It is during the 1980s that Internet technology became vulnerable to cyber-attacks (Averbuch and Siboni, 2013). From then on, these threats on this technology have continued to increase markedly to the unprecedented levels that they are today. Research has shown that over 63% of all internet technology attacks are specially designed for their target environment (Cisco, n.d.). The United States government has been the most targeted with a five-fold increase in attacks against it being recorded from 2006 to 2009 (Cisco, n.d.). As of 2011, 59% of all organizations in the US believed that they are under a constant danger of cyber-attack (Cisco, n.d.) This paper intends to discuss the various types of cyber vulnerability and threats to the internet technology systems that may be used to conduct cyber attacks on governments and organizations in the world today.
The use of null or default passwords makes an organization to be vulnerable to cyber-attacks. Null and default passwords are very common among hardware such as firewalls, VPNs, routers and network attached storage appliances (Red Hat, 2006). The use of these null or default passwords makes it very easy for unauthorized users to access the account and conduct illegal activities on these devices.
Default shared keys is also another avenue that malicious users can use to launch their attacks on a particular internet technology system. This type of vulnerability is most common in preconfigured secure server appliances and wireless access points (Red Hat, 2006). The default shared keys provides access to all users using that particular shared-key resource. Authorized users with that key-resource can, therefore, use this avenue to obtain sensitive information from other users who opted to continue using the default shared key.
IP spoofing is another channel that malicious users can exploit to launch an attack on a network. This technique uses a remote machine as a node to the target network. The remote device then locates any vulnerability the target network may have. It then exploits this vulnerability to install either a trojan horse or a backdoor programme which will then be the avenue which the malicious user will use to gain complete control over the resources of the target network (Red Hat, 2006).
Eavesdropping can make an internet technology system to be vulnerable. It entails the collection of data that is transmitted between two active nodes on a network (Red Hat, 2006). Plain text transmission protocols such as FTP, telnet and HTTP transfers are the most easily attacked when this technique is used. For an attacker to successfully use this technique, they must have access to an already compromised LAN.
Service vulnerabilities are other potential avenues which a malicious user can use to access a network and compromise its activities or gain access to sensitive information. Attackers look for any weaknesses that are present on a system that is run over an internet. Using this weakness, the attacker gains access to the system and may decide to compromise the entire system together with any data that it may contain. The attacker may use the weaknesses in one particular system to gain access and compromise other systems that share the same network with the already compromised system (Red Hat, 2006).
Application vulnerabilities are also other famous avenues for cyber-attack. Workstations and desktops are the most vulnerable points which attackers use to gain access to a system. Attackers find this system very easy to use because most workers in workstations neither have the expertise nor the experience to detect or even prevent a compromise (Red Hat, 2006). Emails with compromising applications such as arbitrary codes or trojans are sent to these workers. In the event they are opened, these applications self-install and may be used to compromise or completely crash an organization's system.
The denial of service is also another avenue used by attackers to compromise a particular system. The malicious users send unauthorized packets to the target host (which can either be a workstation, router or server). The sending of these unauthorized packets often overwhelms the system that has been targeted, and this renders it unavailable to the legitimate users for as long as the illegitimate users may wish or until these packets are detected and destroyed (Red Hat, 2016).
The vulnerabilities mentioned above often present various risks to internet technology systems. These threats can be broadly classified into two categories: broadcast attacks and targeted attack. In a broadcast attack, the people initiating the attacks indiscriminately target computers (Averbuch & Siboni, 2013). These attacks are also characterized by an attempt to extensively infect software agents with the aim of creating a network of computers which can be used by the attackers to carry out independent commands or retrieve commands from a control server. Targeted attacks, on the other hand, are directed to a specific internet technology systems user. They are created and customized to achieve a particular goal. They analyze for weaknesses in that specific systems and then exploit it for their malicious desires (Averbuch & Siboni, 2013).
Previously, viruses and worms were used to launch either targeted or broadcast attacks on individuals or organizations using internet technology systems. However, the development of anti-virus technology was able to detect and deter these malware from causing damage on networks (Averbuch & Siboni, 2013). Trojan horses have however proved to be elusive, making it even more difficult to detect and prevent them from accessing a network. It is because Trojan horse developers can change the way it spreads or how it operates to make it utterly undetectable by the cybersecurity applications installed to prevent the networks from attacks (Averbuch and Siboni, 2013).
In conclusion, cyber vulnerabilities and threats put internet technology users at a constant risk of possible attack. It has made cybersecurity firms to continuously update their anti-virus applications to guarantee their customers' safety. To reduce the chances of being attacked, organizations should periodically update their security applications so that they have the most advanced cybersecurity systems that are available at any given time. They should also be vigilant to detect any malware that may have been successful in penetrating the organization's cybersecurity applications. It will ensure that the organization is secure and that it can respond to any attack early before it causes extensive damage to the organization's network.
Averbuch A. and Siboni, G. (2013, May). The Classic Cyber Defense Methods Have Failed-What Comes Next? Military and Strategy Affairs, Vol 5, No. 1. Retrieved from: http://www.inss.org.il/uploadImages/systemFiles/MASA5-1Eng5_Averbuch%20and%20Siboni.pdf
Cisco (n.d.). Cisco Cyber Threat Defense Solution Overview. Retrieved from: http://www.cisco.com/c/en/us/solutions/collateral/enterprise-networks/threat-defense/solution_overview_c22-700869.html
Red Hat, Inc (2006). Red Hat Enterprise Linux Deployment Guide. Read 41: Security Overview and 41.4: Common Exploits and Attacks. Retrieved from: https://www.centos.org/docs/5/html/Deployment_Guide-en-US/
Cite this page
Cyber Security Essay Sample on Cyber Vulnerabilities and Threats. (2022, Sep 06). Retrieved from https://speedypaper.com/essays/cyber-security-essay-sample-on-cyber-vulnerabilities-and-threats
If you are the original author of this essay and no longer wish to have it published on the SpeedyPaper website, please click below to request its removal:
- Humanitarian War Essay Sample
- Informative Speech Example: Genetically Modified Foods
- A Multinational Approach to the Chinese Market - Free Essay in Management
- Essay Example: Home Care for Elderly
- Pepy's Diaries
- Essay Sample for You: Social Media and Its Effects on Family Life
- Essay Example Comprising the Supply Chain Analysis of Tesco Supermarket