 |
| Photo by Pixabay: https://www.pexels.com/photo/security-logo-60504/ |
The increase in computer usage by individuals and organizations continues to grow at a never-ending pace, and protecting this sensitive information has never been more critical. According to Vahid and Lysecky (2019), “computer security is the prevention of unauthorized computer access, including viewing, changing, or destroying a computer or data” (Section 8.1). When a security breach or unauthorized access occurs on a personal computer, someone’s emails and photos can be viewed without permission. Their social media accounts can also be used by someone else, where confidential information can be shared at the expense of the computer’s owner. At the same time, businesses can suffer from hacks compromising their system’s ability to protect valuable and sensitive information. Financial data like customer credit card data can be stolen and sold without the customer knowing. An organization’s computer systems and servers can also be shut down, preventing them from servicing customers. Protecting these systems is crucial to avoid the stresses and financial losses that can happen when systems are compromised.
Some examples of threats to personal and business systems include denial of service (DoS) attacks, computer viruses, and phishing attempts. According to Stiawan et al. (2021), “one of the most common DoS attacks is an Internet control message protocol (ICMP) flood or ping flood” (Section I). Ping floods or protocol attacks use ping commands to target a service, such as a website, and overload its servers with fake requests to slow or stop the site from being able to buffer traffic preventing real traffic from reaching the site. Other ping command attacks include application layer attacks that flood a service HTTP requests and volumetric attacks that use DNS servers to flood with traffic exhausting its bandwidth. Flooding attacks can also distract the site’s security team from other attacks being attempted simultaneously. These attacks can expose a company to security breaches that could provide pathways for the virus’s other threats.Computer viruses can infect both personal and business computers, and according to Vahid and Lysecky (2019), “computer viruses are programs that run on a user’s computer without permission and spreads themselves to other computers” (Section 8.2). Viruses are often spread by email, making them difficult to spot because users can be deceived into running the program without knowing. Computers are also vulnerable to viruses because they can enter a system by visiting websites like free gaming or pornography or from downloads like peer-to-peer file transfers. Once a virus enters a system, it can create illicit tasks like sending spam emails, stealing information like credit card numbers, or deleting personal or company data. One way of protecting a system from viruses includes running antivirus software which, according to Vahid and Lysecky (2019), “looks for known viruses and strives to disable found viruses, by searching a hard drive, and/or by monitoring visited websites and downloaded files” (Section 8.2). Another way to prevent viruses is to ensure your operating system is up to date. Most developers release regular updates, including security patches that fix security holes and other vulnerabilities.
In addition to computer viruses, phishing attacks can be very destructive to individuals’ and organizations’ computer systems. According to Desolda et al. (2022), “phishing is a scalable act of deception whereby impersonation is used to obtain information from a target” (Section 2.3). These attacks are typically disguised as an important email with a link to a website. A phishing attack attempts to trick a user into entering personal information like a username, password, or bank account information. Systems are vulnerable to phishing attacks because of human factors, such as the lack of awareness and everyday habits that form over time. Some people may be unaware of the dangers of opening unverified links from an email or text message.
In contrast, others may do it out of regular habits without considering the consequences. Due to the human factors involved, phishing has become one of the most effective cyber-attacks. When phishing occurs, personal information such as passwords and financial information can be stolen along with the installation of malware like computer viruses. Phishing can also be used to sabotage systems and steal intellectual property. One way to avoid phishing attacks is to learn what to look out for and become familiar with phishing scam methods and how they look. It is also important to not click on any links that may appear in your inbox or through text-message. Instead, visit the site using your browser instead of clicking on any links.
Desolda, G., Ferro, L. S., Marrella, A., Catarci, T., & Costabile, M. F. (2022). Human Factors in Phishing Attacks: A Systematic Literature Review. ACM Computing Surveys, 54(8), 1–35. https://doi.org/10.1145/3469886
Stiawan, D., Suryani E. M., Susanto, Idris, Y. M., Aldalaien, N. M., Alsharif, N., & Budiarto, R. (2021). Ping Flood Attack Pattern Recognition Using a K-Means Algorithm in an Internet of Things (IoT) Network. IEEE Access, 9, 116475–116484. https://doi.org/10.1109/ACCESS.2021.3105517
Vahid, F., & Lysecky, S. (2019). Fundamentals of information technology & literacy. zyBooks, a Wiley brand. https://learn.zybooks.com/zybook/TEC101:_Fundamentals_of_Information_Technology_&_Literacy
Comments
Post a Comment