Network Security

-

Network Security

Protecting information and systems is essential for individuals and organizations. Cyber threats target weaknesses in software, networks, and human behavior, making security a top priority. Understanding these risks and taking preventive measures helps ensure data safety and system integrity. This paper will examine security vulnerabilities and phishing, the impact it has, and strategies used to reduce their risks.


Ping Command Attacks


The ping command is a diagnostic tool used to test network connectivity. However, it can be used for other purposes, leading to cyberattacks such as ping flood attacks and ping of death attacks. Ping flood attacks, also known as ICMP flood, is a Distributed Denial of Service (DDOS) attack that overwhelms a target with internet traffic, such as pings, to make it inaccessible. In order for a ping flood attack to work, the attacker needs to know the IP address of the recipient device and have more network bandwidth than the target network. Ping of death is a DDOS attack in which the attacker sends the recipient device simple ping requests as fragmented IP packets that are usually oversized causing it to crash or reboot. These attacks emphasize the importance of network security measures such as firewalls and intrusion detection systems to limit ICMP traffic and mitigate threats.


Why Computer Systems Are Vulnerable to Each Kind of Threat


Security holes and vulnerabilities exist in software, hardware, and network configurations, allowing attackers to exploit weaknesses and gain unauthorized access. Common sources of vulnerabilities include outdated software, poor system configurations, and human error. Employee negligence is also a factor, as people use weak passwords exposing themselves to hackers gaining access to sensitive data (Slonopas, 2024). Phishing attacks is the practice of tricking victims into revealing their confidential data through scam emails, text, or phone calls (Woollacott, 2024). Since phishing uses psychological attacks, technical defenses aren’t sufficient enough without the awareness of being attacked. The advancement of phishing techniques, such as spear phishing and smishing (SMS and phishing), makes detection even more challenging.


Symptoms and Damage That Each Breach Can Inflict After Compromising a System


When attackers exploit security holes and vulnerabilities, they can gain unauthorized access to networks, allowing them to steal confidential information. Once the attackers are inside the system, they can install malware, corrupt data, or even take full control of the compromised system. These types of breaches can cause significant operational disruptions, leading to downtime, financial losses, and damage to an organization's reputation. Phishing attacks can also have severe consequences. When attackers gain access to compromised accounts, they can manipulate sensitive information, conduct unauthorized transactions, or even gain access to more critical systems. Victims of phishing attacks may suffer substantial financial losses due to identity theft and unauthorized transactions. Additionally, organizations targeted by phishing attacks often experience reputational harm, resulting in a loss of customer trust and potential legal ramifications.


Two Recommendations for Protecting a Computer System or Network from Each Type of Security Breach


To reduce security vulnerabilities, organizations should keep all software and systems updated with the latest security patches. Automated patch management ensures timely updates, minimizing the risk of exploitation. Regular vulnerability assessments and penetration testing are also crucial in identifying and fixing weaknesses before they can be used against an organization. Ethical hackers can simulate cyberattacks to assess an organization’s security and provide recommendations for strengthening defenses.

To protect against phishing, companies should focus on educating users and increasing awareness. Training employees to identify phishing attempts and conducting phishing simulations help improve their ability to recognize malicious emails and links. In the military, we conduct training annually that allows us to improve our awareness of phishing attempts and cyber attacks. Additionally, implementing email security measures such as spam filters and multi-factor authentication, can help detect and block phishing attempts. Establishing strict policies for verifying sensitive requests can strengthen defenses against phishing attacks.


Cybersecurity threats like security vulnerabilities and phishing present serious risks to individuals and organizations. Regular system updates, vulnerability assessments, user training, and strong security measures can help prevent these attacks. Staying informed and proactive is key to protecting sensitive data and maintaining system security. 



References


Slonopas, A. (2024, February 29). Cybersecurity vulnerabilities: Do employees pose a risk?: American Public University. APU. https://www.apu.apus.edu/area-of-study/information-technology/resources/cybersecurity-vulnerabilities-do-employees-pose-a-risk/ 


What Is A Ping (ICMP) Flood DDOS Attack?. Radware Captcha Page. (n.d.-a). https://www.radware.com/security/ddos-knowledge-center/ddospedia/icmp-flood/ 


What is a Ping of Death (PoD) Attack. Radware Captcha Page. (n.d.-b). https://www.radware.com/security/ddos-knowledge-center/ddospedia/ping-of-death/


Woollacott, E. (2024, February 13). What is phishing? understanding cyber attacks. Forbes. https://www.forbes.com/sites/technology/article/what-is-phishing/ 

Comments

Post a Comment

Popular posts from this blog

Programming Languages

-
  Programming languages allows us to communicate with computers effectively. This blog will reflect on my experience using Scratch, which is a simple drag-and-drop, block programming language, while also comparing it to the participation activities from Sections 2.8 through 2.11 of the textbook, exploring machine language assembly language, and high-level languages such as Python. I will discuss the challenges I faced, how I solved them, and which language I found easiest to use. My Experience with Scratch Using Scratch was a fun and interactive experience. It's drag-and-drop blocks made programming easy because I didn't have to worry about inputting codes or variables. For my Scratch project, I created an animation where four animals were racing each other through an endless loop as they were talking. I was able to make a bird and cat look like they were flying, while making a rabbit and bear walk. I used over 30 blocks, including motion, looks, and control options. Challenges...
Read more

Traveling Through A Network

-
Image
Ping and traceroute commands help us understand how data travels through networks. By using these tools, I observed how packets move between different locations and how network conditions affect performance. Ping Activity I tested three websites: Google.com (USA), Amazon Japan (.jp), and Expedia China (.cn). The ping results showed: Google.com : Had a fast response time that averaged 50.5ms and received no packet loss. Amazon Japan : Had a lower response time and averaged around 28.1ms, which was most likely due to a nearby CDN server. Expedia China : Response times varied significantly from 25.7ms to 97.2ms and was likely due to congestion or routing changes, but no showed no packet loss. These ping results showed that distance affects response times and that CDN’s can reduce latency. Traceroute Activity When running the traceroute command to the same websites, I observed that the number of hops and response patterns varied: Google.com : The packets took about 15 hops, were consistent...
Read more