, an insider threat can penetrate that because they most the time have the credentials to log it to the system and pull resources ligitimently so it would go unnoticed. So how can you help protect you network or your companys network from an insider threat? Simply, dont be one. Always be sure to only give information that the other person is on the same level to receive.Secondly is to educate yourself on insider threat prevention. There is a plethora of resources to do just that. A helpful one is http//www.ussecurityawareness.org/h ighres/insider-threat.html. Also watch for signs of queer activity with co workers. Report any evidence or suspicions to your supervisor. So in conclusion, prevention starts with you. Buy up to date antivirus software. avoid godforsaken sites, educate yourself on what a phishing attack looks like, know what a legitimate email is, dont be an insider threat and educate yourself about things to look for from other co workers. Cyber security is a serious threat and is a major issue that needs to be taken seriously. It is not just something for the IT department to worry about but starts with every one making sure to take the appropriate security measures to make the cyber world more secure.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment