What are some threats to the security of your network?

To execute a successful network attack, attackers must typically actively hack a company’s infrastructure to exploit software vulnerabilities that allow them to remotely execute commands on internal operating systems. DoS attacks and shared network hijacking (example: when corporate user is on a public WiFi network) of communications are exceptions.

Attackers typically gain access to internal operating systems via email-delivered threats which first compromise a set of machines, then install attacker controlled malware, and so provide the ability for the attacker to move laterally. This increases the likelihood of not being detected up front while providing an almost effortless entry point for the attacker.

According to a recent Microsoft security intelligence report, more than 45% of malware requires some form of user interaction, suggesting that user-targeted email, designed to trick users, is a primary tactic used by attackers to establish their access.

Some threats are designed to disrupt an organisation’s operations rather than silently gather information for financial gain or espionage. The most popular approach is called a Denial of Service (DoS) attack. These attacks overwhelm network resources such as web and email gateways, routers, switches, etc. and prevent user and application access, ultimately taking a service offline or severely degrading the quality of a service. These do not necessarily require active hacking, but instead rely on attackers’ ability to scale traffic towards an organisation to take advantage of misconfigured and poorly protected infrastructure. This means they often make use of a network of compromised computer systems that work in tandem to overwhelm the target, known as a Distributed Denial of Service (DDoS) attack. In many cases, attackers will launch DoS and DDoS attacks while attempting active hacking or sending in malicious email threats to camouflage their real motives from the information security teams by creating distractions.

While detection, perimeter hardening, and patching processes are required to mitigate network threats and attacks from active and passive network delivered threats, as a basic starting point organisations need to protect themselves especially from the email-delivered threats that subsequently enable network-threats to be successful.

What Is Network and Cybersecurity?

Learn about cybersecurity and network security including the definition, history, and how it has evolved. Find out how to protect your company and people.

Read More

Zero Trust: How to Secure Your Network in the Age of Cloud and Worker Mobility

Some well-known shortcomings of relying on data-centre-based Firewalls and VPNs include the large network attack surface, unreliable end-user experience, and administrative headaches.

Read More

Preparing for an Attack: What Is DDoS?

A DDoS attack is a malicious attempt to disrupt traffic on a server or network. Learn about DDoS and how to protect against distributed denial of service.

Information Security threats can be many like Software attacks, theft of intellectual property, identity theft, theft of equipment or information, sabotage, and information extortion. 

Threat can be anything that can take advantage of a vulnerability to breach security and negatively alter, erase, harm object or objects of interest. 

Software attacks means attack by Viruses, Worms, Trojan Horses etc. Many users believe that malware, virus, worms, bots are all same things. But they are not same, only similarity is that they all are malicious software that behaves differently. 

Malware is a combination of 2 terms- Malicious and Software. So Malware basically means malicious software that can be an intrusive program code or anything that is designed to perform malicious operations on system. Malware can be divided in 2 categories: 
 

1. Infection Methods
2. Malware Actions

Malware on the basis of Infection Method are following: 

1. Virus – They have the ability to replicate themselves by hooking them to the program on the host computer like songs, videos etc and then they travel all over the Internet. The Creeper Virus was first detected on ARPANET. Examples include File Virus, Macro Virus, Boot Sector Virus, Stealth Virus etc.
2. Worms – Worms are also self-replicating in nature but they don’t hook themselves to the program on host computer. Biggest difference between virus and worms is that worms are network-aware. They can easily travel from one computer to another if network is available and on the target machine they will not do much harm, they will, for example, consume hard disk space thus slowing down the computer.
3. Trojan – The Concept of Trojan is completely different from the viruses and worms. The name Trojan is derived from the ‘Trojan Horse’ tale in Greek mythology, which explains how the Greeks were able to enter the fortified city of Troy by hiding their soldiers in a big wooden horse given to the Trojans as a gift. The Trojans were very fond of horses and trusted the gift blindly. In the night, the soldiers emerged and attacked the city from the inside. 

   Their purpose is to conceal themselves inside the software that seem legitimate and when that software is executed they will do their task of either stealing information or any other purpose for which they are designed. 

   They often provide backdoor gateway for malicious programs or malevolent users to enter your system and steal your valuable data without your knowledge and permission. Examples include FTP Trojans, Proxy Trojans, Remote Access Trojans etc. 
    

4. Bots –: can be seen as advanced form of worms. They are automated processes that are designed to interact over the internet without the need for human interaction. They can be good or bad. Malicious bot can infect one host and after infecting will create connection to the central server which will provide commands to all infected hosts attached to that network called Botnet.

Malware on the basis of Actions: 
 

1. Adware – Adware is not exactly malicious but they do breach privacy of the users. They display ads on a computer’s desktop or inside individual programs. They come attached with free-to-use software, thus main source of revenue for such developers. They monitor your interests and display relevant ads. An attacker can embed malicious code inside the software and adware can monitor your system activities and can even compromise your machine.
2. Spyware – It is a program or we can say software that monitors your activities on computer and reveal collected information to an interested party. Spyware are generally dropped by Trojans, viruses or worms. Once dropped they install themselves and sits silently to avoid detection. 

   One of the most common example of spyware is KEYLOGGER. The basic job of keylogger is to record user keystrokes with timestamp. Thus capturing interesting information like username, passwords, credit card details etc.

3. Ransomware – It is type of malware that will either encrypt your files or will lock your computer making it inaccessible either partially or wholly. Then a screen will be displayed asking for money i.e. ransom in exchange.
4. Scareware – It masquerades as a tool to help fix your system but when the software is executed it will infect your system or completely destroy it. The software will display a message to frighten you and force to take some action like pay them to fix your system.
5. Rootkits – are designed to gain root access or we can say administrative privileges in the user system. Once gained the root access, the exploiter can do anything from stealing private files to private data.
6. Zombies – They work similar to Spyware. Infection mechanism is same but they don’t spy and steal information rather they wait for the command from hackers.

• Theft of intellectual property means violation of intellectual property rights like copyrights, patents etc.
• Identity theft means to act someone else to obtain person’s personal information or to access vital information they have like accessing the computer or social media account of a person by login into the account by using their login credentials.
• Theft of equipment and information is increasing these days due to the mobile nature of devices and increasing information capacity.
• Sabotage means destroying company’s website to cause loss of confidence on part of its customer.
• Information extortion means theft of company’s property or information to receive payment in exchange. For example ransomware may lock victims file making them inaccessible thus forcing victim to make payment in exchange. Only after payment victim’s files will be unlocked.

These are the old generation attacks that continue these days also with advancement every year. Apart from these there are many other threats. Below is the brief description of these new generation threats. 

What are the threats in network security?

What are the four types of threats in network security?

What are the most common network security threats?

What are the three main threats to networks?