{"id":404,"date":"2013-07-11T15:55:46","date_gmt":"2013-07-11T20:55:46","guid":{"rendered":"http:\/\/www.poweradmin.com\/blog\/?p=404"},"modified":"2015-04-27T08:46:51","modified_gmt":"2015-04-27T13:46:51","slug":"why-is-network-security-important","status":"publish","type":"post","link":"https:\/\/www.poweradmin.com\/blog\/why-is-network-security-important\/","title":{"rendered":"Why Is Network Security Important?"},"content":{"rendered":"

\n\t\"Importance<\/span><\/a>As the internet evolves and computer networks become bigger and bigger, network security<\/strong><\/em> has become one of the most important factors for companies to consider. Big enterprises like Microsoft are designing and building software products that need to be protected against foreign attacks. <\/span><\/span><\/span>\n<\/p>\n

\n\tBy increasing network security, you decrease the chance of privacy spoofing, identity or information theft and so on. Piracy is a big concern to enterprises that are victims of its effects. <\/span><\/span><\/span>\n<\/p>\n

\n\tAnything from software, music and movies to books, games, etc. are stolen and copied because security is breached by malicious individuals.<\/span><\/span><\/span>\n<\/p>\n

\n\tBecause hacker tools have become more and more sophisticated, super-intelligence is no longer a requirement to hack someone\u2019s computer or server. Of course, there are individuals that have developed sophisticated skills and know how to breach into a user\u2019s privacy in several ways, but these types of individuals are less common than in the past.<\/span><\/span><\/span>\n<\/p>\n

\n\tToday, most malicious users do not possess a high level of programming skills and instead make use of tools available on the Internet. There are several stages that an attacker has to pass through to successfully carry out an attack.<\/span><\/span><\/span>\n<\/p>\n

\n\tWhat is a Hacker?<\/strong><\/span><\/span>
\n<\/h2>\n

\n\t\"what<\/span><\/a>Originally, the term hacker defined an individual who possessed strong programing skills and was involved in developing new ways to protect networks against attacks. These days, a hacker is more commonly known as someone that uses computing skills to break into someone\u2019s account or computer and compromise their private information. You\u2019ve probably heard other terms that define such individuals like cracker, black hat, phreaker, spammer or phisher. <\/span><\/span><\/span>\n<\/p>\n

\n\tAll these terms define a person that uses his or her computing skills to steal important data. These individuals use different techniques that define them as a malicious user. For example, a spammer is someone who uses email services to send malicious emails that often carry viruses. A phisher is an individual who\u2019s specialized in duplicating real content like emails, websites or services, in order to trick a user into providing confidential information.<\/span><\/span><\/span>\n<\/p>\n

\n\tHow Do Security Breaches Happen?<\/strong><\/span><\/span>
\n<\/h2>\n

\n\tIf someone can gain enough information and holds the necessary computing skills, he\/she can compromise a company\u2019s network security somewhat easily. Because network security is mitigated by humans, it is also often susceptible to human mistakes. Anything from misconfigured equipment or services to unsecured usernames and passwords can pose a real threat to network security. Some default security holes of Operating Systems, network devices or TCP\/IP protocols can be used by hackers to gain access to network resources. <\/span><\/span><\/span>\n<\/p>\n

\n\tThere are known attacks in which protocol\u2019s weaknesses are exploited by attackers. Some of these protocols include SNMP, SMTP, HTTP, FTP or ICMP. It is important to update device\u2019s firmware, install the latest OS security updates and change the default settings. Every company should implement a security policy where potential vulnerabilities are addressed and treated.<\/span><\/span><\/span>\n<\/p>\n

\n\t\"Network<\/span>Network attacks are often caused by direct or indirect interaction of humans. There are many situations in which employees themselves pose the biggest threat to enterprises. Many times, employees will unintentionally install piracy software that is infected with viruses, worms or trojans. Other times, users may forget to secure their workstations, leaving them open as an easy target to potential attackers. And yet others may give sensitive information to outsiders, or even play a role in an important part of an attack. (Power Admin\u2019s <\/span>PA File Sight<\/span><\/a> can help identify when sensitive or secure files have been accessed, deleted or copied to other drives.) <\/span><\/span><\/span>\n<\/p>\n

\n\tThis is why a security policy should include internal and external threats. By gaining physical access to network devices, a user can extract important information from the company\u2019s servers or storage devices. Such attacks depend on the hacker\u2019s skills because without the proper tools, the success percentage is low. External attackers gain access to network resources through the internet, which is a very common way network security is compromised.<\/span><\/span><\/span>\n<\/p>\n

\n\tTypes of Network Security Attacks<\/strong><\/span><\/span>
\n<\/h2>\n

\n\tWe can group network attacks by the skills possessed by the attacker. Based on these criteria we can divide attacks in two categories:<\/span><\/span><\/span>\n<\/p>\n

\n\tUnstructured<\/strong><\/span><\/span> \u2013 attacks made by unskilled hackers. Individuals behind these attacks use hacking tools available on the Internet and are often not aware of the environment they are attacking. These threats should not be neglected because they can expose precious information to malicious users.<\/span><\/span><\/span>\n<\/p>\n

\n\tStructured<\/strong><\/span><\/span> \u2013 attacks made by individuals who possess advanced computing skills. Such hackers are experts in exploiting system vulnerabilities. By gaining enough information about a company\u2019s network, these individuals can create custom hacking tools to breach network security. Most structured attacks are done by individuals with good programming skills and a good understanding of operating systems, networking and so on.<\/span><\/span><\/span>\n<\/p>\n

\n\tSocial engineering<\/strong><\/span><\/span> \u00a0\u2013 \u00a0another type of network attack. Malicious users take advantage of human\u2019s credibility and often gain important information directly from their victims. They often call or send fraudulent emails to their victims pretending to be some other person entirely. <\/span><\/span><\/span>\n<\/p>\n

\n\t\"phishing<\/span><\/a>Phishing is a method that is pretty easy to implement by hackers. <\/span><\/span><\/span>This paragraph from <\/span>Wikipedia<\/span><\/a> describes phishing attacks: \u201cPhishing<\/strong>\u00a0is the act of attempting to acquire information such as usernames,\u00a0<\/span>passwords<\/span><\/a>, and credit card details (and sometimes indirectly, money) by masquerading as a trustworthy entity in an\u00a0electronic communication\u201d. Entire sites are known to be duplicated by hackers in an attempt to steal precious information from users.<\/span><\/span><\/span>\n<\/p>\n

\n\tIn today\u2019s data networks there are many different types of attacks and each one requires special skills that hackers must poses in order to successfully crack into someone\u2019s privacy:<\/span><\/span><\/span>\n<\/p>\n

\n\tEavesdropping<\/strong><\/span><\/span> \u2013 is one of the common types of attacks. A malicious user can gain critical information from \u201clistening\u201d to network traffic. Because most communications are sent unencrypted, there are many cases in which traffic is susceptible to interception. The traffic can be analyzed using sniffing tools (also known as snooping) to read information as it is sent into the network. Wireless networks are more susceptible to interception than wired ones. Eavesdropping can be prevented by using encryption algorithms.<\/span><\/span><\/span>\n<\/p>\n

\n\tDos and DDoS attacks (Denial of Service and Distributed Denial of Service attacks)<\/strong><\/span><\/span> \u2013 these attacks take advantage of network traffic to create abnormal behavior to network services or applications. Servers are often targeted and flooded with data until they become unreachable. Core network equipment can be blocked and thus prevent normal traffic from flowing into the network. Distributed denial of service attacks are more dangerous because attacks are made from multiple sources.<\/span><\/span><\/span>\n<\/p>\n

\n\tPassword attacks<\/strong><\/span><\/span> \u2013 these attacks are based on cracking user or equipment passwords. They are one of the most feared network attacks because once a user is compromised, the whole network can be damaged, especially if we are talking about a domain user or network administrator. <\/span><\/span><\/span>\n<\/p>\n

\n\tDictionary attacks use patterns to guess passwords in multiple attempts. Critical information can be gained by using a compromised username. This is one of the main reasons companies use strong passwords that are changed frequently.<\/span><\/span><\/span>\n<\/p>\n

\n\tCompromised-Key attack<\/strong><\/span><\/span> \u2013 by obtaining the private key of a sender, an attacker can decipher secured network traffic. This kind of attack is often hard to be carried out successfully because it requires good computing resources and skills.<\/span><\/span><\/span>\n<\/p>\n

\n\tMan-in-the-Middle attack<\/strong><\/span><\/span> \u2013 as the name implies, this attack is based on intercepting and modifying information between two transmitting nodes. A hacker can modify network routes to redirect traffic to its machine before it is carried out to the destination.<\/span><\/span><\/span>\n<\/p>\n

\n\tIP address spoofing<\/strong><\/span><\/span> \u2013 in this scenario hackers use spoofed IPs to impersonate a legitimate machine. The attacker can then modify packets making them look like legitimate traffic to the receiving network device.<\/span><\/span><\/span>\n<\/p>\n

\n\t\"Computer<\/span><\/a>Application-layer attacks<\/strong><\/span><\/span><\/span> \u2013 these attacks are based on cracking applications that run on servers or workstations. These types of attacks are common because there are many different applications that run on machines and are susceptible to attacks. Hackers use viruses, Trojans and worms to infect devices and gain important information.<\/span><\/span><\/span>\n<\/p>\n

\n\tExploit attacks<\/strong><\/span><\/span> \u2013 these are usually made by individuals who possess strong computing skills and can take advantage of software bugs or misconfigurations. By having enough information of a specific software, hackers can \u201cexploit\u201d a particular problem and use it to gain access to private data.<\/span><\/span><\/span>\n<\/p>\n

\n\tThese are the types of attacks that came to mind at the time of writing this blog post. If you think there are others that need to be mentioned here, don\u2019t hesitate to leave a comment and share with us your knowledge. If you have enjoyed this article don\u2019t forget to rate & share it to others. Enjoy your day and stay tuned for the following articles from PowerAdmin\u2019s blog, <\/span>Network Wrangler<\/span><\/a>.<\/span><\/span><\/span>\n<\/p>\n

\n\t\u00a0\n<\/p>\n

\n\tAuthor: Popescu Dan-Alexandru<\/strong><\/span><\/span><\/span>\n<\/p>\n

\n\tEmail: dancb10@gmail.com<\/strong><\/span><\/span><\/span>\n<\/p>\n

\n\tWebsite: <\/span>www.ittrainingday.com<\/span><\/a><\/strong><\/span><\/span>\n<\/p>\n

\n\tPhoto Credit: <\/span>William Hook<\/span><\/a> via <\/span>Compfight<\/span><\/a> <\/span>cc<\/span><\/a> Photo Credit: <\/span>ToastyKen<\/span><\/a> via <\/span>Compfight<\/span><\/a> <\/span>cc<\/span><\/a> Photo Credit: Kriss Szkurlatowski; 12frames.eu;<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

As the internet evolves and computer networks become bigger and bigger, network security has become one of the most important factors for companies to consider. Big enterprises like Microsoft are designing and building software products that need to be protected against foreign attacks. By increasing network security, you decrease the chance of privacy spoofing, identity […]<\/p>\n","protected":false},"author":4,"featured_media":407,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,6,9,8],"tags":[],"class_list":["post-404","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general-it","category-tech","category-technical","category-windows"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/404","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/comments?post=404"}],"version-history":[{"count":5,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/404\/revisions"}],"predecessor-version":[{"id":3588,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/404\/revisions\/3588"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/media\/407"}],"wp:attachment":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/media?parent=404"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/categories?post=404"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/tags?post=404"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}