Login Signup
Verified Document

Computer Vulnerabilities Computer Security Vulnerabilities The Extent Research Paper

Related Topics:
Forgery Education And Computers Computer Viruses Hacking
Open Document Cite Document

Computer Vulnerabilities Computer Security Vulnerabilities

The extent of the problem

This is not a small issue. The book "Analyzing Computer Security" lays out the following scenario: "First, 20 million U.S. smart phones stop working. Next follow outages in wireline telephone service, problems with air traffic control, disruptions to the New York Stock Exchange, and eventually severe loss of power on America's East Coast" (Pfleeger & Pfleeger, 2011, 3). The authors are talking about a situation in which the computer networks that control those devices and services are compromised. As has been seen in recent years, this lack of computer security is something that is not an apocalyptic myth, but an unfortunate reality. As soon as systems are designed to thwart attackers, they are broken and new security measures have to be put in place. It is a never-ending battle that requires a vigilant and resourceful security team to police. Unfortunately, these large breaches have only increased in recent years.

Vulnerabilities that caused major loss/damage

It does not matter whether it is an individual, company or government, computer vulnerability can cause endless problems such as identity theft, loss of customer data, or an event such as the one that occurred in Iran in 2010.

"Siemens equipment…called Industrial Control Systems or ICS, is the product targeted by Stuxnet, the sophisticated computer worm discovered last year to have crippled Iran's nuclear power program. Stuxnet reprogrammed the computer-controlled centrifuges used to enrich uranium so that they spun out of control and destroyed themselves" (Waterman, 2011).

This was an incident that could have caused even more serious damage if the hackers had been able to penetrate security even further.

Virus/Hacking statistics

The trend in viruses and computer hacking attacks has been escalating for many years. "As of June 2006, Symantec's Norton Antivirus software checked for over 72,000 known virus patterns" (Pfleeger & Pfleeger, 2011, 87). This statistic was current more than five years ago, which means that at the rate of growth of these types of attacks it can be assumed that that number could easily have exceeded 200,000. Hackers...

There are no real statistics regarding how many hackers exist and the exact figures of how much hacking has cost U.S. companies is also hard to determine. The reason is that "disclosures about monetary damages caused by hackers rarely were made public, and many companies do not bother calculating the total because they are too busy fending off hackers, or they are too embarrassed to report the incident to law enforcement" (Nowak, 2011).
Security standards

The government has tried to determine standards as computer technology has blossomed, but it is difficult keeping up with the changes that are constantly being made. The government organization that controls security standards is called the National Institute for Standards and Technology (NIST). Since the early 1970's, this organization has been attempting to write encryption standards. Originally this was done for the military, but eventually the need was for a common set for all entities that held information that could be considered a national security risk.

Direct causes of vulnerabilities

SQL Injection

The term SQL is actually an abbreviation of structured query language which is used in database management systems (Pfleeger & Pfleeger, 2011, 541). In this type of attack a hacker can use the language, from a browser, to tell the database to release information. This can be used to tell a banking website to release the names and account information of all of the people that they have on record if the user knows just a few simple commands.

Phishing

This is an interesting play on words that can be one of the most personally damaging vulnerabilities around. Hackers know that certain problems with an account can cause an individual to lose their vigilance and respond to a message in which they need to give personal information. Phishing occurs when an individual is asked to give personal information to clear a problem that looks legitimate. The problem is that the phisher has copied the website logo and other vital information so that an email message appears valid when it is not.

Cross-site hacking/forgery

This occurs in the code sent between a…

Continue Reading...
Sources used in this document:
References

Jacobsen, D. (2011). Computer security education should not be limited to tech pros. Retrieved from http://searchsecurity.techtarget.com/magazineContent/Computer- security-education-shouldnt-be-limited-to-tech-pros

Nowack, Z. (2011). FBI memos reveal cost of hacker attacks. Retrieved from http://www.thenewnewinternet.com/2010/12/15/fbi-memos-reveal-cost-of-hacker- attacks/

Pfleeger, C.P., & Pfleeger, S.L. (2011). Analyzing computer security: A threat, vulnerability, countermeasure approach. Upper Saddle river, NJ: Pearson Education, Inc.

Waterman, S. (2011, August 15). Mediocre hackers can cause major damage: Researchers find vital infrastructure, factories at risk. Washington Times. Retrieved from http://www.washingtontimes.com/news/2011/aug/15/mediocre- hackers-can-cause-major-damage/print/
Cite this Document:
Copy Bibliography Citation

Sign Up for Unlimited Study Help

Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.

Get Started Now