IT (Information Technology) security, internet/cyber security: Types of threats explained and effective solutions.
IT security involves protecting data as well as the various systems that process data. When planning for information technology (IT) managers have to factor in various kinds of security such as Network (Internet) Security, Cloud Security, Application Security, Internet of Things (IoT) Security, and protecting computers and various other digital systems.
GET INSTANT HELP FROM EXPERTS!
- Looking for any kind of help on your academic work (essay, assignment, project)?
- Want us to review, proofread or tidy up your work?
- Want a helping hand so that you can focus on the more important tasks?
Hire us as project guide/assistant. Contact us for more information
Today, there is a dependence on IT and the Internet for information, communication, and even for shopping.
But in doing so, a lot of sensitive information gets transmitted over the internet, and so it becomes very important that all your data remains safe and doesn’t fall in unscrupulous hands.
Equally important is that your computer and network remains safe from all the malicious code that are designed to make your computer / network unusable. These can cause a lot of harm, considering the amount of personal information that is stored on computers and the various systems.
A firm wants their computers and various systems to be accessible at all costs.
What is Internet Security?
By definition, internet security is a branch of computer security that deals with Internet-based threats specifically.
And what does it include?
It can basically cover many more areas, such as:
- Unauthorized access to computer systems, email accounts or websites (known as hacking)
- Dealing with various kinds of Attacks
- Dealing with viruses and other malicious software (malware)
- Dealing with identity theft
- Encryption Methods
- Computer Forensics, and more
As you can see, there are several threats against which you need to guard your computer / network. And that is what a strong Internet security solution is supposed to safeguard against.
Internet Security: How Does It Work?
So how does internet security work on any computer or for offices? What are the suite of software programs and hardware that you need access to, in order to get the best protection?
If you know how a computer works and if you spend considerable amount of time on the internet, then I’m sure by now you have probably realized that the internet, by nature, is not really a secure place.
We all have experienced the menace of viruses and other malware on our computers and network. The worst part is that many more of these viruses keep on getting discovered every month, and there are hackers who are always trying to sneak into your network to get access to your personal information.
So how should internet security work on our computers / network?
Here are the tools, software and hardware that you should ideally have as part of your internet security suite.
- Browsing software with the latest patches installed
- Install & configure a firewall
- Employ better/safe surfing practices
- Access to Good anti-adware, anti-spyware software program
- Best is to get a complete internet security
GET INSTANT HELP FROM EXPERTS!
- Looking for any kind of help on your academic work (essay, assignment, project)?
- Want us to review, proofread or tidy up your work?
- Want a helping hand so that you can focus on the more important tasks?
Hire us as project guide/assistant. Contact us for more information
Internet security comes built-in to some browsers, but also includes personal firewalls and software for anti-viruses, anti-adware and anti-spyware. Learn how Internet security keeps computers and information safe with a computer specialist in this free video tutorial on Internet security.
Malware are malicious code that is embedded in various applications, which gets downloaded on your computer, through various means, and with or without your knowledge.
Most recent laptops and browsers do come with security features, and in some cases a personal firewall too, but the best to deal with this problem is to get a complete internet security suite. And always be suspicious of things on the internet.
Types of Internet Security Threats
Let’s take a look at the Types of Internet Security threats, so that you are well prepared to tackle each of these, and make your computer / organization network safe.
Most users tend to use the terms “Virus”, “Spam”, or “Crash” to address any of the problems that they might encounter on their computer or network.
However, technically, there are various types of internet security threats, each with different characteristic, that any computer network could face.
Data Breach
This may seem to be a minor one, but attackers can use this data to create more havoc.
The intention of stealing personal data (such as email addresses, birthdates and encrypted passwords) is to get potential exposure to various forms of identity theft.
In the following months the attackers can use the same to engineer compelling phishing attacks.
Most users don’t change their passwords frequently, and with so many mails (offers) in one’s inbox, you could easily click a forged email thinking its a genuine one, and taken to a malicious site.
Viruses
These spread by duplicating themselves within the programs they find, and can spread quite fast over the network.
Adware/Malware
Malware delivery from a malicious URL is a common mechanism to deliver malware. Other methods are app repackaging for mobile devices, and smishing.
The first takes a genuine app, alters it for bad intent, and then redistributes it via a different channel. Smishing is the use of “unsolicited” text messages that prompt users to provide credentials.
Most of these install by themselves on your computer, without your knowledge, and can potentially send sensitive information back to the creator of the malware.
It’s always best to have an up-to-date anti-malware software, and also ensure improved visibility of the various mobile devices that connect to the corporate network.
DOS Attacks
Denial-of-service (DOS) attacks are where the computer / network resources are clogged so that the user cannot carry out the normal functions.
DDoS attacks (Denial of Service) are disruptive attacks, and the attacker can actually use the account credentials stolen by the malware distributed after a data breach. This is especially true of attacks on banks where fraudsters can get access to a group of accounts, perform reconnaissance and money movement activities and then immediately launch a DDoS attack in order to create a diversion.
Spam
Almost everyone has encountered these. Spam, or unsolicited commercial e-mails, can be serious threats because most viruses arrive as attachments and trick people to download them.
Information Theft
This involves stealing your identity, bank account numbers and passwords. This can be done either from your computer, or from databases of customer information maintained by companies.
Mobile Threats
Smartphones are becoming more and more powerful, its like having a personal computer in your pocket.
Without a proper device recognition and detection system in place, the mobile channel is seen as a weak link by most security experts. The statistics involving mobile threats seem to prove this point.
Industrialization of Fraud
It simply means automating the fraud process. After all, almost everything can be automated so why not attacks? Standardization of fraud software building blocks and data formats, also makes it easier to collaborate and exchange information between fraud rings.
With automation, criminals can easily do hundreds or even thousands of mini frauds and still get the same financial return as a few large ones, however by staying small they are more likely to bypass the banks’ fraud detection systems.
Though Data Breach, Malware, DDoS, Mobile Threats & Industrialisation of Fraud are different kinds of threats, you can see that they all could stem from that initial data breach. And that is why its more important than ever for consumers & institutions to take all the necessary steps to deal with even minor breaches.
Computer Protection & Internet Security Software
It is common for families to own computers, tablets and smart-phones, these devices are connected to the internet and also store lot of our personal data and information such as documents, files, pictures, software and even other sensitive information such as passwords. No wonder then that most cybercriminals are targeting more and more people. Protecting all your devices is crucial to ensure all personal information says safe.
An all-in-one computer protection software offers protection for various computing devices such as tablet, laptop and a desktop, using one license These offer one license to protect all your computing devices.
That is also advantageous because having a similar computer security program keeps a familiar and consistent interface across all your devices.
You can even use these with Apple products such as MacBooks, iMacs, iPhones and iPads. Though Apple devices are less likely to being infected with malicious malware, if you use them heavily and store lot of important information, it is better to be safe than sorry.
Types of Internet Security Software
There are various types of internet security software available to deal with the numerous malware that can infect a computer / network.
Nowadays, you do get compete internet security software that provides a holistic security solution to deal with all kinds of threats. But then most users may not choose to buy one because of the high costs, or may choose to use only certain modules of it.
Some users may have older versions, where you had options to choose what type of internet security software you wanted, so it may be effective against only certain types of threats.
Here are the most common types of internet security software available.
Anti-Virus / Anti-Spyware Software
This is the most popular one, and has been around for some time! This is quite effective for removing the downloaded malware on your computer.
Depending on the package you choose, it may or may not provide real-time scanning and may not prevent malware from being downloaded on your computer.
Ad / Pop-up Blockers
Not long ago, unwanted ads used to be a menace where several unwanted windows would popup from nowhere, and install viruses and other malware.
That is when Pop-up blocking software started becoming quite popular, and was considered an essential component of any security solution.
However, all recent browsers come with a built-in popup blocker that prevents pop-up windows from showing up.
Firewall
Internet security is not just about getting rid of the malware from your computer; it is more about prevention than cure.
And that is where a Firewall is quite effective; and that is to prevent malware from downloading to your computer.
Firewalls are also good at preventing unauthorized users from accessing your network, so these are a must for networks. Basically, you can configure a firewall to abort any connection that does not seem to be part of a pre-defined or custom “white list” of approved connections.
As you can see, depending on your requirements, your budget, and the level of security you want to provide, you may choose one or all of the above. Most internet security suite nowadays includes all of these components.
Personal Firewall Software
A personal firewall software program is an effective way to keep intruders away and keep your personal computer or laptop safe. A Firewall Software Program can be used for Enhanced PC Security and Protection.
Antispyware and antivirus software programs, though effective, are reactive. A pre-emptive measure is to install a firewall. With a personal firewall software, your computer can be accessed only through specific ports.
Having a personal firewall software on your computer is adding another layer of safety so that you have more control over what goes out and what comes on.
The primary function of a personal firewall software program is to prevent identity theft. A firewall is like a security system that you install at your home. You can enter the computer only through specific ports (like doors).
So if someone is trying to interfere with your computer without your permission, a personal firewall will alert you and in most cases take one of the many pre-determined actions.
Personal firewall software differs from software programs like antispyware and antivirus in the sense that a firewall allows access to a computer only through specific ports. So it basically prevents unauthorized access to your computer rather than trying to clean something that has already entered your computer.
Here is what you should look for in the firewall software.
- Should include tools to manage spyware, cookies and viruses
- Should by Ease to Use
- Setup Ease – Installing should be simple and fast
- Should be reliable and consistent, without clashing with any other software
- Should provide enough Help / Support
The popular personal firewall software programs include Norton, McAfee, Symantec, and Iolo. Keeping intruders away is easy with these programs so you can keep your computer and laptop safe. Makes sure that your personal firewall software includes tools to detect spyware and viruses.
Challenges with Firewall Software
Most experts prefer hardware over software as they feel that it is possible for hackers to manipulate the firewall if it is software based. Besides, if it is incompatible with any operating system it may cause the system to become unstable. But then these are true for most software programs and manufacturers continue to make their software more robust to deal with these eventualities.
Although initially, it is quite possible that you might get irritated with the several messages that keeps popping up to alert you, over time you can configure the firewall software to suit your needs. With this software you can easily monitor and even regulate all incoming and outgoing Internet requests.
How to Prevent Cyber Fraud
Here are some tips that will ensure you’re not a victim of cyber fraud, and the steps to take in case you think someone has unauthorized access to your credit or debit card.
Financial Transactions
Here are some Credit / Debit Card related steps that you should follow:
- The first thing to do, if you think someone has got unauthorized access to your bank or debit card, is to notify the bank or the credit card provider immediately. Don’t delay it; the longer you wait, the more difficult it can get to resolve the situation.
- It is best to scratch out the CVV number at the back of your card (you’ll need to remember it though). Also sign the strip on your credit/debit card so that it becomes difficult for anyone else to use it.
- If you’re just back from a foreign trip, its recommended that you check with your bank to ascertain if you need to apply for a replacement card, as the stringent authentication methods used, usually work only locally.
Online Best Practices
Here are things that you should ascertain / avoid when online:
- Check for SSL (Secure Socket Layer) or “https” security (look for padlock icon) on the banks login page, before proceeding with any transaction. It indicates that the site is safe for online transactions.
- Do not give out confidential information such as passwords, PIN, CVV, DOB, even if it comes from those representing the bank or from government authorities.
- Avoid accessing the banks URL from an email; rather type the URL directly in the browser. Hackers can create authentic-looking websites (see Phishing). Similarly, be wary of emails that ask you to update your bank account details.
- Update your operating system for security patches, use a good anti-virus / internet security program and ensure its updated with the latest patches. Avoid accessing your bank details from a cybercafe or a shared computer; always use your home computer for security reasons.
- Use passwords that are lengthy and contains a mix of different types of characters. Avoid using birthdates or names of loved ones.
- Don’t reveal lot of personal information on social sites, as hackers can use that information to lure you to reveal more information.
How to Set Strong & Secure Passwords
Examples of Weak Passwords
- Your loved one’s name (all in small characters)
- A word that appears in the Dictionary – “country”
- A word that closely resembles a Dictionary word plus a number, such as “country123”
- Has fewer than 8 characters
Examples of Strong Passwords
- Combination of alphabets, digits and special characters for strong passwords
- Make it more complex by using upper and lowercase letters.
- To keep your password more safe, change it every few months.
Use Special Characters
You may make your own rules when using these, but here’s how you can use special characters when choosing a password.
- Replace all the ‘a’ with @
- Replace all the ‘s’ with $
- Replace any space with %
- Replace any ‘o’ with 0
- Replace any ‘i’ with !
Default Passwords
Default passwords are passwords which are created by default, either automatically by the software or when the software was installed.
They can be handy in certain cases:
- If the admin password of your NT box was forgotten, it would be easier to use the Default password instead of carrying out password cracking.
- If the BIOS password was forgotten and you are not able to get windows started, then it’s easier to use the Default password instead of replaying the CMOS chip.
What Is Encryption?
Encryption and commonly used algorithms that are used to create a new version of the data, so that it is seen as junk to everybody who is not concerned with the data.
Everybody uses computer nowadays, and even the most sensitive information are sent over the computer and the network.
But then, how do you ensure that the data being sent, doesn’t gets discovered by someone who is not supposed to see it?
One of the most common ways is to encrypt it.
And this method has been used for ages now.
So what exactly is an encryption?
It is basically an algorithm that takes data and transforms that into a new version of data.
The intended recipient of the data should know what algorithm was used so that he/she can transform the jumbled data back to the original data.
The algorithm is also known as Cipher or the Key.
Is there any way to figure out the original data?
It is very difficult unless you know the key to decrypt the text or the information.
There is no easy way of figuring out what the original information is.
However, with so much computing power available today, you could figure out the original information by using some sort of “Brute Force” technique, where you go through each letter of the decrypted text and try to guess the original.
And this is why even the encryption techniques are becoming more sophisticated.
So this is basically what encryption is.
What Is Cryptography?
Cryptography is the science of information security. Learn more about Cryptography here.
Cryptography is derived from the Greek kryptos, which means hidden. Its the practice and study of techniques for secure communication, in the presence of adversaries. Cryptography includes the study of principles, means and methods for the transformation of data, in order to hide its information content, prevent its undetected modification or unauthorized use.
How Does it Work?
Nowadays cryptography is associated with scrambling plaintext (ordinary text/cleartext) into ciphertext (using a process called encryption), and then back into plaintext (known as decryption). Experts in this field are known as cryptographers.
The ability to securely store and transfer sensitive information is a critical factor today for success in war and business. Some of the best minds — mathematicians and computer scientists are working in this field today.
Cryptographic Algorithms
Secret Key Cryptography (SKC) and Public Key Cryptography (PKC) are types of cryptographic algorithms.
- Secret Key Cryptography (SKC): Uses a single key for both encryption and decryption.
- Public Key Cryptography (PKC): Uses one key for encryption and another for decryption.
Rubber Hose Cryptanalysis
In cryptography, rubber-hose cryptanalysis means the extraction of cryptographic secrets (e.g. the password to an encrypted file) from a person by coercion or torture (as opposed to using a mathematical or technical cryptanalytic attack) — such as beating that person with a rubber hose.
Several countries in the world routinely torture people (as per Amnesty International and the UN) so its logical to assume that at least some of those countries use (or would be willing to use) some form of rubber-hose cryptanalysis.
In practice, psychological coercion can prove as effective as physical torture. Not physically violent but highly intimidating methods include such tactics as the threat of harsh legal penalties. The incentive to cooperate may be some form of plea bargain, such as an offer to drop or reduce criminal charges against a suspect in return for full co-operation with investigators. Alternatively, in some countries threats may be made to prosecute as co-conspirators (or inflict violence upon) close relatives (e.g. spouse, children, or parents) of the person being questioned unless they co-operate.
Rubber hose cryptanalysis, are often the easiest way to defeat cryptography.
GET INSTANT HELP FROM EXPERTS!
- Looking for any kind of help on your academic work (essay, assignment, project)?
- Want us to review, proofread or tidy up your work?
- Want a helping hand so that you can focus on the more important tasks?
StudyMumbai.com is an educational resource for students, parents, and teachers, with special focus on Mumbai. Our staff includes educators with several years of experience. Our mission is to simplify learning and to provide free education. Read more about us.
Leave a Reply
You must be logged in to post a comment.