Protect Information:
In the evolving technological world, information and system security should be at the forefront of every individual’s and organization’s mind. The availability and access to information can be used for various purposes, in some cases malign. This concept’s foundation is that every piece of information shared online may have value to somebody, whether that be being sold to third-party companies, being used for marketing, or being used for blackmail or coercion (Lysecky & Vahid, 2017). For example, in the intelligence community, we use social media posts to gauge heuristics and events in a region. While a video on social media may not be of value to someone else, a federal agency may use that to determine valuable information about a particular region. Keeping in mind that information sent to and throughout the internet, whether private or public, can still be accessed, individuals and organizations must be careful with the information they share and post. Anything that is sent should be assessed how that information would be conveyed if it were to become public.
Develop a Robust System Security:
System
security is the next step to prevent unauthorized computer access and
distribution of information. This is important because it provides an initial
layer of protection for individuals’ and organizations’ sensitive information. The
compromise of information stems from any piece of shared data, no matter if it
is public or private. “Companies and organizations are especially vulnerable
since they have a wealth of information from their employees” (Ubilla, 2016,
para. 4). Computer users with malicious intent can use phone numbers, social
media posts, location information, emails, credit card information, and many
other things to compromise an individual or information system. If a computer
becomes compromised, the organization or individual “…may suffer tremendous
trouble, stress, and financial loss…” (Lysecky & Vahid, 2017, Sec. 8.1).
Individuals and organizations can combat this threat by increasing user
awareness and improving security systems.
What is DoS and DDoS?
Different
types of attacks can be executed using ping commands; however, they can be
broadly categorized as a denial of service (DoS) or distributed denial of
service (DDoS) attack. In a DoS attack, an attacker denies legitimate users
from accessing a service by flooding the targeted system’s bandwidth (Yihunie,
Abdelfattah, & Odeh, 2018). DoS and DDoS’s difference is that DoS uses a
single machine to disrupt services, and DDoS uses multiple compromised
machines. Both of these attacks aim to crash a service by overloading the
network traffic to the system through access requests. Further dividing this
type of attack, volume-based attacks (UDP floods, ICMP floods, etc.), protocol
attacks (SYN floods, Smurf DDoS, etc.), and application-layer attacks (GET/POST
floods, etc.) are different ways to flood a target (Imperva, n.d.). UDP, ICMP,
SYN, and GET/POST floods use these different types of packets to overwhelm and
disrupt a target’s service. In a Smurf DDoS attack, the Smurf program exploits
vulnerabilities of the Internet Protocol (IP) and Internet Control Message
Protocols (ICMP) to bring down a target’s network. Overall, utilizing the ping
command, a malicious user can degrade and disrupt a system by sending multiple
access requests.
Computer
systems are inherently vulnerable to DoS and DDoS attacks because they take
advantage of how computer networks communicate (Weisman, 2020). Essentially,
these attacks exploit the way computers communicate and overwhelm the targeted
website, server, or network. Computers with minimal security systems have open
protocol ports that allow requests to come in. Further, computers cannot
distinguish between which requests are fake and legitimate; therefore, they
send a response. Since the IP address is spoofed, the three-way handshake
cannot be completed, and the connection is left open. Eventually, the target
system gets overwhelmed with requests and shuts down.
Symptoms
of ping attacks include slow or no service. Website downtime can have a
negative financial impact and introduce other vulnerabilities. Consequently,
these attacks cause some significant damage to a system. Server and hosting
issues may be one condition that could be experienced. The most dangerous
outcome is that your site becomes more vulnerable to hacks because all of the
systems are focused on getting the site back online. Most DoS and DDoS attacks
are precursors to much larger and more robust attacks. The end result is that
there is a substantial amount of lost time and money when these attacks occur.
Recommendations:
To
prevent any kind of security breach, a few simple implementations can make a
network more impervious to attacks. First, keeping the security software,
operating system, and applications updated allows simple patches for known
vulnerabilities. Second, utilizing trusted security software can help defend
against known malware that can compromise a system. Third, using a router with
built-in DoS and DDoS protection will boost the security of a system. Lastly,
using a website hosting service that emphasizes security will effectively
impede malicious attempts to compromise a system (McCollin, 2020). While these
are all hardware and software upgrades to defend a network, an individual or
organization must not neglect the fact that most incidents stem from human
error. Learning or implementing a program that teaches individuals how to
reduce human error is the most cost-effective solution to reduce compromised
systems. A great program will teach how to combat phishing and social
engineering attempts, create strong passwords, and make sure a system is
updated.
Email
spam and phishing are two of the most common ways to spread malware and for
malicious users to gain information. Email spam is mass-sent email that is
unwanted by a recipient (Lysecky & Vahid, 2017). Usually, spam comes in the
form of advertisements for products or sites and introduces malware when the
recipient clicks on an attachment or link. Similarly, phishing accomplishes the
same outcome by tricking an individual into providing sensitive information (Lysecky
& Vahid, 2017). Malicious users will use this information to take control
of user’s accounts and steal money. Educated computer users will be able to
identify spam or phishing attempts. A simple presentation or learning opportunity
conducted by individuals or employers is a great way to reduce the human error
rate of compromised systems.
References:
Imperva.
(n.d.). DDoS attack types & mitigation methods. Retrieved from https://www.imperva.com/learn/ddos/ddos-attacks/
Lysecky, S. & Vahid, F. (2017). Computing
technology for all. Retrieved from zybooks.zyante.com/
McCollin, R.
(2020, October 26). DDoS attacks explained: Causes, effects, and how to
protect your site. Kinsta Managed WordPress Hosting. Retrieved from https://kinsta.com/blog/what-is-a-ddos-attack/
Ubilla, A.
(2016, April 29). The importance of information systems security.
ITI Technical College | Technical Training | Associate Degrees. Retrieved
from https://www.iticollege.edu/the-importance-of-information-systems-security/
Weisman, S.
(2020, February 5). What are denial of service (Dos) attacks? DoS
attacks explained. Official Site | Norton™ - Antivirus & Anti-Malware
Software. Retrieved from https://us.norton.com/internetsecurity-emerging-threats-dos-attacks-explained.html
Yihunie,
F., Abdelfattah, E., & Odeh, A. (2018). Analysis of ping of death DoS and
DDoS attacks. 2018 IEEE Long Island Systems, Applications and
Technology Conference (LISAT), Systems, Applications and Technology Conference
(LISAT), 2018 IEEE Long Island, 1–4.
https://doi-org.proxy-library.ashford.edu/10.1109/LISAT.2018.8378010
No comments:
Post a Comment