Security is essential for any business running IT systems. These days there are more threats than ever before, and to keep guard is one of the requirements for any IT-business infrastructure. This series on data security measures for your business entails topics such as basic terminology of attackers, different attacking methods, statistics of IT security, and how to secure your network. There are many types and classifications of threats and we will go through some of them in this part of the series so your organization has the insight and knowledge to properly understand these critical issues.
Why is Security for Your IT Systems Important?
If your security is breached it means that your data can be stolen, altered, or destroyed. Serious issues such as the loss of privacy and theft of information can land your company in legal turmoil. It is hard to determine how secure your network should be because the more secure your network is, the less accessible are the resources on the network. Your organization has to determine the fine balance between having more access to certain network resources, but having less security, or having less access to network resources and having more security.
Security Threats are Rising
Attack tools and methods have drastically evolved and have become easier for even novice users to break through data security walls using the simplest of tools. Here is a brief look at how attacks have evolved over the years:
- 1985: Password guessing and code replication
- 1990: Password cracking and war dialing (calling lists of numbers to hack into phone systems, fax machines, and computers)
- 1995: Viruses, including Love Bug, Nimda, and Code Red
- 2000: Trojan horses such as Back Orifice
- 2005: Worms including Blaster, MyDoom, and Slammer
- 2010: Packet sniffing, social engineering, and phishing
Attacks that once involved deep knowledge of computer and computer systems can now be performed by entry level computer enthusiasts. This is because many of the attack tools, such as password cracking, have been simplified to the extent where even beginners can take advantage of them. Some of these tools come with easy-to-use graphical user interfaces that make them easy to understand and use for beginners. This has resulted in people committing computer crime where they previously would not have.
Terminology You Should Know
White Hat: A hacker who seeks vulnerabilities in systems and exposes them for the purpose of having them be fixed. A white hat hacker is a good guy who uses his or her knowledge to improve the security of a system.
Hacker: A computer programming expert who can use his/her computing knowledge to bypass systems. This term is usually associated with a negative connotation and generally refers to anyone who bypasses security systems.
Black Hat: A hacker who gains unauthorized access to systems and uses it in a negative way. For example, one who steals information for monetary gains or compromises systems with a malicious intent.
Phisher: A person who sets up fake links to websites and dupes people into giving their personal information, such as passwords, and then uses that information for personal gain, i.e. stealing money from their bank account.
There are many types of attacks and they can get confusing. A few attacking methods mentioned here are intended to give you a “heads up” on how these attacks are executed.
- Social Engineering: This is one of the simplest of attack methods. One simply dupes the other party into giving critical information that is in turn used to gain access. Phishing, as mentioned above, is of this classification. I have heard of companies who have had their security systems compromised simply by a phone call of a person pretending to be the president of the company, who had forgotten his/her password. The employee on the other end believes it is the actual president and offers him/ her access to the computer systems. This attack can be mitigated by constructing and following a security policy for your company.
- Viruses: These little pieces of software code can do a lot of damage to the integrity of your computer systems. These codes are written to infect computer systems and to either render them useless or take over the systems. Some of them ask for money in return for leaving the system unharmed. I would include worms, Trojan horses, and malware in this category as well. This attack method can be mitigated by using an up-to-date virus scanner.
- Password-cracking: One of the most used password-cracking methods is known as Brute Force. Basically this techniques cycles through different combinations of characters hoping that eventually it will get the right combination and break through the system. It is always recommended that the password you set should be a “strong” password, meaning that it should contain small and large letters, numbers, and unique characters, such as “$”, “@”, or “&”. Setting a strong password will hinder the brute force method.
- Sniffing: This method commonly refers to the ability of the hacker to “listen” in on network traffic and thereby discover the passwords. This can be easily accomplished by using network tools (i.e. WireShark) to drop in on computer conversations on the network and capture the usernames and passwords. There are many other techniques that allow the hacker to gain access, such as the man-in-the-middle technique that places the hacker in the middle of the conversation of two network computers, and then the hacker is able to intercept the username and password to gain unauthorized access.
Data Security for Your Business – Part 2
The next article in this series takes a look at the statistics of IT security.