Respond to the following List your top five most dangerous

Respond to the following:

• List your top five most dangerous types of network attackers and the type of network attacks each will most likely use.

• How can businesses mitigate the threat from the type of attacks you have identified?

Solution

Top five most dangerous types of network attackers and the type of network attacks

1. In the top spot on the list of security threats must go to viruses. According to a survey, 72% of all companies received infected e-mails or files last year and for larger companies this rose to 83%. Worms and Trojan horses share the first Place in malignancy

2. The after-effects of viruses are so dangerous that they take second place. The vulnerability here is the back doors viruses leave in their wake, or the chinks in the corporate armour that later generations of code can exploit.

the worms that turn PCs into remote mail servers and send cascading volumes of e-mails that cause denial of service attacks. These attacks are becoming more sophisticated.

3. Hacks, and application-specific hacks in particular, have become even smarter. Many companies are alert to the threat posed by so-called buffer overflows, the techniques by which web servers are overloaded causing a denial of service attack. But the new kid in this category, and the one the security industry is talking about, is the more advanced SQL injection.

SQL injection forces a database to yield otherwise secure information by causing it to confuse classified data, such as passwords or blueprints, with information that is for public consumption, such as product details or contacts. It is hard to do but, according to the experts, there are plenty of hackers up to the task and plenty of customers ready to pay for the service.

4. Phishing, or identity theft, is most commonly targeted at bank customers but everybody should be alert to it. The bank users receive an e-mail as if from the bank asking for their log-on and password and, according to a risk specialist company, less than half of 1% of customers oblige, a significant figure if millions of e-mails are sent.

A more sophisticated version of phishing, cross-site scripting, is on the rise, where users are driven to an identical but fake version of the bank\'s website and are lured into handing over confidential information unawares.

5. Blended attacks are combinations of two or more of the above and are doubly alarming. The solution to protecting a company against these attacks is to combine the piecemeal security systems that protect against each kind of threat.

How can businesses mitigate the threat from the type of attacks you have identified?

Most of the measures companies can take to protect themselves are reactive, and anti-virus patches and firewalls are now, for the most part, implemented as standard. But these are responses to known attacks, rather than an anticipation of the unexpected. They do nothing to thwart the activities of worms that turn PCs into machines from which further attacks, such as mass e-mailing, can be launched. Nor can they deal with the more sophisticated hacks, such as SQL injection. To combat this level of threat, additional security must also be in place.

This security can be grouped in three layers. The first layer scans IT systems for suspect activities by using intrusion prevention technology and by monitoring anomalous requests. For example, SQL injection often works by sending unusually long search strings to database query tools.

A second layer is added when defences are integrated. For example, if a virus is known to open up a back door, the anti-virus system should not only search for the virus but also for the back door. Alternatively, it must prompt the firewall to stop entry through the back door. This is a complex process to carry out across enterprise-wide IT systems, and so experts advocate the installation of security management systems.

The third layer is good risk assessment. Online systems inevitably bring a degree of vulnerability along with excellent business opportunities, so internet security should be built into the company\'s calculations. If the business can understand which systems are most vulnerable, protective measures can be taken to cut the risk. That is the essence of dealing with external security threats.