MIS

SECURE NETWORKS
As businesses venture into e-commerce, the need for secure networks is imperative.
Banking and telecommunications are dependent on the availability of reliable and secure
networks. As network connectivity increases at a rate beyond the capacity to implement
controls, market pressures on hardware and software vendors reduce the introduction of
security features and testing prior to products being released. Retrofitting security into
existing systems and applications is difficult, expensive, and, in some cases, impossible
without serious operational impact.
Few organisations understand and qualify specific threats in order to evaluate risks
accurately. The consequences can be extreme. Not only are some threats overlooked, but
also resources and budgets are misapplied to threats that do not exist or have a minimal
impact.
THE THREATS
The technology is changing faster than traditional risk assessment models can adapt to a
new working environment. Organisations are not only increasing the size of their networks
by adding more systems, they are also adding new dimensions of connectivity and
complexity. Back-end business processes such as suppliers, contractors and partners, and
front-end processes such as clients and customers are increasingly integrated into a
seamless network.
To make matters worse, the inherently insecure Internet and underlying telecommunications
infrastructure are the de facto standard when it comes to providing connectivity.
INTERNAL THREATS
They are top priority in terms of security concerns. The definition of internal threats is
broadening. It is no longer about the disgruntled and dissatisfied employee within the
company who misuses confidential information. Its also where users are accessing systems
and data. It is fairly easy to create a small piece of software that will attack the internal
network once it is planted on any computer system within the corporate network.
Distributing the programme can be done by anyone without any special computer skills. In
most cases, the person who installs the malicious software is not aware of it.
WAYS TO HARM
Once a malicious programme has been installed, it can cause harm in various ways. The
most typical mechanisms are:

Gaining user access and pretending to be a legitimate user taking action.

Capturing confidential data for industrial espionage or other purposes.

Destroying corporate data to do financial damage.

Causing network and system shortages to paralyse the companys operations.

OPERATIONAL RISKS
Security threats arising from within are increasing the operational risks of businesses. There
may be a loss of reputation in the esteem of customers, partners and investors. There may
also be a risk of business interruption and violation of legal and regulatory requirements to
protect sensitive customer information. Two other factors are:

Unauthorised access to information where access includes disclosure, modification

and destruction.

Unauthorised users, i.e. individuals who have not been granted the right to access
the system.

MANIPULATION
Social engineering is being used to obtain confidential information by manipulating
legitimate users. It is a new type of internal attack similar to phishing in which a malicious
insiderwith access to company informationtricks other users into providing access to
restricted information.
Social engineers rely on the fact that people are not aware of the value of the information
they possess and are careless about protecting it. These malcontents will search dumpsters
or take advantage of peoples natural inclination to choose passwords that are meaningful to
them (like a close relatives name or date of birth, or names of gods and goddesses) but can
be easily guessed. Social engineering remains a key threat to any security system.
OTHER INTERNAL THREATS
There may be loss of data, data corruption, and backup failures which lead to business
losses.
There may also be embezzlement and theft of Call Detail Records (CDRs). At telcos, internal
users sometimes bypass the usage record from billing for some subscribers by deleting the
CDRs from the database or by changing the programme to overlook those subscribers.

DENTITY THEFT
There may be identity theft of a customers valuable information such as credit card
information, address and date of birth.

Identity theft and fraud are terms used to refer to all types of crime in which someone
wrongfully obtains and uses another persons personal data in some way that involves fraud
or deception, typically for economic gain.
Information used in biometrics (face image, palm print, hand geometry, fingerprint,
iris/retina scan, voice recognition and handwriting) are unique to a person and cannot be
given to someone else for their use. However, personal data, especially a bank account or
credit card number, telephone calling card number, and other valuable identity data can be
used by the wrong people for malicious purposes.
NOT SO INNOCENT
Browsing Web sites and using Web-based e-mail can seem an innocent activity to the user,
but both activities can disrupt normal business activity. There are viruses (e.g. Choke virus)
that are specifically aimed at Instant Messaging (IM) systems. Anti-virus tools at the
gateway do not detect IM, so infected files can seep into the desktop and then into the
network. Also, listening to music leads to a threat from passive viruses.
Sometimes, when a companys log book or notebook is lost, some important information
may be at risk.
OUTSIDE THREATS
External threats are mixed threats that combine multiple characteristics such as worm,
virus, spam and denial of service (DoS). Everyday, hundreds of new ways are discovered by
intruders and hackers. There are more than 30,000 hacking-oriented Web sites, so it no
longer needs a guru to hack a site.
Here are some of the common external threats.

DoS: An attacker may try to flood the system with a large number of messages,
causing a system overload and possibly leading to a denial of service situation where
users are unable to access the service.

Intercept messages: An attacker may intercept and read the content of messages
(including the message origin and final destination, arrival and departure order and
time) exchanged by users.

Viruses and worms: These originate from outside sources, either targeted at the
company or randomly spread on the network through users or the Internet. It leads
to situations such as Web site defacement, and nasty viruses and worms that tunnel
their way into a network and destroy or alter data and applications, and monopolise
system resources by duplicating and spreading themselves.

System disruption: Damage or destruction of physical environment due to fire,

political violence and earthquakes.

An external threat includes:

individuals outside an organization attempting to gain unauthorized access to an

organizations networks using the Internet, other networks, or dial-up modems.
flooding a network with large volumes of access requests so that the network is
unable to respond to legitimate requests, one type of denial-of-service attack.
External threats include: lone hackers, organized crime groups, and government
entities, as well as environmental events such as weather and earthquakes.

External threats can be countered by implementing security controls on the

perimeters of the network, such as firewalls, that limit user access and data
interchange between systems and users within the organization's network and
systems and users outside the network, especially on the Internet.