Spyware is almost exactly as it sounds, a spying program. This type of malware will record the users input and transmit it back to the hacker to access at his leisure. This type of spyware is called a key logger and can capture interesting information such as user names, passwords, credit card numbers and email addresses. The more advanced versions of spyware can siphon off network data that will allow the hacker access to files, encryption keys, and other sensitive information. The final malware I will cover is the zombie.
Cyber terrorists can be motivated to target organizations that will result in the radical’s group to cause the most harm and/or receive the most attention for their party. Cyberterrorists use the internet to spread propaganda and enlist new members and use DoS/DDoS attacks to cause disruption to companies that represent actions against their belief’s (Vacca & Rudolph, 2011). Cyber terrorists can also steal information to be used for self-serving strategic purposes. Kostadinov (2012) makes the distinction between cybercrime and cyberterrorism in that the latter should resemble terrorist attacks via traditional methods but perpetrated virtually. Kostadinov goes on to note that most cyberterrorism actions are generally focused on website sabotage and email blasting.
Some measures to help in information security could be aimed to data encryption, passwords, software, network security solutions and service companies offering voice encryption. Companies provide devices to the employees with a confidentiality policy on the use of such devices and the capability to store information. As competition grows confidentiality with company's data could create loss of confidentiality if data becomes compromised. Total security is not possible, only adoption of measures can prevent attacks on devices to protect information. The user is the greatest security treat, users lack common
Ping Sweeps and Port Scans: Danger or Not? Guillermo Reveo Turnbull DeVry University SEC 280 Principles Information Systems Security Professor: Gregory Gleghorn May 11, 2015 Ping Sweeps and Port Scans: Danger or Not? The Information Technology world is constantly evolving with the passing of each and every day. As developments arise that add to the advancement of the various enterprises, there is still a growing concern for ways to protect intellectual property from being invaded by intrusive attacks employed by individuals or groups seeking to compromise the network security of many companies using some of the most clandestine approaches. The only intent is to wreak havoc at any possible moment.
Internal attacks can be more difficult to find as attackers have the potential to remove any evidence of the attack more easily as they have more knowledge or access rights on the system as opposed to an outside attack. Attacks can be administrated via removable devices such as a USB that could contain some form of malware on it such as a virus. Most internal attacks are conducted by unhappy employees who want to disrupt the organisation by using the knowledge they obtained in the organisation, against the organisation. Additionally, the employee may want to gain access to important data in order to infiltrate and sell the information onto another competing organisation. The
He can use the names or phone numbers listed in the DNS to gather more sensitive data. Internet Protocol Address range can also be of useful to the attacker. By knowing the IP range, the attacker can port scan and identify active machine on that network. Although IP address range finding is imposable to protect from hackers, there are still counter measures
McBride should make sure that their website is properly optimized for search engine so that consumers can easily search and find their website. McBride should also make sure they do not participate in unethical techniques like email spamming, website phishing or keyword stuffing (the practice of loading a webpage with keywords or numbers in an attempt to manipulate search engine results (Keyword Stuffing, n.d.)). These types of tactics can have a negative impact on the reputation of
Port scan is as the name implies, a scan of the open ports on each computer of the network to define which ports are open and what services are running on them. This information can be used to set up an attack on the network by allowing the hacker to bypass vulnerability in the software being run or on any open ports that can be used to gain deeper access to the network. With a port scan the probe sends information to each port on the network and the open ones respond back, this data can be used to determine the easiest way to infiltrate the network. The safest way to defend against this type of probe is using a firewall. Just as in a ping sweep, if you deny access to a port scan requesting information from the network you render them
I would implement firewalls, cryptography, antispyware, antivirus, and content filtering. These will be installed in various levels of our network infrastructure including, our mail servers, gateways, laptops and desktops. When these security technologies are in place a threat may be able to bypass on level of security but will be detected and eradicated at another. Layering our security in this manner will mitigate the risks of an employee disabling their protection on the workstations. Our mail servers which send, receive and store emails must be secured as well.
Firewalls are good and help against websites that are illegitimate. It’s also good to have an antivirus on your computer to help protect against people who are trying to hack into your system. Perhaps someone is trying to gain access to your financial information; the antivirus stops them from getting in. Always make sure that when you are checking your e-mail and receive an e-mail with an attachment if you do not know who it is from do not open it. I don’t even open e-mails from people I don’t know whether it has an attachment or not.