Skip to main content

Network Security

   With the advent of computers and the internet, so too came the invention of harmful scams. These malicious entities have become more and more prevalent since the turn of the century and exist in various forms. From existing in different types of computer viruses, spam emails, phishing, and Denial of Service (DoS) attacks there are a multitude of ways for user’s personal information to be accessed and disseminated without knowledge or consent. 

            During week 3 of our course we learned about ping commands and even practiced using these to access different websites. This week’s venture into security took the concept even further by revealing how one can use ping commands in a negative and harmful way in the form of Denial of Service (DoS) attacks. These types of security breaches require no hacking of any kind, nor does it involve the installation of any type of malicious software which is also known as malware. How these attacks work is that a single user first creates a botnet. A botnet is when multiple computers are infected with a virus, thus granting a singular user remote access to all computers. The user then commands the botnet collectively to send huge numbers of access requests (or ping commands) simultaneously to one specific website which will then overload that website’s server. As a result, any requests from legitimate users cannot be handled and are denied (Vahid & Lysecky, 2019).  Essentially this event keeps the website’s server busy and often these can even be a diversion. Attackers can potentially steal sensitive information or install malware while the company’s resources are focused on reacting to the DoS attack (Neustar, 2017). 

 

A method to protect users from a DoS attack is the public key infrastructure (PKI) and was introduced in an effort to authenticate protocols to verify the identities of the communicating parties (Fung & Lee, 2002). This is known as a form of cryptography. Cryptography is when two parties communicate via messages that are converted into an unreadable format i.e. encryption. Once received by the intended receiver, the message is converted back into a readable form i.e. decryption. Secret conversion techniques are used that only the sender and receiver know which is what makes this secure, so that when outside parties view the transmission all they see if text that is not decipherable. “The Public-key cryptography uses two keys with one key being a ‘public key’ that the sender uses to create encrypted messages and a mathematically-related ‘private’ key that the receiver can use to decrypt any messages encrypted by that public key (Vahid & Lysecky, 2019). 

 

            A phishing scam is basically fraud via the internet and can potentially cost individuals and companies hundreds of billions of dollars per year (Vahid & Lysecky, 2019). This is a practice that baits a user to share sensitive information like a password or credit card number by sending an email that appears to be legitimate and from a reputable organization. The email entices users to click into a website link that takes the user to an authentic-looking website where they are then prompted to enter their personal information. The scammers can then use this information to log into the victim’s bank account and withdraw money. Often times the phishing email appears to come from an actual bank and the message is warning them that their account is “locked” due to being compromised. This is meant to raise worry/concern for users so that they follow through with the link. Tips for combating this is to be weary of any email links and to hover the mouse over each and every link because in doing so, a preview to the website will appear where we can determine if the link is worth clicking. Another useful tip is to always log into your bank directly from their website and not from any email.

 

            A computer virus, “is a program that runs on a user’s computer without permission and spreads itself to other computers, often via email,” (Vahid & Lysecky, 2019). Purposes of a virus can be a number of different reasons including using infected computers to perform illicit tasks, stealing sensitive information, or deleting data. An example of an illicit task is to perform a DoS attack which we discussed earlier.  A common way for viruses to spread is through email where a user is deceived into downloading and running an application that will then install a virus. The surprising aspect of a virus is that often a user has no idea their computer has a virus because the computer shows no signs of being infected. A clue that your computer may be infected is that it runs slower or it is active on its own and the user is not actively using it. To combat against a computer virus, our text outlines that downloading programs called antivirus software can assist users because they look for known viruses by searching the hard drive, monitoring visited websites, and reviewing files that have been recently downloaded. If and when a virus is found, they are disabled. 

 

            Computer systems are vulnerable to these threats because it comes down to the user and being smart about the way we navigate the internet. The security hazards discussed thus far are created and refined to deceive users themselves and so we are ultimately the most vulnerable aspect of these threats. Making mistakes is what makes us human and these threats lean into this by targeting humans and preying on their vulnerabilities. The best way to combat this is by being computer and digitally literate and employing the tips presented in this discussion to navigate the internet in a safe way. 

 

 

 

 

 

 

 

 

References

 

Fung, C. K. and Lee, M. C. (2002)  "A denial-of-service resistant public-key authentication and key establishment protocol," Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference (Cat. No.02CH37326), pp. 171-178, doi: 10.1109/IPCCC.2002.995148 

 

Global ddos attacks & Cyber Security Insights Report. October 2017 Global DDoS Attacks & Cyber Security Insights Report. (n.d.). Retrieved May 12, 2022, from https://www.discover.neustar/201710-Security-Solutions-Siteprotect-DDoS-2H2017-Report-LP.html?_ga=2.95920092.1110885956.1520369044-965016162.1511797919

 

Vahid, F., & Lysecky, S. (2019). Computing technology for all. zyBooks.

 

Comments

Post a Comment

Popular posts from this blog

Tech Topic Connection

                 The tech topic I chose was the fascinating and growing world of mobile applications. The biggest reason behind this is because of the vast potential mobile applications, or apps, possess. The website emizentech.com reviewed a Statista report indicating “there are about 7.1 billion app users worldwide,” and that, “global revenue is expected to reach $808 billion in 2022,” (EmizenTech, 2022). This is a burgeoning industry that is only expected to grow in the coming years.     Apps translate, “communication efforts into interactive customer experiences heightening cognitive, emotional, emotional, and behavioral responses,” (Kim & Yu, 2016). The world is now more connected than ever before. Through certain apps, individuals have the capabilities of crossing geographical boundaries and allows us to communicate with anyone who also uses the app and has an internet connection.    I use my smartphone ever...
Post a Comment
Read more

Traveling Through a Network

  Hi World,        Ping Command Activity – This was a great exercise that highlighted how ping commands work in a hands-on way. I enjoy being able to play around with topics we are learning about. Here are the screenshots of my ping results. The two other websites beyond google was the official Australian government response website: Australian.gov.au and the official website of the government of Japan: Japan.go.jp         I was rather shocked to see that the ping to Japan was the quickest when compared to google and the Australian website! The average speed for Japan was 24.025 ms (milliseconds). Google’s average speed was 24.474 ms and the Australian site’s average was 188.582 ms. Given how far away those countries were I expected them to take longer because there is so much more distance that needs to be traversed. Given that the Australian ping took the longest was expected, but the fact google sits in the middle is a surpr...
Post a Comment
Read more