Network Security

 

 

 

 

 

 

 

 

 

Network Security

 

Miguel Artache

The University of Arizona Global Campus

TEC101: Fundamentals of Information Technology and Literacy

Professor Amr Elchouemi

May 24, 2022

 

 

 

Computer networks are the backbone of our everyday lives. We interact with computers and networks daily to shop, plan vacations, go to school, and do research. The Internet superhighway allows everyone accesses to every piece of information available on the Internet. The unfortunate part of the information superhighway is the malicious activity by individuals or groups with a purpose. The basics of Ping is to tell you if the destination is online and communicating. Network Administrators and Ethical hackers use Ping for basic troubleshooting.

Ping packet floods from multiple hosts can carry out distributed Denial of Service Attack (DDOS) simultaneously. Here is an example. A hacking group wants to take down a particular website because they disagree with their views. The hacking group can coordinate hundreds of thousands of workstations infected with a virus to assemble the infected computer in a botnet network. At the same time, the botnet of infected computers ping flood the website’s web servers to get the webserver to stop responding. Ultimately, the overload of packets takes the webserver offline and makes it inaccessible to respond to legit HTTP GET requests for the website.

Another type of ping attack is the Ping of Death. The attacker floods to destination with large ICMP packets without waiting for replies rendering the destination victim to go offline—the Ping of Death as a type Distributed Denial of Service Attack. The attacker used huge packets to take down the destination host.

Password cracking is a significant threat to stealing data and compromising data systems in our modern-day world. Hackers use brute force password dictionary attacks in which they use software to mix alpha-numeric combinations and symbols to attempt to gain access to an account or system for malicious purposes. System and security administrators are implementing protections to safeguard against dictionary attacks. One way that administrators do this is to place account lockout policies on accounts. After a defined number of failed attempts, the account is disabled, protecting the system from infiltration. Another way to prevent access is by increasing password length and complexity. An organization with complex passwords containing symbols, letters, numbers, and length allows security administrators time to determine the nature of the attack due to failed account attempts on authentication servers. Lastly, establish second password authentication, such as duo requiring a pin after entering the password.

Security holes and vulnerabilities occur when you have a lazy administrator—allowing devices on your network that are not patched with the latest security vulnerabilities open holes in the network where attackers can use the devices as a vector. A security administrator must require any devices from vendors to have the latest patches and adhere to the patching policies of the organization. Healthcare organizations are notorious for lack of security hardening across the network and devices. Another tool I enjoy is Cylance. Cylance monitors devices for script execution in folders such as the Temp folder in windows. Attackers load their payload to the Temp folder because there is no security in this folder. When Cylance detects the attempt to execute, the file or files are quarantined and removed.

Ping attacks, password cracking, and security vulnerabilities have organizational impacts. These impacts can sometimes take down organizations, resulting in loss revenue due to a lack of security posters. Organizations worldwide are investing significant amounts of money into Cyber security to protect their information data.

Comments

Post a Comment

Popular posts from this blog

ABOUT ME

  My name is Miguel Artache. I was born and raised in New Jersey. I moved to Florida for a short time and then back north to New York and now living in beautiful Ridgefield, Connecticut, with my wife and two children. I have an extensive background in Information Technology, spanning twenty-one years from Desktop support, Network Engineering, and various IT leadership roles. I hold various technical certifications, including the Project Management Professional (PMP). In my current role, I am the Director of Healthcare Technology Management (Biomedical Engineering), responsible for a team of thirty staff and responsible for one-hundred thousand medical devices for a significant Healthcare network in New York City. I have been in my current role for the last two years. I enjoy my position because my team and I directly impact the outcome of patient care. I started this blog to bring more visibility to the transformation Biomedical Engineering is undergoing. In recent years, Biomed ac...
Read more

Tech Topic Discussion - Healthcare Technology Management and Information Technology

    Tech Topic Connection:   Healthcare Technology Management focuses on Medical equipment to save people's lives all across the world. In recent years, the industry has shifted and begun integrating to be more technologically focused. Medical equipment is finding its way onto corporate Healthcare networks, either wired or wireless fashions. Converging Biomedical, medical devices, and Information Technology will bring life-saving devices to the next level. Each medical device has some programming on how the device operates. Keystrokes and operations are all driven by an embedded program in that the CPU receives instructions. Devices such as IV pumps receive initial programming via application and connection dongle to receive drug libraries via wireless networks to ensure all pumps across an enterprise healthcare system have the same version of the drug library. This method promotes standardization and reduces drug misadministration. Another example of software i...
Read more

Healthcare Digital Transformation

  In the past several years, the Healthcare industry has been going through a technological transformation. All hospital service lines have moved from paper charts to electronic charts. Electronic Medical Records are leading the way in this transformation. From physicians to nurses, you see workstations on wheels and ipads in the hands of clinical staff. Many hospitals are moving to Epic to centralize that patient healthcare record data and take advantage of patient portals. Patient portals provide seamless access for patients to medical records anywhere. The fact is that the patient owns their medical records and needs to have access quickly for follow-up appointments. In the old days, you needed to go to the hospital patient record depart and request that your patient files be printed. As computer networks grow in speed and security, more healthcare organizations move medical devices to their networks for patching and security hardening. Many organizations have commented on build...
Read more