There are different categories of threats that are pervasive in any computing environment and within organizations that make use of information systems as a comprehensive aspect of their organizational strategies. It has therefore become imperative for organizations to respond to increased threats and attacks by implementing layers of security to fight both external and internal threats. Academic research has traditionally focused on the use of technical approaches to address the issue of security. This research paper however seeks to examine the nature, implications and comprehensive methods of handling the threat of hackers and other sources of vulnerabilities encountered in everyday business activities. This begins with an evaluation of the threat environment, the concept of hacking and then moves on to proffer ways of managing and preventing the threats in order to mitigate their negative effects
An Analysis of the Threat Environment
Millions of dollars are lost every year as a result of computer security problems stemming from unauthorized access to sensitive information. According to Backhouse Dhillon (2001), annual losses in the US alone, caused by security lapses amount to the tune of 5 billion. A 1999 report by the Computer Security Institute also puts losses at 124 million amongst the surveyed companies (Backhouse Dhillon, 2001). The increase in the number of computer related threats have thus given rise to a situation where combating the threat of hackers can no longer be successful without addressing the systemic risks that arise from the nature of organizations (Angell, 2005). Organizations operate by norms, values and the culture of people and as such have a significant effect on the security practices and their implications.
Most hacking attacks occur when individuals gain access to systems through the use of hacking software and hackerscomputer geeks who are well versed in identifying holes and lapses in an IT infrastructure such as networks and software. Organizations are susceptible to different forms of attacks. The most common ones include viruses, Trojans, worms, denial-of-service attacks, spanning, phishing, email bombs, TCP hijacking amongst many others. These attacks are however preceded by unauthorised access to systems that are facilitated through the process of hacking.
The Concept of Hacking
Before discussing suitable means of managing hacking attacks, its important that we clarify the alternative definitions of hacking that are pervasive in current academic literature.
Hacking can be described as the unauthorized access to IT resources such as data and other sensitive materials that are available electronically. It has negative implications and is often considered as illegal in certain parts of the world, especially the United States. Examples of weaknesses that can make a system vulnerable to hacking attempts include an ineffective configuration of servers, use of old and unpatched software, non-activation of security controls, weak and predictable passwords (McClure, Scambray, Kurtz, 2003). A hack in the computing industry may also refer to providing a quick solution to an IT problem through an unstructured means.
Hacking can also be defined as the unauthorised act of re-programming a system so that it performs in ways not specified by the owner or designer of the system. In this context however, hacking can be detrimental to the success or continued existence of an organization. Consequently, any corrective steps must be taken to rectify it to ensure that sensitive programs are not manipulated to the benefit of unauthorised people.
Many hackers start off by being computer geeks who enjoy learning about technology and how it works. They enjoy programming and may have expertise in many or a specific programming language. Companies may decide to employ some of these hackers as a way of finding flaws in their security systems. This may help prevent identity theft and other security threats an organization is vulnerable to. Hackers who are out to steal information and cause havoc to their victims by stealing financial information code, gaining access to sensitive information are often referred to as crackers (Skoudis Liston, 2005).
The goal of any hacking attempt is to attack a network, gain control of the system by accessing the administrators account and committing malicious attacks. Hacking can be also be achieved by IP Spoofing this is a method of gaining access to a computer by hijacking the IP address and assuming the identity of the victim computer which is trusted by the target system that is the subject of attack (McClure, Scambray, Kurtz, 2003).
Early hackers are often quite knowledgeable about systems and are usually able to keep track of developments in the IT industry (Himanen , Castells Torvalds, 2001)
Preventing Attacks
One of the most effective ways of preventing hackers is through due diligence. Theres a need to ensure that computer systems are regularly patched and updated so that severity holes are covered. The use of strong passwords is also encouraged to ensure that passwords are not predictable. Malicious entities may adopt a dictionary attack to guess passwords. Another common mistake with administrators is forgetting to close backdoors to programs that are used to text software functionalities during design processes. Software developers should ensure that all holes are closed to make hacking attacks impossible or difficult to achieve (Skoudis Liston, 2005).
Though the prevention of all modes of hacking is considered almost impossible, organizations still spend huge sums of money protecting their networks. According to a recent survey by a research group known as Data monitor, spending on network security has continued to double over the years. One of the more popular methods of preventing hacking is the use on anti-virus software. Such software is able to scan a computers hard drive and reveal vulnerabilities (Skoudis Liston, 2005).
Firewalls are also a popular means of protecting networks. They act as a gateway between the internal network and possible threats emanating from the external environment. It installs a barrier between the internal network and malicious visitors targeting a companys infrastructure. Intrusion detection systems, capable of storing databases of known attacks can also be used to scan all inbound and outbound traffic flowing through a network. They are capable of detecting attacks of any form and preventing their admission into the network (Skoudis Liston, 2005).
Another way of managing hacking attacks is by making sure that upgrades are passed to computing systems frequently to ensure that the latest patches of upgrades are received by all the computers on the network. Users within a network must also be adequately trained to ensure that harmful software downloads are prevented. Websites that contain harmful files and unsigned software must be barred from opening on the network through the use of group policies that are designed to protect entire networks (Skoudis Liston, 2005).
Network administrators must also ensure that all unused protocols and ports are closed. Hackers are renowned for exploiting security holes and features by gaining access to software features that are not regularly used to avoid detection. Theres also an increasing need to conduct vulnerability tests through the use of vulnerability scanners. These scanners can scan an entire network and identify flaws and holes that can be easily corrected to prevent future attacks (Skoudis Liston, 2005).
Another way of managing and preventing hacking attacks is to stay informed of current security vulnerabilities, updates and other relevant information that can help to develop proactive strategies capable of combating hacking attempts. There are numerous magazines and online resources that provide information on how to keep networks secure and ensure that organizations are responsive to new threats.
A corporate security policy also ensures that security procedures are adhered to. Such policies involve details of computer usage, rules to be adhered to and security best practices to be upheld within the organization. Corporate policies may stress a periodic change of passwords, the use of strong passwords that adhere to certain criteria, proactive and well-defined strategies to be implemented when certain staff members leave the organization and other security policies that have proven effective over time (Skoudis Liston, 2005).
Technical Approaches to Enforcing Security
Technical solutions focus on the security of computer systems, network infrastructure and other physical devices in an organization. Network Administrators and Managers may need to implement proactive approaches such as Checklists, Risk Analysis and Evaluation Strategies as part of the network architecture (Backhouse Dhillon, 2001).
Checklists This identifies any control that can be implemented. It addresses the question of implementing any potentially effective measure that can help to combat security threats. Examples include SAFE checklist, Computer Security Handbook, and so on. They usually emphasize disaster planning, encryption, off-site backup and physical security (Backhouse Dhillon, 2001).
Risk Analysis This is a proactive approach to security which emphasises that security can be improved if certain measures are put in place. Risk analysis places particular emphasis on preventing attacks through the proactive method of implementing countermeasures to combat the risks. For example, CCTA Risk Management Methodology and automated solutions such as RISKPAC and so on (Backhouse Dhillon, 2001).
Evaluation This measures and categorises the level of security within an organization. For example, the Bell La Padula model, BS 7799 standard for IS management and automated solutions such as SECURATE (Backhouse Dhillon, 2001)
Another effective means of managing security is by implementing social countermeasures. The human factor is perceived as one of the largest sources of threats to organizations consequently, theres a need to look into the organization when examining sources of security threats to the organization (Dhillon Torkzadeh, 2006)
Computer viruses, Trojans, worms and Denial-of service attacks are more common examples of threats. Others include, tail-gating, blue snarfing and other forms of IT threats. These are what IT Management battles with everyday. It is however worth noting that IT policies, predefined controls, risk analysis and evaluation methods initially perceived as silver bullets to the issue of security now have to be elaborated to incorporate systemic risks inherent in the organization and the business environment.
An Analysis of the Threat Environment
Millions of dollars are lost every year as a result of computer security problems stemming from unauthorized access to sensitive information. According to Backhouse Dhillon (2001), annual losses in the US alone, caused by security lapses amount to the tune of 5 billion. A 1999 report by the Computer Security Institute also puts losses at 124 million amongst the surveyed companies (Backhouse Dhillon, 2001). The increase in the number of computer related threats have thus given rise to a situation where combating the threat of hackers can no longer be successful without addressing the systemic risks that arise from the nature of organizations (Angell, 2005). Organizations operate by norms, values and the culture of people and as such have a significant effect on the security practices and their implications.
Most hacking attacks occur when individuals gain access to systems through the use of hacking software and hackerscomputer geeks who are well versed in identifying holes and lapses in an IT infrastructure such as networks and software. Organizations are susceptible to different forms of attacks. The most common ones include viruses, Trojans, worms, denial-of-service attacks, spanning, phishing, email bombs, TCP hijacking amongst many others. These attacks are however preceded by unauthorised access to systems that are facilitated through the process of hacking.
The Concept of Hacking
Before discussing suitable means of managing hacking attacks, its important that we clarify the alternative definitions of hacking that are pervasive in current academic literature.
Hacking can be described as the unauthorized access to IT resources such as data and other sensitive materials that are available electronically. It has negative implications and is often considered as illegal in certain parts of the world, especially the United States. Examples of weaknesses that can make a system vulnerable to hacking attempts include an ineffective configuration of servers, use of old and unpatched software, non-activation of security controls, weak and predictable passwords (McClure, Scambray, Kurtz, 2003). A hack in the computing industry may also refer to providing a quick solution to an IT problem through an unstructured means.
Hacking can also be defined as the unauthorised act of re-programming a system so that it performs in ways not specified by the owner or designer of the system. In this context however, hacking can be detrimental to the success or continued existence of an organization. Consequently, any corrective steps must be taken to rectify it to ensure that sensitive programs are not manipulated to the benefit of unauthorised people.
Many hackers start off by being computer geeks who enjoy learning about technology and how it works. They enjoy programming and may have expertise in many or a specific programming language. Companies may decide to employ some of these hackers as a way of finding flaws in their security systems. This may help prevent identity theft and other security threats an organization is vulnerable to. Hackers who are out to steal information and cause havoc to their victims by stealing financial information code, gaining access to sensitive information are often referred to as crackers (Skoudis Liston, 2005).
The goal of any hacking attempt is to attack a network, gain control of the system by accessing the administrators account and committing malicious attacks. Hacking can be also be achieved by IP Spoofing this is a method of gaining access to a computer by hijacking the IP address and assuming the identity of the victim computer which is trusted by the target system that is the subject of attack (McClure, Scambray, Kurtz, 2003).
Early hackers are often quite knowledgeable about systems and are usually able to keep track of developments in the IT industry (Himanen , Castells Torvalds, 2001)
Preventing Attacks
One of the most effective ways of preventing hackers is through due diligence. Theres a need to ensure that computer systems are regularly patched and updated so that severity holes are covered. The use of strong passwords is also encouraged to ensure that passwords are not predictable. Malicious entities may adopt a dictionary attack to guess passwords. Another common mistake with administrators is forgetting to close backdoors to programs that are used to text software functionalities during design processes. Software developers should ensure that all holes are closed to make hacking attacks impossible or difficult to achieve (Skoudis Liston, 2005).
Though the prevention of all modes of hacking is considered almost impossible, organizations still spend huge sums of money protecting their networks. According to a recent survey by a research group known as Data monitor, spending on network security has continued to double over the years. One of the more popular methods of preventing hacking is the use on anti-virus software. Such software is able to scan a computers hard drive and reveal vulnerabilities (Skoudis Liston, 2005).
Firewalls are also a popular means of protecting networks. They act as a gateway between the internal network and possible threats emanating from the external environment. It installs a barrier between the internal network and malicious visitors targeting a companys infrastructure. Intrusion detection systems, capable of storing databases of known attacks can also be used to scan all inbound and outbound traffic flowing through a network. They are capable of detecting attacks of any form and preventing their admission into the network (Skoudis Liston, 2005).
Another way of managing hacking attacks is by making sure that upgrades are passed to computing systems frequently to ensure that the latest patches of upgrades are received by all the computers on the network. Users within a network must also be adequately trained to ensure that harmful software downloads are prevented. Websites that contain harmful files and unsigned software must be barred from opening on the network through the use of group policies that are designed to protect entire networks (Skoudis Liston, 2005).
Network administrators must also ensure that all unused protocols and ports are closed. Hackers are renowned for exploiting security holes and features by gaining access to software features that are not regularly used to avoid detection. Theres also an increasing need to conduct vulnerability tests through the use of vulnerability scanners. These scanners can scan an entire network and identify flaws and holes that can be easily corrected to prevent future attacks (Skoudis Liston, 2005).
Another way of managing and preventing hacking attacks is to stay informed of current security vulnerabilities, updates and other relevant information that can help to develop proactive strategies capable of combating hacking attempts. There are numerous magazines and online resources that provide information on how to keep networks secure and ensure that organizations are responsive to new threats.
A corporate security policy also ensures that security procedures are adhered to. Such policies involve details of computer usage, rules to be adhered to and security best practices to be upheld within the organization. Corporate policies may stress a periodic change of passwords, the use of strong passwords that adhere to certain criteria, proactive and well-defined strategies to be implemented when certain staff members leave the organization and other security policies that have proven effective over time (Skoudis Liston, 2005).
Technical Approaches to Enforcing Security
Technical solutions focus on the security of computer systems, network infrastructure and other physical devices in an organization. Network Administrators and Managers may need to implement proactive approaches such as Checklists, Risk Analysis and Evaluation Strategies as part of the network architecture (Backhouse Dhillon, 2001).
Checklists This identifies any control that can be implemented. It addresses the question of implementing any potentially effective measure that can help to combat security threats. Examples include SAFE checklist, Computer Security Handbook, and so on. They usually emphasize disaster planning, encryption, off-site backup and physical security (Backhouse Dhillon, 2001).
Risk Analysis This is a proactive approach to security which emphasises that security can be improved if certain measures are put in place. Risk analysis places particular emphasis on preventing attacks through the proactive method of implementing countermeasures to combat the risks. For example, CCTA Risk Management Methodology and automated solutions such as RISKPAC and so on (Backhouse Dhillon, 2001).
Evaluation This measures and categorises the level of security within an organization. For example, the Bell La Padula model, BS 7799 standard for IS management and automated solutions such as SECURATE (Backhouse Dhillon, 2001)
Another effective means of managing security is by implementing social countermeasures. The human factor is perceived as one of the largest sources of threats to organizations consequently, theres a need to look into the organization when examining sources of security threats to the organization (Dhillon Torkzadeh, 2006)
Computer viruses, Trojans, worms and Denial-of service attacks are more common examples of threats. Others include, tail-gating, blue snarfing and other forms of IT threats. These are what IT Management battles with everyday. It is however worth noting that IT policies, predefined controls, risk analysis and evaluation methods initially perceived as silver bullets to the issue of security now have to be elaborated to incorporate systemic risks inherent in the organization and the business environment.
No comments:
Post a Comment