Post #6 – Network Security

 As we learned in our textbook, computer security prevents unauthorized computer access. That includes viewing, changing, or deleting data or computer equipment without authorization. When any of these happen, it is known as a security breach; some examples include a compromised email account where emails or pictures are viewed, or emails are sent without your knowledge. This is not limited to email accounts and can include business information as well. (Vahid et al, 2019,  Sect. 8.1)  

According to Fortinet, a company involved with network security, “digital acceleration has paved the way for business efficiencies, cost reductions, and productivity improvements. Yet, it has also led to an expanded attack surface across the growing network edge. From local area networks (LAN) and wide area networks (WAN) to the Internet of Things (IoT) and cloud computing, each new deployment results in another potential vulnerability.

Worse yet, increasingly sophisticated cybercriminals are exploiting network vulnerabilities at an alarming rate. Malware, ransomware, distributed denial-of-service (DDoS) attacks, and countless other threats are challenging IT teams to fortify their defenses.” (Fortinet, n.d.)

 

 Cyber, or online, criminals are expanding their reach using the above methods and more.  The ping command that was previously studied can be used in a DDoS attack in sufficient numbers. Mostly used by what are known as botnets, this means that many computers are taken over by hackers and used to send requests to a single entity until it reaches a saturation point and cannot respond to actual requests.

            A security hole, also known as a vulnerability, is an aspect of a system that can be used to breach security. Operating systems [OS] commonly have existing vulnerabilities. Once discovered, makers want to update the OS quickly to close such holes. Thus, all computer users are advised to keep their OS updated, not only to gain new features but to close security holes. Many modern operating systems (Windows, MacOS, Apple iOS, and Android) either let users know an update is available or allow the user to check for updates from a menu option. (Vahid et al, 2019, Sect. 8.1)

            This follows quite nicely with keeping an anti-virus [AV] program up to date. Viruses and malware are small programs that have been installed and run without the knowledge of the equipment user. A computer with a virus is said to be infected and can be used for illicit tasks, such as stealing information on the computer, encrypting the data on the computer as hostage, or even deleting data. Most commonly spread through infected email, viruses can be obtained by visiting websites and being tricked into downloading an “innocent” file, such as a free game or music/video files. This file then runs a small hidden application that keeps it hidden from sight unless you are really looking for it. (Vahid et al, 2019,  Sect. 8.2)

            Another growing method of security bypass is “phishing.” This can be done from a website you visit or be delivered to your email inbox. Essentially, it is a document to trick the user into divulging banking or security information that can be used to take over accounts. “In recent years, there has been a growing number of various network attack incidents, resulting in significant economic losses and disruptions to daily life. This has led many experts to increasingly emphasize the direction of security prediction.” (Le, et al., 2024) You will find countless companies around the technology sites advertising anti-virus or malware scanning and treatment. Every company proclaims they are the best alternative and have the most up-to-date scanning algorithms.

            Most of the security breaches have to do with human interaction.  Whether it is not paying attention, just not knowing the correct way, or even wanting to damage a system or company, people start the process of malware or virus infection of the system. Network strategies that can be engaged include network segregation so that infected computers have a limited influence area. It is recommended that separate networks be created for safety Instrumented Control Systems [ICS], business systems (administrative tasks and email), and external connections (internet). This will isolate systems from potential breaches in other networks. Demilitarized Zone [DMZ] computers are used when two networks must be bridged, with strict access controls and firewalls to protect each side. Installing endpoint protection software on all networked devices, which includes anti-malware, anti-virus, and whitelisting application capabilities as needed. (Urs et al., 2024, p. 2)

 

References

Fortinet. (n.d.). What is Network Security? Retrieved from Fortinet.com: https://www.fortinet.com/resources/cyberglossary/what-is-network-security

International Computer Science Institute. (n.d.). Teaching Privacy. Retrieved from https://teachingprivacy.org/youre-leaving-footprints/: http://teachingprivacy.icsi.berkeley.edu/youre-leaving-footprints/

Le, G., Wang, Y., Li, S., Yang, C., Yang, Q., & Yuan, Y. (2024). Network Security Prediction of Industrial Control Based on Projection Equalization Optimization Algorithm. Sensors, 24(4716), 2-23. doi:https://doi.org/10.3390/s24144716

Urs, P., Muresan, V., Hulea, M., & Sita, V. (2024). Enhancing Network Security for Automated Processes in Nuclear-Electric Power Plants. 2024 4th International Conference on Electrical, Computer, Communications and Mechatronics Engineering (ICECCME). Male, Maldives, Maldives: IEEE. doi:10.1109/ICECCME62383.2024.10796893

Vahid, F., Lysecky, S., Wheatland, N., & Siu, R. (2019). zyBooks TEC 101: Fundamentals of Information Technology & Literacy. Retrieved from www.zybooks.com: https://learn.zybooks.com/zybook/TEC101:_Fundamentals_of_Information_Technology_&_Literacy_(TED2450B)