• Choose a category
• All
• Classic-Fiction

External Threats

Many of the internal threats that a company must deal with involve procedures and methods that are standard across industries. External threats, on the other hand, are increasing at an alarming rate. Several years ago, most computer incidents were caused by groups of kids or hobbyists who were primarily in it for fun. Most of the time, these incidents were not intentionally malicious in nature. A few of them did involve alteration or destruction of data and records.

Today, many companies take orders online, process payments, track shipments, manage inventory, use online databases, and administer other key information using complicated systems. These systems are connected to other systems that contain private corporate records, trade secrets, strategic plans, and many other types of valuable information.

Unfortunately, when these systems are compromised, an entire business or industry can be compromised. Incidents have occurred where security breaches remained open for years, and the companies involved had no knowledge that a compromise ever took place. One of a professional criminal’s greatest joys is creating and exploiting this type of security breach.

Early methods of cracking systems were primitive and labor intensive. Today, software packages exist that find targets automatically and then systematically attack the targets to find their vulnerabilities. Many of these tools use graphical user interfaces that require little technical expertise on the part of the would-be hacker. Many computer systems are being repeatedly and methodically attacked by the curious or by criminals attempting to commit a crime.

The job of a computer security professional in this situation is to detect the attack, find ways to counter it, and assist law-enforcement personnel in investigating the activity. This type of work is interesting and involves many of the skills you’ll learn in this book.

Understanding Vulnerabilities

A computer security specialist’s main area of concern will probably revolve around the security capabilities of the software and systems used in the business. Until recently, many operating system manufacturers only paid lip service to security. One popular operating system used a logon and password scheme for security. When the logon prompt occurred, all you had to do was click the Cancel button and the system would provide most of the network capabilities and local access to all resources. If the screensaver was password protected, you could either enter the password to unlock the system or reboot the computer to have the system be unsecure. This was worse than having no security. Many users thought they had a secure computer system, but they didn’t—and many thefts of data by coworkers occurred as a result.

The Transmission Control Protocol/Internet Protocol (TCP/IP) network protocol used by most corporate networks was designed to allow communications in a trustful environment. This protocol was primarily experimental and was used by schools and governmental agencies for research. Although it’s robust in its error handling, by its nature it’s unsecured. Many modern network attacks occur through the TCP/IP.

Operating systems and applications programs have long been vulnerable to external and internal attacks. Software companies want to sell software that is easy to use, graphically driven, and easily configured. Users want the same thing. Unfortunately, this creates additional security problems in many networks.

One of the most popular products in use today allows e-mail and attachments to begin executing programs or instructions embedded in a message. This functionality allows e-mail messages to have fancy formatting, but it also lets e-mails carry viruses that can damage networks or spread to other networks. The manufacturer of this software is now releasing security updates, but it seems that every time it introduces a security update, someone comes up with a new way around it.

Many operating system manufacturers are