Network Security

    There are many different computer attacks that bad actors utilize like viruses, ransomware, social engineering, trojans, phishing, and DDOS attacks. All these exploits are intentional and malicious. They are designed to either steal personal, confidential, or proprietary information, cause losses of billions of dollars due to the downtime caused, gather information about individuals to be used as an exploit, or steal sensitive information to hold for a ransom. Every time exploits are resolved with security patches or updates; more are created in a never-ending vicious cycle of exploitation.



    A DDOS attack can be initiated utilizing a ping in what is called a “Ping Flood”. A ping flood is a Denial-of-Service attack in which an attacker takes down a victim’s computer by overwhelming it with ICMP echo requests, also known as pings. Overwhelming a computer or server creates a situation where valid users are denied service. In the sales industry, this can cause millions of dollars in lost revenue in a very short time. In the professional environment, a DDOS attack can force workers to come to a complete halt, which also costs a company time and money. Malicious DDOS attacks first began occurring in 1996 and continue to this day, completely disrupting whatever system they are targeted at.



    Another extremely common type of computer vulnerability or security incident is Phishing Attacks. This attack is perpetrated through emails. A bad actor sends emails that are pretending to be and look like emails from legitimate businesses. These emails try and steal your login credentials to the legitimate business they are masquerading as. To try and counter phishing attacks automated tools such as spam filters, spam blockers, and machine learning have been developed. Those methods along with employee training have still not been enough to completely prevent phishing. The average person can install anti-phishing or anti-spam software and educate themselves about what a phishing attack is and looks like, to prevent one from happening.Social engineering attacks rely on human interaction and a lack of situational awareness on the internet and social media. The attacker compiles information about an individual to create a dossier that has extensive personal information such as important dates, names of those closest to them, addresses, phone numbers, workplaces, and any other available information. This information can then be used to crack passwords, imitate the victim to their employer or others, or convince the victim the attacker can be trusted. Social engineering is sort of like hacking a human. To protect oneself from this type of attack personal information divulged on the internet or social media sites and apps should be kept to a minimum. It is recommended to keep personal social media pages private, instead of public, and verify that you know the individuals on your friend list. The less personal information available, the smaller the dossier. Another recommendation is to always verify individuals are exactly who they say they are. If there is any doubt proceed with extreme caution.

    There are many ways to avoid becoming a victim of an internet crime. The most important is situational awareness and knowledge. Educate yourselves, friends, and family about the dangers and preventative methods. Verify, verify, verify. If you are unsure about something, or it doesn’t seem right, it probably isn’t. Fortify your information. Create backups and a backup schedule, install security software on personal devices and utilize a firewall, utilize multi-factor authentication (MFA) whenever possible, and lastly, create difficult and different passwords and change them routinely. These are some simple things we all can do to lessen the likelihood of being victimized by individuals with malicious intentions.