Cybersecurity has been an endangered area in recent years, and cyberattacks will become the third leading cause of global disruptions in the next five years, right after natural disasters and weather disasters. To protect against such phenomena, it is necessary to encourage entrepreneurs and individuals to increase their awareness of potential risks, to improve their safety. First of all, it is necessary to avoid suspicious links and attachments, then they advise us to stick to reliable websites, take care of the strength of passwords, and to regularly update the security software on computers and other devices. It seems that there is still a huge lack of knowledge and a complete understanding of the problems that can happen on the Internet, so any help and support is great.
Security and computer networks
Computer networks are an important part of the infrastructure of many systems. Endangering their safety, ie. unauthorized inspection, modification, or damage to data, programs, servers, workstations, transmission paths, or other resources is a danger faced by almost anyone who is in any way involved in the development, introduction, use, or maintenance of such systems.
The accelerated development and growing importance of computer and communication technologies, necessary for modern business, requires solving security problems special attention. Information security requirements within the organization they have survived significant diameters in the last few decades. Before there came a mass proliferation of data processing devices, data protection, which is considered significant in one organization, provided physical and administrative measures. Name of the generic tool, procedures, policies, and solutions designed to protect the system from attack computer network security. Three aspects of information security:
Security attack – security of information that would be compromised by any action,
Security mechanism – a mechanism designed for detection, warning, or recovery from a security attack,
Security service – a service that increases the security of the processing and transmission system of the data. Security service involves the use of one or more security services mechanisms.
Password managers as a feature of security and safety
Using passwords. Be sure to use user passwords and change them frequently. Not use “obvious” passwords such as family members’ names, dates of birth, phone numbers, pet names, and the like. The paradox: the use of complex passwords can sometimes increase the risk in practice because then they need to be written down, which increases security risk. Identifying users using confidential information is the most commonly used method of authentication because it does not require any special hardware other than the keyboard.
A special problem represents storing password information on a computer system disk. If the problem of access control on the system is not well solved, intruders can easily get to this information. In that case, the intruder has the passwords of all users, including privileged user passwords, such as system administrators.
Passwords are a vulnerable place (especially if they are short or simple or written as a reminder paper next to the computer) and as such is one of the favorite objects used by malicious attackers to gain an illegitimate approach. The problem is storing password information on the computer disk system. Intruders can access this information and then find out the user passwords including privileged user passwords, such as system administrators.
To avoid such problems, it is necessary to use a good password manager, for example, Keeper Password Manager. What exactly are password managers? Simply, these programs remember your entries, store passwords can offer you automatic creation of new, extremely complicated passwords, and can store confidential information such as your credit card numbers. They work on the principle of multiple and complicated encryptions of all your entered data. All you need to do is create a master or super password at the beginning of use, and that’s it. In the future, all you need to do is remember her. Password managers come in the form of classic or portable programs (you can carry them with you on a USB drive), or even as simple add-ons for Internet browsers. A special advantage is that all programs are free and usually extremely easy to use.
The most commonly used attacks and threats
The computer system and computer network can be attacked in many ways. Usually, the methods used to exploit weaknesses are DoS, IP spoofing, and snooping.
• Denial of service – DoS as an attack provokes termination of the service or program, which prevents others from working with its services or programs.
• IP address spoofing – An attacker monitors IP addresses in IP packets and presents itself as another computer. As DNS does not check where they come from information, an attacker may carry out a spoof attack by giving incorrect information (trusted computer name) DNS service. The best protection against this attack is preventing routing with source addresses that we know for sure are invalid – for example, rejecting packets arriving at the router’s public interface, and having a local network address.
• Sniffer – The attacker intercepts TCP / IP with special programs packages that pass through a specific computer and, if necessary, review their contents. As data that is not encrypted usually moves through the network, a sniffer can easily access confidential information. Also, a program written by one user (programmer) and used by other users, can pose a potential threat and possibly lead to a successfully executed system attack. Threats of this type are called software threats; these include Trojan horses, traps, and buffer overflows.
• A Trojan horse is an illegal segment of code planted in the code of a program that aims to change the function or behavior of the original program. For example, in a text editor, a routine that searches for an open file can be planted even if it finds the desired sequence, copies the file to a location accessible to the programmer who wrote that editor. A special variant of the Trojan horse is the program that mimics the login procedure to a system or network;
• Trap – The author of the program may accidentally or intentionally leave blanks in his code (trap) – an intruder who knows about those places can subvert his code and thus makes some profit. Also, the author of the program can modify a piece of code so that the modification cannot be easily noticed.
• Exceeding, ie. Buffer overflow on the stack or heap of memory – Buffer overflow is the most common attack from the network when attempting unauthorized access to the system. Authorized users can also use this type of attack to trick the system and accomplish its greater rights than those they have. As a rule, an attacker uses a bug in the program, that is, insufficient control over the separation of stacks, data, and code. Then the attacker sends more input than the program expects, overflows the input field, line command arguments, or input buffer until reaches the stack, overwrites the valid address in the stack with the address of its code, full part acquires its code, which, for example, executes a command (copies some data or run by a command interpreter). In case of a successful attack, instead, an insufficiently protected program, illegal code inserted by overrun will be executed.
Data and information that can be taken from you can lead to serious consequences. Knowing the different passwords that are the things that are crucial in your lives. I find out the same can lead to disaster.