Threats To Ict System And Organisations Information Technology Essay
Scanners – Various methods are used by people to attack systems using scanners. People are able to download scanners from the internet in order to scan addresses and obtain information about TCP ports. People can discover IP addresses by mapping using DNS. Hackers use this potential tactic assuring what systems are active and available to hack.
Range of addresses – This is a scanner which is very simple, visual and fast at scanning as it searches for a range of addresses.
Deep probe – in order to reveal essential information of a device then completing a deep probe is the useful way moreover, it can also be used when there is a remote fault.
Scanning a wireless system – If there is no encryption can result wireless systems to be very vulnerable. When looking at mobile networking, wireless access points need to be established as they can be accessed when connected to the laptop, PDA, or mobile. Windows has a feature that contains a tool that can allow you to click on a network icon for your wireless network connection.
ARP poisoning – Within the system these are known as switch based networks that are very secure as they create micro-segments. However, there is still an issues of attack in many networks. In order to tackle this problem, the memory must be monitored of many network by checking MAC address as they appear in locations more than once: here is a diagram to help your understating
Man in the middle
Magic disk – are known to be boot disks that can be downloaded on the internet for the purpose of restarting the computer and subvert the operating system. There are some very good magic disks for instance the ultimate boot CD that can resolve issues of viruses and Trojans moreover, drive, hardware and operating system failures. In order to avoid anyone using a magic disk it is vital is password lock the BIOS and also USB sticks, floppy disks and CD/DVDs should not be used as boot devices.
Key loggers – Key loggers are applications that are used to record key stroke also can be used for mouse activities then interestingly sends the information to a file or in some case that are often used remote network location. There are very difficult to track as they are hidden but can be found using anti-virus software application. If suspecting there is a threat, run a protocol scanner, which works by looking at contents of every data packet.
Access causing damage to data or jamming resources
Unauthorised access to software can result to damaged data or restricting resources. There are attacks that can access systems without the need of damaging however, an intrusion can always have an effect on the system.
Virus Attacks – in all computer systems, virus attacks can occur when rogue code has entered in to the system. Viruses work by hiding themselves in ordinary executable code. They can damage the system by opening and closing the CD/DVD door, swapping key responses or can spread themselves by self reproducing and can serious damage the hard drive. There are virus scanners which will detect a virus by opening the file and scanning the code.
Trojans – Trojans are programs with a hidden identity and seem to look as a program or a file in which it can be normal or harmless to your PC.
Worms – Worms have a process of forwarding through the use of emails from the data of your contact list.
Piggybacking, Tunnels and probes – Knowledge is required for data for when forging data or spoofing and that knowledge network programming languages ranging from; Java, C++ or VB.NET. Hackers have the ability to hand craft a data packet in order for an application to be forced or information given away by server, lead to a service attack or piggyback/tunnel in which that happens into a system via an acceptable protocol.
Phishing and Identity theft – This is a recent developed method that allows unauthorised to systems. Phising works by luring people into showing their personal information in which this is done through social engineering for instance; when you receive emails supposedly to be from banks saying ISP etc. asking you to follow this link to lead you to their site in order for you to change your details in which that can be a HTTPS which that can be in operational.
Natural Disasters – Natural disasters can occur to many systems ranging from power outage, flood or fire leading to serious major damage. Organisations have computer systems that are specifically built to cope with these series of issues. The disaster policy have several ways to implement the following:
Remote storage of all data to be done in daily back up
Duplication of critical servers
Malicious damage – constantly there are malicious damages occurring internal and external to systems. Malicious damage can be caused by external hackers. The hackers then attack the systems. There are many security ways of preventing this however, hackers always find a way to do what they do best.
Technical Failure – There is always technical failure that occurs a lot now at days for instance when sever storages are lost, or bad internet connection that can cause disruption to the whole organisation. The large use of network technology for instance voice, video and CCTV can lead to a commercial damage and disrupt the security of the system.
Human Errors – Human errors occur unpredictably however, it does happen very frequently due many things for instance being forgetful, ignorant, or having lack of knowledge. This then results to system failure. Users can forget to back up data which then leads to loss of data is something happens to the system etc.
Theft – An Organisation or individuals can be damaged heavily in which that can be long lasting impact due to theft of data. Theft occurs in the cyber sense in which that is known as to be hacking, or physically removing data by CD/DVDs, memory sticks etc.
Integrity and completeness of data – This is a critical matter integrity and completeness of data as damaged can be caused if there is incorrect data. Incorrect data can result to distress and legal action especially the data in medical records, police systems as well as credit reports. You need to have appropriate people to check the data correctly maybe of customers or personal details by asking a colleague or customer to check if correct.
Systems can be safe with the latest the latest anti virus and firewall however, that is all useless if anyone can have access to the sever room and manages to get critical data on to a USB memory stick by copying the data. In organisations there should be security features that need to be present; lock and key security, equipment identificatyion, CCTV, Detection of intrusion etc.
Lock and Key Security – There is a need to secure devices such as laptops by inserting a padlock chain. In buildings there are many locks and key systems that operates a system that is master/submaster system.
Equipment Identification – this involves stolen properties identified for instance if a computer from school/college is stolen, it can be identified from the marking clearly showing ownership and origin which can lead to prosecution. Equipment can be identified through the use of indelible ink which labels the property of the owner in which it is invisible and ultra-violet sensitive ink.
CCTV (Closed circuit television) – This involves cameras used 24/7 in monitoring people or events. There are several advantages to its use for instance, central centres that are centralised can be monitored, a record of 24/7 events are maintained, and lastly mentioning that CCTV is at present to prevent bad behaviour to occur.
Intrusion detection systems – intrusion detections are used by many organisations which can detect human presence in many ways. The operate through various ways for instance, body heat is sensed by passive infrared, detect many movements through the use of microphones, doors and windows have circuit breakers for access etc.
Staff visitor identification systems – many from small to large organisations have systems that can identify staff or visitors in order to prevent unknown people to access. People can be identified through the use of identity cards in which it is a must for everyone in the premises to wear them.
Biometrics involves the use of finger printing to recognise, retinal scans and voice recognition.
Fingerprint recognition – this biometric form is commonly used in detecting in crime scenes. Our fingers contain a water solution which enables the detection on finger printing to work. There are several scanners that finger prints by detecting ridges in our fingers. Finger printing can also work in identification for passports and visa.
Retinal Scans – The retina is located at the rear of the eye and it is very similar to a finger print as it contains unique configuration. However, there is a difference between them as a finger print can be changed when the skin is removed through cuts or burns whereas it is impossible for the retina to be changed unless someone attempts to tamper with the eye bow which is highly unlikely.
Iris scanning – This is another unique identification eye method which is the iris. The difference between the retina is that the iris can be scanned when the recipient is wearing glasses or contact lenses.
Voice Recognition – This form of biometric is not being commonly used as voice can change due to various reasons for instance if someone is ill, stressed or has a throat infection that can affect someone’s voice.
Software and network security
Organisations all need to have security, techniques to manage data and technologies in order to combat intrusion and superverion of computers that are networking to prevent data being damaged or resources being affected.
Encryption – Encryption involves the conversion text, images and media information in to a format. RSA encryption is a Ron Rivest, Adi Shamir and Len Adleman in they are mathematicians who enforced the public/private key encryption through the use of prime numbers. In encryption there are many ciphers that exist for instance Caesar cipher, in which relies on simple key of changing one letter with the letter a fixed number of places down the alphabet. The operation of this works by using shift of four places meaning A becomes E and B becomes F etc. DES (Data Encryption Standard) is a cipher uses key 56 bits in length in which this can be mathematically explained. A public/private key can be used by RSA encryption; with an example of how the security certificate is issued by a website. As the creation of a key is done the certificate is a public key part of the exchange.
Call back – Dial up systems use call back where remote workers or network administrators are able to dial into a network or devices that have network and it will then call them back. In order to call back the number is pre-configuared. Users are unable to connect from any location but only the ones which are trusted and registered lines.
Handshaking – When data is being sent through a medium in WAN systems it in which it is not trusted, in order to obtain the trust the devices are each tested in a challenge as it carriers username and password in order to indentify the device.
Diskless networks – There are common ways data is stolen for instance when data is transferred from a computer to a mobile device storage.
Backups – Backing up data is important in order to restore critical data to assure that it is safe and secure, if data is not backed up very frequently will result the organisation loosing data in which that can be costly.
Audit logs – Audit logs are used for the purpose to keep records of network and database activity to also have a record of who has done what, when they did it and where. There are various purposes for instance, to maintain records that are detailed on how many systems are being used. Syslog is a commonly used system that is able to store simple, auditable records system activities.
Firewall Configuration – This enables users to be able to remove filters depending on various conditions: IP Addresses: Every machinery running of the internet each has an assigned address called the IP address. The IP addresses consist of 32 bit number and can be understood as octets in number which is decimal dotted. Domain Names: The sequence of numbers that produces the IP addresses can be hard to be remembered since a change of IP addresses tends to occur. Norton Security has a firewall as well as the Norton 360.
How to check your FIREWALL settings
Windows has a firewall that can be configured through control panel by opening it.
The exceptions tab need to be selected and you will view a list of automatically configured expectations.
You then select the add pot option.
Virus Protection software
Firstly, computers can be a victim of virus, worms and Trojan attack from the internet access as well as emails. There are various ways of protecting the computer from such things which are sadly created by virus writers
A virus scanner can only be used when the user initiates it. There is a virus start up scanner that begins to run as soon as the booting process begins by checking for sector viruses. A memory resident scanner software checks for incoming emails as well as browser document by doing an automatic check on the environment of the computer. There are various types anti viruses all ranging with different abilities and some are much more secure than others and can be downloaded on the internet. These anti viruses can work through doing file emulation, file analysis, Heuristic-based detection, Malicious activity detection and Signature based detection.
An anti virus basically examines the files for known recognisable viruses through the virus dictionary as well as to identify unrecognisable activities of behaviour in the computer to see if an infection may be occurring. A virus dictionary consist of list of viruses known and to be put by the producer of the software and so when an anti virus detects a virus it then refers to the dictionary to confirm, then initiates the deletion of the infection or it can quarantine the virus in order for it not to be accessible to other programs as well as stopping it from spreading or the attempt re-creating its self. Anti viruses also consist of suspicious alert in which it immediately alerts the user if it is suspecting or has suspected of a threat occurring then it ask the user if they want to proceed or what to do. The most destructive and spreads widely is argued to be the macro viruses, and mostly affects Microsoft as they need to overcome their security flaws in the out look in order to prevent this destruction occurring to the documents. A common way how viruses normally access the computers is through networking of local networks even through the internet by going through unprotected security patches which can be holes in the software or having an infected sent thought the use of email, downloads or disk sharing. Some of the viruses may set in to Excel or word file or has been created to initiate through email, and as soon as the computer it is infected it can carry on its destruction to other computers without the awareness from the user. Anti virus software updates are highly vital as new viruses can be created and the older softwares may not be able to protect you from it.
VIRUS – It is called a virus because it spreads everywhere and enables data to be deleted as well as corrupt files.
WORM – Worms have a process of forwarding through the use of emails from the data of your contact list.
TROJANS – Trojans are programs with a hidden identity and seem to look as a program or a file in which it can be normal or harmless to your PC.
POLYMORPHING – This is a clever ability a virus has for when changing it’s appearance, size, signature for every turn it attacks the computer because it makes it difficult for a virus software to recognise it.
VIRTUAL PRIVATE NETWORKS (VPNs)
Organisations are able to communicate from site to site in a public system through the use of VPN for instance the internet, via tunnel in which that is the route for all encrypted traffic. VPNs have a trusted connection on a system that has not been trusted.
Managing passwords is very essential, organisations must ensure that the protection of the password is very safe to prevent troublesome. If the password is forgotten will lead to many problems.
The password must not be written down
Change the password for at least every 3 months
Put a very strong password
Software update is very important as it ensures that the system is safe from possible faults and vulnerabilities from various application. When the software updates it is an automatic update in order to remove the need of worrying on the update of the system.