In this article, you will find out about the different threats to the IT Infrastructure further you will find out about the various approaches that can be carried out against Network, and software components. And further you will read also protection against the threats.
Khushal Kaushik is founder & CEO of LISIANTHUS TECH and cyber security specialist or ethical hacker. He holds a degree in computer science with 12 computer certification like MCP, MCTS, DIGITAL FORENSIC and many further he has been working in The IT industry for the last four years, and he has an experience in Cyber Security, and cyber forensic was involved in a number of Projects like web security vulnerability, Hospital management, insecure cryptography storage, network security and many more.
To secure your IT infrastructure, you deliver to remain against various threats. However, you cannot protect against threats you do not recognize. Therefore, you should adopt a proactive approach in order to identify the types of threats that may cause harm to the IT resource in your organization. You have properly developed and maintain a plan, you need to understand the different type of threat and how can threat affect your organization IT Setup.
Some of Normal Threats are
- Unauthorized Access
- Data Theft
Financial data store in the organization server. No one in the organization is mindful of this act of unauthorized access. Now, if during the Annual General Meeting of the organization, the finance manager shows the finance data that data does not reflect on the situation as per the organizations past performance. Because of these discrepancies, in fact, and figures, the shareholders will have trouble believing the truth causing irreparable loss to the goodwill to the organization.
In the figure, the attacker, who is an outsider and is linked to a different network that of the organization's network, accesses an organization‘s network. Once then is breached, an attacker can access the information stored by the users on the network resource, in fact, an employee of the organization can also use his or her privilege to access the data.
How you can safe to Unauthorized Access
Check your financial statements regularly, keeping an eye out for any unfamiliar activity. If you find something irregular, report it as soon as possible and make a strong or difficult to guess password for your system when creating a password you can add number or character. Always use firewall and antimalware, antivirus software then will protect you unauthorized access and also regular update and patch your OS.
Datatheft is a type of attack which unauthorized access is used to obtain secret information the attacker can easily steal user credential to authenticate himself to the organization’s server and to read and copy confidential data stored in files. The credential can be stolen by the internal users, and credentials can be stolen by using various applications, such as a malware installed on the system. Such application maintains a log of all the keystrokes on the system, and then an attacker can get all the user system credential information without the knowledge of the user of the system. Example for this – a mal-ware is an application that is developed to Damage a computer to the user. Such application is usually programmed to collect and send data from the computer where it is installed to the creator of the program without the knowledge of the user of the computer.
In this figure, the attacker authenticates himself on the network by using the stolen credentials. The once authenticated attacker sends a malicious content to the user and spiteful content effect user system and provides an attacker full access to the user system after that attacker can access the confidential data on the user system.
How you secure to Data theft.
Install updates to security, web browser, operating system and antivirus software as soon as they become available. They contain “patches” that address security vulnerabilities within the software and are your first line of defense against online threats or you can also Install and use antivirus and antispyware software on all of your business computers. Don’t open email attachments or other downloads unless you’re sure they’re from a trusted source. Password protects your business computers – including laptops and smart phones – and access to your network and accounts. Require employees to have a unique user name and a strong password that is changed at least quarterly.
Hackers are computer expert and have the skill to gain unapproved access to a computer system. Hacking was a natural term for a user who excellent at computer programming and computer's network, system administration. A Hacking into a system sign of a technical skill and creativity that gradually became associated with illegal or malicious system intrusions. Hackers are at presently highly skilled; they used complicated techniques that are not easily detected. A hacker can be an employee of your organization or an outsider engaged in an unauthorized activity during or after working hours. However, attacks your system or incident such as a data theft does not always require implementation of sophisticated technologies. The attacker can be performed by using deception and trickery to convince unsuspecting users to provide sensitive data or to violate security guidelines. Such attacker is known as social engineering attacks.
Cyber security policy and vulnerability check can provide only limited shelter for Data.
The most critical part of the security of the nay system is its user. Most users trust each other. However, this makes them the most vulnerable part of the security. A Hacker can use this tendency of user to extract valuable information. They use social engineering a hacking technique that exploits user’s trust and uses physical method and psychological tricks, to gather information. The success of social engineering depends on the ability of hackers to manipulate human psychology, contact, and mortal workstation and techniques used to cut.
Commutations media used by social engineering.
The Telephone is the cheapest way to contact with the Multitude. It is also easy to imitate and impersonate over the telephone. In a telephone based social engineering, the most important factor is the voice of the social engineer. The Quality voices depend on the quality of telephone device and the location. Where is the call made? Telephone techniques are mostly used the help desk and that target system. Help desk is most vulnerable for telephone based social engineering because the prime aim of the helpdesk provides information to people. Loosely, the help desk employee gives the answer without seeking too much identification details from the company. It is very difficult to the identified the caller over the telephone.
Snail mail or regular postal is also a power full weapon of social engineering, they utilize this proficiency to gather personal data about the user, Such as a social security number, social engineering generally uses the professionally designed forms, which they create collecting information the professional aspect of the frame creates an notion is it from a legitimate governing body. In a typical snail mail based technique. Social engineers send the form along with a letter to the user. Usually, the mails, also declare that the receiver of the letter is eligible for a prize, and some verification is required to delve it. The letter prompts the receiver to fill out personal details in the attached form. The details include cuticle information, such as the social security number.
Social engineers use email for two roles. One is to send an email message by using legislate email accounts. Example a social engineer can use email, spamming techniques to send messages to the users of an organization from the system administrator’s email address. In such messages, The social engineer asked the recipient to send their password for correction some problem in their accounts some user may charge back the required information, without thinking much about the results Social engineers can also employ the email messages to send invitation for joining an online competition for receiving Prizes, in such a case a social engineer attaches that must be filled out by the user for joining the contest. These forms ask for desired user's name and passwords. Users, who may fail with this trick, may provide their names and password for multiple on-line accounts having acquired the information. Social engineers try the user name and password to use possible connected accounts of user to extract valuable information.
Engineer creates a website that allows users to the online quiz competition. These websites asked the user to create an account. A User must provide personal information, such as the password, phone number, and other things after a user created an account, the attacker uses that information to steal valuable information from other online accounts of the user. There are several other techniques that are used to gather information. Example for this - you may receive an email message supposedly from a bank starting that due to some technical problems at their end they have misplaced all the data of the users and are in the process of collecting information a fresh such as the message carries a hyperlink that brings the user to the home page of the bank in reality, such as the message are spam messages. The credentials are forwarded to the spammer’s email address. Finally, to show that the website is actually authentic, a web page may be displayed starting some error, such as the service is presently an unavailable or connectivity problem you may, therefore, end up losing your credential in the process, all the saving in your account. A fake website can never have anidentical address as that of the actual or intended website. You should also look out for digital certification on such a website that involves sending confidential data.
How to secure social engineering attack
Never give out any confidential information or even seemingly non-confidential information about you or your company whether it's over the phone, online, or in-person, unless you can first verify the identity of the person asking and the need for that person to have that information. You get a call from your credit card company saying your card has been compromised? Say okay, you'll call them back, and call the number on your credit card rather than speaking to whoever called you. Always remember that real IT departments and your financial services will never ask for your password or other confidential information over the phone.
A network-based attack is a type of attack that is targeted towards getting access to and breaking into a network to disrupt the network connectivity and delay access to the network. It may also be targeted to disable to the network activity and traffic by affecting the performance of the network devices. There are lots of techniques that can be used to carry out the attacks on the network.
IP spoofing Attack
Spoofing is a technique in which hacker gains unauthorized access to the target computer though a fake IP address. Spoofing enables the hacker to view confidential information; it is a method in which false information is used to access data from a specific network. Example - a hacker can access to the network by spoofing the IP address of the system. Once the access is granted, the attacker can access all resources over the network that can be accessed by the actual administrator.
How you can secure to IP spoof Attack
Use authentication based on key exchange between the machines on your network; something like IPsec will significantly trim down on the risk of spoofing. Use an access control list to deny private IP addresses on your downstream interface. .Configure your routers and switches if they support such configuration, to reject packets originating from outside your local network that claim to originate from within , Enable encryption sessions on your router so that trusted hosts that are outside your network can securely communicate with your local hosts.Implement filtering of both inbound and outbound network traffic.
Denial of service DOS Attack
A Dos attack is types of software or network attack in which an attacker attempted to disable system that provides network service by flooding a communication media with data to consume all available bandwidth. Or, sending data or designed to exploit known flaws in an application. However, sending multiple service requests to the network to consume a network resource, A Dos attack is usually carried out against devices such as server or routers, stopping them from responding to legitimate network request.
How to secure of DOS Attack
Whether you are at risk from DOS attacks will depend on your Internet connection configuration and what services you are making available to remote sources. Even with an advanced firewall system, you may still be susceptible to attack. The short answer is that the more services you make available to the outside, the more susceptible you are to the various types of DoS attacks. And you can also use some of DoS tools and you can install on your systems. These tools only have the ability to detect known DoS tools. Then protecting yourself from most DoS attacks should not be that difficult
Man in the middle Attack
A man in the middle attack is an attack where an attacker placed herself between two computers on the network or in between two networks to intercept their data interchange. The attacker captures and record each packet, respond to it, and forwards it to the intended host, so that both the sender or receiver believed that they are communicating with each other This deception allows an attacker to control the communication directly with each other.
How to secure MITM Attack
Protecting against MITM attacks is mostly things depend on your CA certificate. And need to be establishing a strong connection environment between end user and server and server have to be sending all sensitive data with encrypted format. And you can also download the latest version of high security Web browsers and then choose always HTTPS setting you can also download some tools like sslstrip that prevent the user to get to the HTTPS secure page.
A software attack is an attempt against the software resource. Such as an operating system and software based application a individual that performed attacks on the IT infrastructure usually does so in order to advance acknowledgment and to prove others that he or she is more adept than the best further; on that point may be employees who are not blocked with their earnings under which they are prepared to run. They may as well act as attackers and cause harm to the organization’s IT resources. Many software attacks are designed to acquire mastery of a computer so that the attacker can build use of that computer in the future, often for profit or further malicious actions, such as to harm the target computer or the application residing on the data processor.
How you secure to Software Attack
If you are using the Internet with any software or Windows operating system, or your mobile operating system and you want to protect against malware and possible software based attack. So you can use firewall and antivirus or anti malware software should be installed. This need not cost the earth as some very salutary but some free applications are available. Even if you want the extra protection, all these software providers have upgradable options that cost the equivalent of more established products and may be worth the investment for complete peace of mind.
Malicious code Attack
A malicious code attack is a type of software attack where the attacker inserts some undesired or unauthorized software or malware into a target system there. I have been many instances, all over the globe. Where malicious code attacks were used to disable the operating systems or applications such as attacks are very striking in nature and the target system users immediately get to know that their schemes have been assaulted Malicious code attacks may also remain hidden on the target organization, utilizing available resources to the attacker’s advantage. The methods to make malicious code install into the computer by an attacker.
How you to secure Malicious Code Attack
I establish in my research most malicious code attack to target windows OS easily compare to Mac OS and Linux. So I will recommend checking for automated update you OS whenever possible for you and along with that you can run your OS with the least number of accounts of permission or you can use your OS inbuilt firewall feature this will also block your outside access your system to the internet and do not open any unknown, Suspicious link because the attacker can join malicious code with this kind of link and you need to be configured your instance messaging software attacker can send you malicious code with the aid of this sort of software.
Software exploitation Attack
A software exploitation attack is a type of attack where an assailant tries to exploit a known defect or feature in an application, such as an electronic mail application or operating system. A software exploitation attack is evident when an application stops functioning by it stored by a user become corrupt or go missing. Such approach may also cause the operating system to malfunction regularly, resulting in loss of information.
How you can secure to software exploitation.
You can Blocks malicious traffic that does not conform to established protocol standards Flags And removes high-risk files, such as .exe and scripting files, viruses, spyware, and Trojans from the system by fully inspecting the entire packet.Identifies and stops traffic from hosts exhibiting suspicious behaviors.
In today’s digital world computers and internet user increase very extremely so that’s why dozens of users have become exposed to various kinds’ of cyber security threats and attacks. The user needs to implement a security measure. Bringing out and implementing cyber security in an organization is a challenge today as it necessitates a well defined and methodical plan of approach. Hence that’s why increased the requirement of competent and skilled professional who can implement cyber security in order to counter and intrusions and security breaches. This article reader aware about the cyber security attack and threats and how they can fix his or her own self with this kind of attacks.