Identify Potential Malicious Attacks, Threats and Vulnerabilities

Published: 2020-08-13 06:47:40
892 words
3 pages
8 min to read
letter-mark
B
letter
University/College: 
Type of paper: 
This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Technology advancement has changed over the years and has had a significant influence on the business operation. With the gradual growth in e-business and Internet applications, Information system security has continued to grow, and it is evident that managers in different organizations are more concerned with the security and confidentiality than any other issue in the organization (Ghosh, O'Connor & McGraw, 2014). This is because thelack of security and confidentiality gives the competitors an upper hand to gain more market share and competitive advantage. E-crimes has downgraded many organizations their sense of security and confidentiality.

Information acts as a strategic tool within the business environment and contains the plans for the organization success. The measure of the importance of information ranges from those that secure the organization physical assets to the mechanisms put in place by the organization to prevent access, disruption and interruption of the information. These system securities need to not only safeguard the individual segments or departments in the organization but holistically set measures to protect the business from harm and malicious activities. With the increased number of LANs and PCs, malicious activities have increased, and there exist anuntold number of security risks. Firewall devices, for example, have been used to enforce access control policy. The firewall technology has given business a balance between security and simple outbound accessibility to the internet thatwas earlier used for e-mail and web surfing only.

Malicious activities in network security are those activities around the systems that lead to possible information loss. Some of the malicious activities include data theft, system destruction and interference with the entire system for another individuals benefit. These acts of data theft in the organization can occur on the organization information resources like hardware and software, file information on transit and databases. Data theft in the organization results to undesirable discloser of information to theunauthorized party who may collude with the competitor and give them a competitive advantage over the organization. These stolen data can also be used to interfere with the organization operation in a malicious way to prevent it from gaining the target financial profit.

System destruction, on the other hand,is done on the organization data files and databases or even the organizations hardware to interfere with the organization operation. Destroying some of the core hardware and software components of the organizations interfere greatly with the organization operation. This will lead to system breakdown that in the long run threaten the entire organization credibility. Interference with the whole system is done to gain access to private and confidential files in the organization (Bosworth, Kabay& Whyne, 2009). This is also done to help the competing partners gain a competitive advantage over their fellow organization.

Some of the security controls that can be implementedto protect against malicious attacks involve the implementation of policies on malicious code security capability and malicious code awareness training among the employees. Anti-malware software can be installed on NIDS. Additionally, daily updates on malware software and virus update can be done to prevent malicious activities. Once a malicious activity is detected, the Network Intrusion Detection System (NIDS) shall use appropriate software to scan real time all incoming and outgoing messages and malicious codes generated by another party deleted. In thecase of any complication, employees shall inform the organization system administrator for a quicker solution.

Data loss and data theft

The dynamic nature of technology has led to data theft, and data loss in the organizations thathas had severe consequences for the business operation. Some of the information required and saved in the computers have personal information and give the cybercriminals the chance to steal digital identity and use in fraud. In case a malware software attacks and then deletes information that was not intended, the consequences of the loss depends on the value of the information lost(Ciampa & CTIA, 2015). If the deleted data were notimportant, the attack could be a minor inconvenience. However, the malware software could result in loss of some important information. Data losses that can exist in a network include loss of photography archive, vital organization financial or investment records or important correspondents.

Data theft will occur in the business environment when a virus infection on the PCs leads to the theft of some of the crucial information. This result to asevere breach of privacy and theft of funds from the organization accounts. When data is stolen from a business venture, some of the important organization information like financial and customer databases will end up in the wrong hands.

To prevent some of these data loss and data thefts in a network, it is important first to installrigorous anti-malware software to prevent the infection of the organization hardware and software components. While doing this, there is a need to make regular backups of the organization financial and customer databases. When data is backed up, there will be no issue even if the malware interferes with the software components of the organization.

References

Ghosh, A. K., O'Connor, T., & McGraw, G. (2014). An automated approach for identifying potential vulnerabilities in software. In Security and Privacy, 1998. Proceedings. 1998 IEEE Symposium on (pp. 104-114). IEEE.

Top of Form

Ciampa, M. D., & Computing Technology Industry Association, (2015). CompTIA security+ guide to network security fundamentals.

Top of Form

Bosworth, S., Kabay, M. E., & Whyne, E. (2009). Computer security handbook. Hoboken, N.J: John Wiley & Sons.

Bottom of Form

Bottom of Form

sheldon

Request Removal

If you are the original author of this essay and no longer wish to have it published on the SpeedyPaper website, please click below to request its removal: