Network Security

By Matthew Berrett -

Previously the commands of ping and traceroute were learned. These commands assist in troubleshooting network connectivity and issues. These commands are usually used to check, diagnose, and understand network issues. However, they can also attack other computers by sending large data packets to crash a recipient's computer or try to take over a recipient's computer and spread a virus. All the attacker needs is an IP address (Okta, n.d.). Luckily there are ways to counteract these attacks by always keeping software up to date, blocking fragmented pings, and enhancing the computers' ability to take on large packets with an overflow buffer. Ping commands are not the only way for attackers to penetrate or corrupt a system. Email spam and phishing are other routes cyber terrorists can take. 

Email spam is an unwanted message sent to emails that advertise unwanted deals or products or irrelevant information. These emails can come from companies that a person already does business with or from a company or website the person has researched or visited recently. It is thought that one could delete the unwanted spam email, and that would be the end, and they would not receive any more, but that is not the case. Spam emails can contain phishing attempts, viruses, or a doorway into the user's device. If any of these are enacted, personal information can be stolen, and computers can crash, costing the user much money. Another issue a spam email can produce is that once opened, the virus will interact with the user's email and send the same email to all of the user's contacts in hopes of infecting other computers (Vahid & Lysecky, 2019). Filtering by keywords can be done to stop these unwanted spam emails. By filtering with keywords, an email could reject or block emails containing the keyword. This can eliminate many emails if subjects and keywords are known (Hoanca, 2006). Another way to protect from spam emails is to set up a two-step protocol. This would work because the sender would have to request to send an email and if the receiver approves the request, the sender can send the email (Hoanca, 2006). Any technique will always have limitations, or the spammers may become more intelligent in presenting spam messages. An important step is always to read the title of the email thoroughly, and if the sender is unknown or not expected, deleting the email would be best.

Phishing is a technique to collect sensitive and personal information from a user or a business. Phishing is usually sent through email containing a link or an attachment. Phishing is similar to spam emails as they provide false advertisements and sometimes wrongly inform the user that they have won a large sum of money and all they need to do is click on the link to collect. Once a user clicks the link, viruses may be unleashed, or a doorway for a cyber-terrorist to enter may be opened. From this doorway, the terrorist can gain personal information such as bank numbers, addresses, passwords, or even social security numbers. In 2014 there was a significant increase in attacks on taxpayers. Phishers would send emails pretending to be IRS representatives concerning their tax returns. Once a user clicks the link or responds to the emails, the phishers steal private information and even redirect tax returns (Wright et al., 2014). Another devastating impact of phishing is that if an employee opens or downloads an attachment from a phishing email while at work, the phishers could access the company's records. This could mean that all employees and anybody doing business with or who has done business with the company could be attacked because the phishers will have access to personal information. This attack could cause a massive lawsuit for the company and ruin many families and lives.

Learning about phishing attacks and how to identify them is essential. A way to assist in the learning of identifying phishing is by incorporating it into computer-based training. Research has shown that combining training into a game makes it easier for students to learn and understand without negatively affecting real life (Fatima et al., 2019). By participating in the training or game, the user will see examples of phishing attempts and learn how to thwart them and protect their computer system. Another strategy for protecting a computer system or business from phishing is creating a sector dealing with phishing attempts. This sector could have a phone number or email address to contact whenever a possible phishing email is spotted. Then this sector could send a mass email to the company informing the other employees to avoid the possible phishing attempt. Email spam and phishing attempts could cause much damage, and knowing how to prevent them is essential for all businesses and people.

-Matthew

 

References

Fatima, R., Yasin, A., Liu, L., & Wang, J. (2019). How persuasive is a phishing email? A

phishing game for phishing awareness. Journal of Computer Security, 27(6), 581–612. https://doi.org/10.3233/JCS-18125

Hoanca, B. (2006). How Good Are Our Weapons in the Spam Wars? IEEE Technology &

Society Magazine, 25(1), 22–30. https://doi.org/10.1109/MTAS.2006.1607720

Okta. (n.d.). What is the Ping of death (Pod)? Definition, damage & defense. Identity | Okta.

https://www.okta.com/identity-101/ping-of-death/

Vahid, F., & Lysecky, S. (2019). Computing technology for all. zyBooks.

Wright, R. T., Jensen, M. L., Bennett Thatcher, J., Dinger, M., & Marett, K. (2014). Influence

Techniques in Phishing Attacks: An Examination of Vulnerability and Resistance.

Information Systems Research, 25(2), 385–400. https://doi.org/10.1287/isre.2014.0522

This blog has been created to assist people new to the IT world, as I am new myself. There will be posts on new hardware and software in an easy-to-read and understandable format. This blog is for beginners, come and learn with me.

Comments

Post a Comment

Popular posts from this blog

Navigating Algorithmic Design and Data Structures in Java Programming

By Matthew Berrett -
For those new to Java programming, grasping algorithmic design and data structures can significantly enhance coding skills. Algorithmic design is like crafting a detailed plan to tackle problems. At the same time, data structures serve as the tools for organizing and storing information effectively. Together, they form the backbone of structured programs, enabling developers to write efficient and scalable code. Starting with Algorithmic Design: Before diving into coding, it's crucial to analyze the problem carefully. Breaking it down into smaller, manageable tasks and devising step-by-step plans, or algorithms, is essential. These algorithms act as guides, helping developers navigate the problem-solving process with clarity and precision. Leveraging Data Structures: Once the problem is understood, selecting the proper data structure becomes pivotal. Data structures are like bookshelves that hold and organize books efficiently. Whether it's arrays for storing collections of ite...
Topics

A Beginner's Guide to Java Installation and Object-Oriented Design Principles

By Matthew Berrett -
In the world of programming, Java stands out as one of the most popular languages. Whether you're a beginner or an experienced developer, understanding Java installation and object-oriented design principles is crucial. In this blog post, we'll provide guidance on installing Java and dive into the fundamental concepts of object-oriented programming (OOP) in Java. Java Installation: Installing Java on your system is the first step towards embarking on your Java programming journey. While we won't provide a step-by-step tutorial here, we recommend referring to the official Java website for detailed instructions tailored to your operating system. Once you map to the link below, you will be taken to a webpage that says Oracle, the current developer of Java. https://www.oracle.com/java/technologies/downloads/#java11 Once you have installed Java, you must download an Integrated Development Environment (IDE) software. The one we recommend is Netbeans. Like Java, you must c...
Topics

OS Theory Concept Map

By Matthew Berrett -
Image
OS Theory Concept Map Section 1: -Categorize, describe, and give examples of the major functions of operating systems. One of the first and most significant functions of operating systems is to maintain supervision of the execution of user programs to prevent errors and improper use of the computer. The operating system acts as a crucial intermediary between the hardware and software, ensuring that user programs are executed in a controlled and secure manner. The kernel, as the core component, plays a central role in this function. It provides essential services and manages system resources, allocating them to processes and scheduling their execution. By overseeing memory management, the kernel ensures that programs do not interfere with each other's memory space, avoiding potential crashes or data corruption. Additionally, it manages input/output (I/O) operations, which are essential for interacting with devices like printers, scanners, and disk drives. Device management, as...
Topics