This paper provides a foundational overview of information technology security, covering the primary categories of malware and attack vectors that threaten modern computer networks. It examines viruses, spyware, worms, Trojans, zero-day exploits, denial of service attacks, and data interception, explaining how each operates and how organizations defend against them. The paper then outlines a three-part network security framework centered on personnel competence, up-to-date software, and current hardware. Real-world breaches at Target and Home Depot are cited as cautionary examples of what happens when security policies and staff vigilance fall short. The paper concludes by emphasizing that no organization with sensitive data can afford complacency in its security infrastructure.
Information systems have always been complex, and securing those networks and systems has been equally challenging. With the growing complexity and capabilities of modern machines and networks, the security implications — and the depths to which malicious actors will go — continue to expand. This report explains the basics of information technology equipment and security, as well as the threats that exist within that space. These threats include worms, viruses, Trojans, spyware, adware, zero-day attacks, hacker attacks, denial of service attacks, and data interception or theft.
Typical computer networks are made up of a series of workstations and other devices, which may include servers, printers, firewalls, switches, and routers. The different pieces of equipment that exist may or may not be network-enabled or even capable of networking at all. Some devices communicate only through USB, while others can communicate as or through computers and networks — printers, for example, can function either way. Regardless of the actual equipment involved, each network will have at least some sort of hierarchical structure that controls which computers can communicate with which others, what traffic is regulated, where it is allowed to pass, and what traffic can enter or exit the network (Desai, 2013).
The broader classification of software designed to harm, steal from, or otherwise attack a network is known as malware. Perhaps the most well-known form of malware is the computer virus. Viruses can infect systems based on either software vulnerabilities or user error through tactics like imitation and social engineering. A virus may reside within the master boot record of a computer, or it may exist in the operating system, the RAM, or within particular applications. Common targets for the latter include productivity software such as Microsoft Office — anything capable of running macros or database files (e.g., Excel, Access) is frequently targeted. The most common tools for combating these programs are antivirus applications such as McAfee and Norton/Symantec. Free alternatives for general users include Avast and AVG, though enterprise-level virus protection is almost always a paid solution, as most free vendors prohibit commercial use (Holt & Schell, 2013).
Spyware is a more specific subset of malware and consists mostly of tactics that range from harmless but annoying to genuinely threatening — including system monitors, tracking cookies, adware, and Trojans. The delivery pathway for spyware is often more direct and noticeable, though a "wolf in sheep's clothing" approach is common, as these programs and dialog boxes typically present themselves as something legitimate. For instance, a company like Amazon placing a tracking cookie on a user's computer to monitor browsing habits and suggest related products is technically spyware, but it is largely benign. However, the motives behind cookies and other trackers are not always so innocent.
A more commonly nefarious type of malware is the worm, an acronym for "write once, read many." The "read many" component refers to the fact that once a worm infiltrates a computer, it replicates itself on a massive scale, spreading rapidly across systems (Holt & Schell, 2013).
A zero-day attack exploits a known vulnerability in a piece of software for which a patch has not yet been released. For example, when the SSL encryption protocol was found to have the Heartbleed flaw, the window between when hackers discovered the vulnerability and when it was patched represented a classic zero-day opportunity — the software developers had had "zero" time to fix the issue. Beyond that defining characteristic, zero-day attacks differ from conventional malware in an important way: a specific person is the active force behind the attack as it unfolds. A traditional virus, by contrast, is released onto the internet and propagates to other machines through email or web browsing without direct intervention. Zero-day attacks typically require ongoing, direct involvement from the hacker (Holt & Schell, 2013).
Not all hackers are malicious. Those who use their skills to test networks and equipment in order to help prevent future attacks are known as white-hat hackers, while those acting maliciously are called black-hat hackers. The term "cracker" is also sometimes used as a synonym for the latter. Some hackers operate in groups and use collections of compromised computers — sometimes called botnets — to launch coordinated attacks. This is the basis for a denial of service (DoS) attack or, when multiple machines are involved, a distributed denial of service (DDoS) attack. In essence, a DoS attack intentionally overwhelms a network using the combined keystrokes and processing power of a hacker group or individual — the computing equivalent of a battering ram — in order to gain unauthorized entry (Holt & Schell, 2013).
"Risks of unencrypted data in transit"
"Three-pillar framework for network defense"
Holt, T. J., & Schell, B. H. (2013). Hackers and hacking: A reference handbook. ABC-CLIO, LLC.
Sharf, S. (2014). What it means for Home Depot if data breach is larger than Target's. Forbes.com, 26.
You’re 54% through this paper. Sign up to read the remaining 2 sections.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.