Saturday, May 25, 2019

Cyber Security Essay

President Obama has declared that the cyber threat is one of the most serious scotch and national credential challenges we face as a nation Americas economic prosperity in the 21st century exit compute on cyber security. So why is it that so many sight still take overt know some of the basic ways that break cyber threats? The suggest of this paper is to name some of the more basic cyber threats. so far though it is just the beginning to the hazards you can obtain, they are highly effective beca work of the number of volume that still allow these kinds of breaches. First and foremost are viruses. According to cknow.com, There were over 50,000 figurer viruses in 2000 and that number was then and still is growing rapidly. Sophos, in a print ad in June 2005 claims over 103,000 viruses. And, Symantec, in April 2008 is makeuped to exhaust claimed the number is over one million. With so many different viruses step to the fore thither, how do you know what to look for and how to protect your cyber world from viruses? Some of the most common viruses that effect people are Trojans and Net Bots.PCmag.com defines a Trojan as A program that appears legitimate, further performs some illicit activity when it is run. It may be used to locate password information or make the system more vulnerable to future entry or simply destroy programs or data on the hard disk. A Trojan is similar to a virus, except that it does not replicate itself. It stays in the computer doing its damage or allowing somebody from a remote site to take control of the computer. Trojans lots sneak in attached to a free game or other utility. To add to their definition, it can also be affixed to an email shackle or the email itself. So now that you know what it is youre probably thinking so what can I do to protect myself from obtaining this virus? The opera hat thing to do would be to spring up yourself approximately this threat. bonk what they look similar and common websites they re side. The next thing that to do is to be original to invariably have an up to date WELL KNOWN antivirus such as Sophos, McAfee, or Norton.The well known part is genuinely important because some of the inadequate antivirus companies are part of the reason there are so many Trojans out there. Once you watch some antivirus software product you need to be sure to keep it up to date. Also, dont open emails from senders that you dont recognize. Several of the Trojans out there that get circulated by email come from people opening emails from unknown senders. The next one is botnets. http//searchsecurity.techtarget.com says A botnet (also known as a zombie army) is a number of Internet computers that, although their owners are unaware of it, have been set up to forward transmissions (including spam or viruses) to other computers on the Internet. Any such computer is referred to as a zombie in effect, a computer robot or bot that serves the wishes of some master spam or virus origina tor. Most computers compromised in this way are home-based. According to a report from Russian-based Kaspersky Labs, botnets not spam, viruses, or worms currently pose the biggest threat to the Internet. Trojans are the major way that you can get one of these viruses.So it is important that you again get antivirus software, keep it up to date, and dont open emails from unknown senders. However, with this virus you can get it just from going to a questionable web site. So how do you know what ones are good and what ones are questionable? Well that you can for the most part guess using these deciding factors Are there several java applications on the web page? Is there a lot of download able content? Are there pop up advertisements that come up on the page? Then you probably should do your best to stay away from the page. In case you are unsure, some antivirus software are now including a trusted and untrusted feature so when you search a site it will let you know if the page is saf e or proceed at your own risk. If your antivirus does not have such a feature then there are some applications out there that will do the same thing just to name one would be WOT or Web of Trust. The next issue is a little more targeted to the profession world.It deals more with their emails and correspondence but can also be directed to an average internet user. It is phishing. Webroot.com expounds Email Phishing scams are carried out online by tech-savvy con artists and identicalness theft criminals. They use spam, fake websites constructed to look identical to a real sites, email and instant messages to trick you into divulging sensitive information, like bank account passwords and citation card numbers. Once you take the phishers bait, they can use the information to create fake accounts in your name, ruin your credit, and steal your money or unconstipated your identity. This is a serious issue that takes some skill to recognize to evade taking the phishers bait. First and f oremost is to educate yourself on phishing attacks or scams. Know what it looks like. There are many resources that you have available to you on the internet to learn how to spot a phishing attack and a legitimist email. The Department of Defense offers a great course on how to spot a phishing email at http//iase.disa.mil/eta/phishing/Phishing/launchPage.htm. A more specific attack is whaling. B logs.iss.net explains The adoption of the term Whaling within phishing is more or less new and may have been derived from the use of Whales within gambling to refer to big-time gamblers and high rollers, but most likely come from the colloquialism for big weight.Regardless, Whaling describes the most focused type of phishing currently encountered by businesses or government targeted attacks against groups of high-level executives within a single organization, or executive positions common to quintuple organizations (e.g. the CTO or CFO). In a whaling attack, the phisher focuses upon a ve ry small group of senior personnel within an organization and tries to steal their credentials preferably through and through the installation of malware that provides back-door functionality and key logging. By focusing upon this small group, the phisher can invest more time in the attack and finely tune his message to action the highest likelihood of success. Note that these messages need not be limited to email. Some scams have relied upon regular postage systems to deliver infected media for example, a CD supposedly containing evaluation software from a known supplier to the CIO, but containing a hidden malware installer.So if youre not a high level employee, youre probably wondering how this is important to you. How phishers go about their scam is by obtaining little bits of what some would consider being harmless information from other employees about level executives and projects going on in the company. They start at the bottom to get more information at the top. So in al l actuality it very much concerns everyone in the company. This leads me in to my last but important area of cyber security insider threat. Frankly, that is you. Every employee is potentially an insider threat. So let me define it a little better with some help from searchsecurity.techtarget.com. An insider threat is a malicious hacker (also called a cracker or a black hat) who is an employee or officer of a business, institution, or agency. The term can also apply to an outside person who poses as an employee or officer by obtaining false credentials. The cracker obtains access to the computer systems or networks of the enterprise, and then conducts activities intended to cause harm to the enterprise.Insider threats are often disgruntled employees or ex-employees who believe that the business, institution, or agency has done them wrong and olfaction justified in gaining revenge. The malicious activity usually occurs in four steps or phases. First, the cracker gains entry to the sy stem or network. Secondly, the cracker investigates the temper of the system or network in order to learn where the vulnerable points are and where the most damage can be caused with the least effort. Thirdly, the cracker sets up a workstation from which the nefarious activity can be conducted. Finally, the actual destructive activity takes place. The damage caused by an insider threat can take many forms, including the launching of viruses, worms, or Trojan horses the theft of information or corporate secrets the theft of money the corruption or deletion of data the altering of data to produce inconvenience or false criminal evidence and the theft of the identities of specific individuals in the enterprise.Protection against the insider threat involves measures similar to those recommended for Internet users, such as the use of multiple spyware scanning programs, anti-virus programs, firewalls, and a rigorous data backup and archiving routine. It could also be an employee giving away what you would consider to be harmless information like an email address, a project you are working on at work, how many people you work with, or even where you work and the location of the building. Even with some of the best antivirus software, a stellar knowledge of phishing, and an elite cyber security system, an insider threat can penetrate that because they most the time have the credentials to log it to the system and pull resources ligitimently so it would go unnoticed. So how can you help protect you network or your companys network from an insider threat? Simply, dont be one. Always be sure to only give information that the other person is on the same level to receive.Secondly is to educate yourself on insider threat prevention. There is a plethora of resources to do just that. A helpful one is http//www.ussecurityawareness.org/highres/insider-threat.html. Also watch for signs of curious activity with co workers. Report any evidence or suspicions to your supervisor. S o in conclusion, prevention starts with you. Buy up to date antivirus software. avoid risky sites, educate yourself on what a phishing attack looks like, know what a legitimate email is, dont be an insider threat and educate yourself about things to look for from other co workers. Cyber security is a serious threat and is a major issue that needs to be taken seriously. It is not just something for the IT department to worry about but starts with every one making sure to take the appropriate security measures to make the cyber world more secure.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.