Network and Data Security

Information Technology Security also known as, IT Security is the process of implementing measures and systems designed to securely protect and safeguard information (business and personal data) utilizing various forms of technology developed to create, store, use and exchange such information against any unauthorized access, intended use and its ability to perform their permitted critical functions.

Network & Security Threads


• Viruses :

software virus is a parasitic program written intentionally to alter the way your computer operates without your permission or knowledge. A virus attaches copies of itself to other files such as program files or documents and is inactive until you run an infected program or open an infected document. When activated, a virus may damage or delete files, cause erratic system behaviour, display messages or even erase your hard disk. A virus may spread through email and instant messenger attachments, through infected files on floppy disks or CD-ROMs, or by exploiting a security flaw in Microsoft Windows.

• Macro Viruses

Macros are simple programs that can be written to automate repetitive tasks in a document or make calculations in a spreadsheet. Macros can be written in documents created by Microsoft Word, in spreadsheets created by Microsoft Excel and in many other kinds of documents. Macro viruses are malicious macro programs that are designed to replicate themselves from file to file and can cause damage to the files on your computer. They spread whenever you open an infected file.

• Trojan Horses

Trojan horses are programs that appear to serve some useful purpose or provide entertainment, which encourages you to run them. But these programs also serve a covert purpose, which may be to damage files, to place a virus on your computer or to allow a hacker to gain access to your machine. More commonly these days, you can be enticed into running a Trojan by clicking a link on a viral web site or in an email. Trojans that allow a hacker to gain access to your machine, called Remote Access Trojans (RATs), are particularly prevalent at the moment. Over 50% of all spam (unsolicited email) is sent from home or work computers that have been compromised by RATs. A Trojan horse is not a virus because it does not replicate and spread like a virus.

Worms

Worms are programs that replicate and spread, often opening a back door to allow hackers to gain access to the computers that they infect. Worms can spread over the Internet by expoiting security flaws in the software of computers that are connected to the Internet. Worms can also spread by copying themselves from disk to disk or by email.

Zombies

A Zombie is a dormant program that lies inactive on a computer. It can be activated remotely to aid a collective attack on another computer. Zombies don't normally damage the computer on which they reside but can damage other computers. Zombies often arrive as email attachments and when the attachment is opened they install themselves secretly and then wait to be activated.

Phishing

A Phishing attack is when you are are sent an email that asks you to click on a link and re-enter your bank or credit card details. These emails can pretend to be from banks, Internet service providers, on-line stores and so on, and both the email and the web site it links to appear genuine. When you enter your bank or credit card details they are then used fraudulently

Internet Based Attacks

While your computer is connected to the Internet it can be subject to attack through your network communications. Some of the most common attacks include:
• Bonk – An attack on the Microsoft TCP/IP stack that can crash the attacked computer.
• RDS_Shell – A method of exploiting the Remote Data Services component of the Microsoft Data Access Components that lets a remote attacker run commands with system privileges.
• WinNuke – An exploit that can use NetBIOS to crash older Windows computers.

Viral Web

SitesUsers can be enticed, often by email messages, to visit web sites that contain viruses or Trojans. These sites are known as viral web sites and are often made to look like well known web sites and can have similar web addresses to the sites they are imitating. Users who visit these sites often inadvertently download and run a virus or Trojan and can then become infected or the subject of hacker attacks.

Spyware, Adware and Advertising Trojans

Spyware, Adware and Advertising Trojans are often installed with other programs, usually without your knowledge. They record your behaviour on the Internet, display targeted ads to you and can even download other malicious software on to your computer. They are often included within programs that you can download free from the Internet or that are on CDs given away free by magazines. Spyware doesn't usually carry viruses but it can use your system resources and slow down your Internet connection with the display of ads. If the Spyware contains bugs (faults) it can make your computer unstable but the main concern is your privacy. These programs record every step that you take on the Internet and forward it to an Ad Management Centre which reviews your searches and downloads to determine your shopping preferences. The Ad Management Centre will build up a detailed profile of you, without your knowledge, and can pass this on to third parties, again without your knowledge. Some Spyware can download more serious threats on to your computer, such as Trojan Horses.

Virus Hoaxes

Virus hoaxes are messages, usually sent by email, that amount to little more than chain letters. They pretend to alert you to the latest "undetectable" virus and simply waste your time and Internet bandwidth. The best course of action is to delete these hoaxes - they can cause genuine fear and alarm in the disabled, elderly and other vulnerable groups.

Unsecured Wireless Access Points

If a wireless access point, e.g. an ADSL (Broadband) Router, hasn't been secured then anyone with a wireless device (laptop, PDA, etc) will be able to connect to it and thereby access the Internet and all the other computers on the wireless network

Social Engineering

Tricking computer users into revealing computer security or private information, e.g. passwords, email addresses, etc, by exploiting the natural tendency of a person to trust and/or by exploiting a person's emotional response. Example 1: Spammers send out an email about victims of child abuse and provide a link to click in the email for further information or to help the victims. When the link is clicked the spammers know the email address is "live" and add it to their live list which they then use to target their spam. Example 2: A company computer user is tricked into revealing the network password by someone on the telephone who is impersonating the voice of an employee in authority and who has a story of distress.

Microsoft Office Document Metadata

The average Microsoft Word, Excel, etc document includes hidden metadata with details of who created it, who has worked on it, when it has been amended and quite possibly the text of all those changes as well. Viewing a Word document in a text editor can reveal the metadata in plain text at the start and finish of the document.

The Plan:

Since businesses are experiencing increased regulations that affect how IT environments are protected, IT companies suggest that all corporations create and adopt a comprehensive IT security plan. Regardless of your unique corporate needs, All Covered recommends that your IT security plan consist of three different components: • are the written rules regarding both user behavior and business operations. All Covered suggests that, at minimum, your business should have an Acceptable Usage Policy that explicitly outlines what users can and cannot do on their computer systems. In addition, All Covered also encourages you to consider that there are other security policies that would help protect your corporate IT environment and the data stored on it. • involves evaluating the external and internal threats to your company, business assets, data, reputation, clients, and partners. By effectively analyzing your company's IT security risks, your IT support team can create a proactive plan to prevent security breaches and prioritize your IT investments to make maximum use of your IT budget. • is the concept of layered security where multiple security products are in place at different locations on your network to prevent security events from affecting your important data. Layering IT security ensures that your business has overlapping IT protections in place to keep your proprietary data and IT environment secure.