Williams, P. A., & Woodward, A. J. (2015). Cybersecurityvulnerabilities in medical devices: a complex environment and multifacetedproblem.
Retrieved November 16, 2017, from https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4516335/Winterfeld, S., & Andress, J.
(2012). The basics of cyber warfare:Understanding the fundamentals of cyber warfare in theory and practice. S.
l.:SyngressWare, W. H., United States, & Critical Technologies Institute (RandCorporation) (1998). The cyber-posture of the national informationinfrastructure. Santa Monica, CA: Rand.
Top Network Security Weakness. (n.d.). Retrieved fromhttp://www.
e-janco.com/TopNetworkSecurityWeaknesses.htmlSnedaker, S., & Rima, C. (2014). Business continuity and disasterrecovery planning for IT professionals. Waltham, MA: Syngress.
Rowland, C. H. (2002, June 11).
Patent US6405318 – Intrusion detectionsystem – Google Patents. Retrieved January 12, 2018, fromhttp://www.google.
com/patents/US6405318Knapp, K. J. (2009). Cyber-security and global information assurance:Threat analysis and response solutions.
Hershey, Pa: Information ScienceReference.Klevinsky, T. J., Laliberte, S., & Gupta, A. (2002). Hack I.T:Security through penetration testing.
Boston: Addison-Wesley.Graham, J., & Howard, R. (2009).
Cyber fraud: Tactics, techniques,and procedures. Boca Raton: CRC Press.Bays, L. R., Oliveira, R.
R., Barcellos, M. P., Gaspary, L. P., &Madeira, E.
R. (2015, January 27). Virtual network security: threats,countermeasures, and challenges. Retrieved November 16, 2017, fromhttps://jisajournal.springeropen.
com/articles/10.1186/s13174-014-0015-zBasu, E. (2015, November 05). The Top 5 Data Breach Vulnerabilities.Retrieved November 16, 2017, fromhttps://www.forbes.
com/sites/ericbasu/2015/11/05/the-top-5-data-breach-vulnerabilities/#7d4878084d04References Inconclusion, cyber security is an ever evolving field in the IT world and itisn’t one that will be easily slowed down. This is due to the pace oftechnology coming out, only eleven years ago did we just get introduced to thesmart phone and that opened a whole new world to cyber security, so who knowswhat the future actually holds. Now we have drones, self driving cars, andother pleasure items that can be hacked and cause a plethora of issues amongsociety. Netflix has recently introduced a new series called Black Mirror thatshows the issue with all the technology that is coming out now. Whentalking about cyber security, vulnerabilities could be defined as weaknessesthat allow a threat to reduce a systems security (Graham & Howard, 2009, p.
30). Vulnerabilities of a network vary just as much as what goes into protectingthe network. Something as simple as having a complex password can go a long wayinto protecting a work station from remote access.
Organizations, businesses,and governments around the world have to solve and prevent these weaknesseswhile also maintaining the integrity of their entire infrastructure (Winterfeld& Andress, 2009, p. 25). Hardware,software, networks, location, and most importantly people play a very largerole in this subject (Graham & Howard, 2009, p.
80). Hardware is a uniqueasset to protect because you are not only trying to protect the virtualnetwork, but you’re also trying to protect the physical machine as well. Thisis said because you could have the greatest physical network security designthat relies on a combination of hardware and software, just for it to be foiledbecause something overheated. Hardware is also very susceptible to physicalharm also like humidity, liquid, or dust (Graham & Howard, 2009, p. 52).
Thelocation of a system can play a vital role. Questions like “Is the areasurrounding the network systems subject to hurricanes, tornadoes, flood, poweroutages, and etc.?” (Snedaker & Rima, 2014, p. 25). technique that is used to secure informationsystems (Winterfeld & Andress, 2009, p.
38). Cryptography’s main purpose isauthentication and can be considered the first line of defense for cybersecurity. Encryption of information is essential for those who want to try andkeep their information secured from those who do not have the need to know. Dataencryption is the key, but literary the “key” is the key (Winterfeld , 2009, p.
33). Cryptography can be explained as person y wants to sendperson z information without person x knowing anything about it. Now if personx has hacked into the network and can see all the data being transmitted to andfrom y and z, then encryption will help make it difficult for person x to seeit.
That’s because it will take the information and follow an algorithm thatperson z will have the key to decrypt. Since person x does not have the keythen all they will see is a bunch of information that makes absolutely no senseto them because they do not have the key. Having a strong key is the literallythe key to having a good cryptographic system. Cryptography is defined by howmany bits the key has, the more bits the keys have the better it will be,however just like Cyber security, there is no way of making a crackproof key. A128-bit encryption is a perfect example of how long a key should be and howdifficult it should be to crack (Winterfeld & Andress, 2009, p. 35). A 128bit encryption is by all means a great encryption length because it can takepossibly decades for somebody to crack that information, so by the time theycrack it the information within the message is more than likely null anduseless. Now it’s not just messages that can be encrypted, whenever you see thehttps:// in front of a web address you will see that it has a lock which meansit is secured.
Cryptographycan be found in a variety of software programs related to cyber security.Cryptography can be looked as a basis for securing information that needs to besent from one person or system to another. Cryptography is a mathematical Whereasintrusion detection systems will alert the administrator upon suspiciousnetwork traffic, intrusion prevention systems alert and try to stop the threat(Rowland, 2002, p. 77). Intrusion prevention systems can be classified as ahigher evolution intrusion detection system, due to the fact they can bothdetect and make the attempt to prevent the attack from occurring without havingto alert the technician about it.
The best quality of the intrusion preventionsystem is that it searches for common or known intrusion attacks throughout thenetwork and also unknown attacks as well (Rowland, 2002, p. 22). Intrusionprevention systems can be more difficult to implement, but they are a stepabove a simple IDS. Atype of software that is used in cyber security is intrusion detection systemcommonly referred to as IDS (Rowland, 2002, p.
60). Intrusion detection systemis the primary software that is most likely to be associated with cybersecurity. The simplest explanation of what Intrusion detection system actuallydoes is pretty self-explanatory. Intrusion detection system specifically looksfor and analyzes signs of possible intrusions on a network system.
Monitoringtraffic associated with the network it will then identify and alert theinformation technology technicians about the attack in order to help securethat weak point in the network. Intrusion detection systems look for knownsuspicious activity and tracks them down (Rowland, 2002, p. 75). An intrusiondetection system tracks activity that is irregular in the computer network andsends this information to the appropriate professionals to handle (Rowland,2002, p. 63).
It will alert the technician in a variety of manners depending onthe software being used. The majorityof cloud programs or applications have very strong and secure servers, but thatstill will not stop all threats 100 percent (Winterfeld & Andress, 2009, p.90).
The cloud is a newer technologythat allows users to save data onto a server that is located in another place. Mostusers have the full faith and confidence that their information is safe at thislocation as most of the time it is a company that runs these cloud servicessuch as Apple or Microsoft. Although there have been attacks on the cloud, theinformation stored there is relatively safe, this is due to the amount ofpublic outcry whenever an attack succeeds on the cloud.
Backin the 2000’s when online gaming was becoming big due to the introduction ofXbox Live, people would manipulate the network in order to help their team winthe game. This can be viewed as an attack on Xbox Live because they areinfiltrating the network in order to gain profit for themselves. Speaking fromexperience there are also people who would phish information from people inorder to garner access to their account causing the other person to lose theiraccount.
These are just forms of cyber attacks the can be overlooked because itisn’t necessarily somebody going Hollywood and hacking into Xbox Live andstealing other people’s personal information such as credit card and otherpersonal identifiable information. Networkswitches can be useful to helping prevent a physical attack on the network,what I mean by that is an attack that is done by simply plugging the attacker’sown computer into the network. This can be prevented in numerous diverse wayssuch as the command stickymac. Stickymacing a port on a switch just tells thatparticular port on the switch to look for the mac address (the physical addressof the piece of hardware normally found on the network interface card). So whenthe attacker plugs his computer into the switch the port automatically shutsdown preventing any attack on the network.
Now obviously this can becircumvented by spoofing the mac address of that particular hardware. Mostpeople who use the technology that are at risk aren’t always going to be whatmost call computer whizzes, because most people don’t care how the technologyworks, they just care that it does work. That’s why those who help implementsecurity measures are the proverbial Batman’s of the cyber world. Those whowish to do harm know this and will prey on those who aren’t the most savvy withtechnology and use their skills to attack the weak points of a network in orderto get into it and scavenge around for what they truly want. A good way atlooking how Cyber security can be viewed at is hardware and software. A primeexample of hardware relating to cyber security is something that is commonlyknown as a firewall.
Firewalls can come in a hardware form or softwaredepending on the intended usage. Hardware firewalls are going to be used on alarger scale platform because that’s what it was designed to do, it wasdesigned to be the first line of defense in a large scale network such as thatof a business or even school. Multiplecables can be used to connect these devices to the computer network socommunication can transmit between the devices (Winterfeld & Andress, 2009,p. 46). The switches have the ability to operate at one or more layers of theOSI model (Winterfeld & Andress, 2009, p. 50).
What Winterfeld and Andressare talking about here is how network switches can be a part of the networksecurity plan due to their ability to be a multi layered troubleshootingdevice. Overallthere are a few aspects that will be covered during this paper. One of the maintopics to focus on is the technology that is involved with cyber security.Another is weaknesses and primary vulnerabilities of security designs usedthroughout the information technology world.
How does cyber security affect theworld and what is the future of cyber security? Can we ever truly have a securenetwork or are we doomed to being at risk at any given time. Cybersecurity is becoming such a threat that it may be very well one of the toppriorities among governments worldwide. The hard part is keeping up with the ever-evolvingtechnology and the threats that can come along with it. Even today you seepeople taping their webcams on computers because they’re scared of somebodyviewing them at any given time. Cyber security doesn’t just limit itself to acomputer and the internet however, mobile phones, even cars are at threat of a cyber-attack.
With the emergence of self-driving cars the threat of somebody being able totake over the car has to linger amongst all those who help design the vehicle. Youhear all the time of something being the backbone of a particular system, youcan think of cyber security being the immune system of the network. It helpsprotect the network from becoming sick or infected. All networks and datashould be protected at all costs because anything lost can be deemed harmful. Integrityof the computer system is vital to the overall success of cyber security. Cybersecurity is a challenge that everyone will need to overcome in today’s society.Cyber security can be defined in a variety of ways.
One example is that cybersecurity focuses on the protection of computer networks and work stations fromunwanted access. Cyber security can be referred to as information security,cyberspace security, or simply put computer security. Cyber security is one ofthe many focal points amongst the information technology experts. Everybody’slife can be defined as some sort of a virtual dimension, from paying billsonline to playing online video games. Cyber security has been the focal pointfor the past decade but even today in 2018 there is still news of cyberthreats, this just goes to show that cyber security is an ever-evolving threat.The threats can range from phishing attacks to even now another countryinterfering with another country’s elections. The question isn’t how we stopCyber threats, because that is an impossible question to answer because therewill always be the threat.
The question is how we prevent the easy attacks. 28 January 2018Donald WingateAmerican Military UniversityISSC342 Operating Systems:Hardening and SecurityFinal PaperJared Wilmoth